The Rainbow Book List

OrangeDoD Trusted Computer System Evaluation Criteria

GreenDoD Password Management Guideline

TanA Guide to Understanding Audit in Trusted Systems

Bright BlueTrusted Product Evaluations – A Guide for Vendors

Neon OrangeA Guide to Understanding Discretionary Access Control in Trusted Systems

Teal GreenGlossary of Computer Security Terms

RedTrusted Network Interpretation of the TCSEC (TNI)

AmberA Guide to Understanding Configuration Management in Trusted Systems


A Guide to Understanding Design Documentation in Trusted Systems, 6 October 1988. (Burgundy Book)see also Process Guidelines for Design Documentation which may supercede parts of this document.


A Guide to Understanding Trusted Distribution in Trusted Systems 15 December 1988. (Dark Lavender Book)


Computer Security Subsystem Interpretation of the TCSEC 16 September 1988. (Venice Blue Book)


A Guide to Understanding Security Modeling in Trusted Systems, October 1992. (Aqua Book)


Trusted Network Interpretation Environments Guideline – Guidance for Applying the TNI, 1 August 1990. (Red Book)

NCSC-TG-013 Ver.2

RAMP Program Document, 1 March 1995, Version 2 (Pink Book)


Guidelines for Formal Verification Systems, 1 April 1989. (Purple Book)


A Guide to Understanding Trusted Facility Management, 18 October 1989 (Brown Book)


Guidelines for Writing Trusted Facility Manuals, October 1992. (Yellow-Green Book)


A Guide to Understanding Identification and Authentication in Trusted Systems, September 1991. (Light Blue Book)


A Guide to Understanding Object Reuse in Trusted Systems, July 1992. (Light Blue Book)

NCSC-TG-019 Ver. 2

Trusted Product Evaluation Questionaire, 2 May 1992, Version 2. (Blue Book)


Trusted UNIX Working Group (TRUSIX) Rationale for Selecting Access Control List Features for the UNIX® System, 7 July 1989. (Silver Book)


Trusted Database Management System Interpretation of the TCSEC (TDI), April 1991. (Purple Book)


A Guide to Understanding Trusted Recovery in Trusted Systems, 30 December 1991. (Yellow Book)

Unsupervised Learning — Security, Tech, and AI in 10 minutes…

Get a weekly breakdown of what's happening in security and tech—and why it matters.


A Guide to Understanding Security Testing and Test Documentation in Trusted Systems (Bright Orange Book)see also Process Guidelines for Test Documentation which may supercede parts of this document.

NCSC-TG-024 Vol. 1/4

A Guide to Procurement of Trusted Systems: An Introduction to Procurement Initiators on Computer Security Requirements, December 1992. (Purple Book)

NCSC-TG-024 Vol. 2/4

A Guide to Procurement of Trusted Systems: Language for RFP Specifications and Statements of Work – An Aid to Procurement Initiators, 30 June 1993. (Purple Book)

NCSC-TG-024 Vol. 3/4

A Guide to Procurement of Trusted Systems: Computer Security Contract Data Requirements List and Data Item Description Tutorial, 28 February 1994. (Purple Book)

NCSC-TG-024 Vol. 4/4

A Guide to Procurement of Trusted Systems: How to Evaluate a Bidder’s Proposal Document – An Aid to Procurement Initiators and Contractors (Purple Book) (publication TBA)

NCSC-TG-025 Ver. 2

A Guide to Understanding Data Remanence in Automated Information Systems, September 1991, Version 2, (Supercedes CSC-STD-005-85). (Forest Green Book)


A Guide to Writing the Security Features User’s Guide for Trusted Systems, September 1991. (Hot Peach Book)


A Guide to Understanding Information System Security Officer Responsibilities for Automated Information Systems, May 1992. (Turquoise Book)


Assessing Controlled Access Protection, 25 May 1992. (Violet Book)


Introduction to Certification and Accreditation Concepts, January 1994. (Blue Book)


A Guide to Understanding Covert Channel Analysis of Trusted Systems, November 1993. (Light Pink Book)

Related posts: