Orange Book

An agent that is trusted and authorized to issue certificates to approved vendors and contractors for the purpose of enabling secure interoperability with DoD entities. Operating requirements for ECAs must be approved by the DoD CIO, in coordination with the DoD Comptroller and the DoD General Counsel.
[view]

A security development standard for system manufacturers and a basis for comparing and evaluating different computer systems. Also known as the Orange Book.
[view]

Common Criteria specification that represents a set of security requirements to be used as the basis of an evaluation of an identified Target of Evaluation (TOE). The evaluation element from the Common Criteria for information technology security evaluation in which a vendor states the security features of its product.
[view]

<p>International Standard ISO/IEC 5408, Common Criteria for Information Technology Security Evaluation<br></p><p>Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard and repeatable manner at a level that is commensurate with the target environment for use<br></p>
[view]

A list of equipment, hardware, software, and firmware that have been evaluated against, and found to be technically compliant, at a particular level of trust, with the DoD TCSEC by the NCSC. The EPL is included in the National Security Agency Information Systems Security Products and Services Catalogue, which is available through the Government Printing Office.
[view]