From the course: CISSP Cert Prep (2021): 3 Security Architecture and Engineering

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Security evaluation models

Security evaluation models

From the course: CISSP Cert Prep (2021): 3 Security Architecture and Engineering

Start my 1-month free trial

Security evaluation models

- [Instructor] The government is by necessity very serious about cyber security. And it's had rigorous cybersecurity programs in place for decades. Long before the private sector began considering information security issues, in order to manage the complexity of securing many diverse systems, the government developed standardized evaluation models designed to help them understand the security requirements of different situations, and the security capabilities of different products. In 1983 the National Security Agency issued the Trusted Computer System Evaluation Criteria abbreviated TCSEC. Now the security community quickly discarded that bulky name and began referring to this book by the distinctive color of its cover, calling it the Orange Book. The Orange Book described the security requirements that the department of defense used for computer systems and the process that the government will follow when evaluating…

Contents