Rainbow Books

I originally put this list together back in 2004. A lot of the publications are obsolete but it’s still good to know and respect the history.

—-

Orange DoD Trusted Computer System Evaluation Criteria

Green DoD Password Management Guideline

Tan A Guide to Understanding Audit in Trusted Systems

Bright Blue Trusted Product Evaluations - A Guide for Vendors

Neon Orange A Guide to Understanding Discretionary Access Control in Trusted Systems

Teal Green Glossary of Computer Security Terms

Red Trusted Network Interpretation of the TCSEC (TNI)

Amber A Guide to Understanding Configuration Management in Trusted Systems

Burgundy Book A Guide to Understanding Design Documentation in Trusted Systems, 6 October 1988. () see also Process Guidelines for Design Documentation which may supercede parts of this document.

Dark Lavender Book A Guide to Understanding Trusted Distribution in Trusted Systems 15 December 1988.

Venice Blue Book Computer Security Subsystem Interpretation of the TCSEC 16 September 1988. ()

Aqua Book A Guide to Understanding Security Modeling in Trusted Systems, October 1992.

Red Book Trusted Network Interpretation Environments Guideline - Guidance for Applying the TNI, 1 August 1990.

Pink Book RAMP Program Document, 1 March 1995, Version 2

Purple Book Guidelines for Formal Verification Systems, 1 April 1989

Brown Book A Guide to Understanding Trusted Facility Management, 18 October 1989

Yellow-Green Book Guidelines for Writing Trusted Facility Manuals, October 1992.

Light Blue Book A Guide to Understanding Identification and Authentication in Trusted Systems, September 1991.

Light Blue Book A Guide to Understanding Object Reuse in Trusted Systems, July 1992.

Blue Book Trusted Product Evaluation Questionaire, 2 May 1992, Version 2.

Silver Book Trusted UNIX Working Group (TRUSIX) Rationale for Selecting Access Control List Features for the UNIX® System, 7 July 1989.

Purple Book Trusted Database Management System Interpretation of the TCSEC (TDI), April 1991.

Yellow Book A Guide to Understanding Trusted Recovery in Trusted Systems, 30 December 1991.

Bright Orange Book A Guide to Understanding Security Testing and Test Documentation in Trusted Systems

Purple Book A Guide to Procurement of Trusted Systems: An Introduction to Procurement Initiators on Computer Security Requirements, December 1992.

Purple Book A Guide to Procurement of Trusted Systems: Language for RFP Specifications and Statements of Work - An Aid to Procurement Initiators, 30 June 1993.

Purple Book A Guide to Procurement of Trusted Systems: Computer Security Contract Data Requirements List and Data Item Description Tutorial, 28 February 1994. ()

Purple Book A Guide to Procurement of Trusted Systems: How to Evaluate a Bidder’s Proposal Document - An Aid to Procurement Initiators and Contractors

Forest Green Book A Guide to Understanding Data Remanence in Automated Information Systems, September 1991, Version 2, (Supercedes CSC-STD-005-85).

Hot Peach Book A Guide to Writing the Security Features User’s Guide for Trusted Systems, September 1991. ()

Turquoise Book A Guide to Understanding Information System Security Officer Responsibilities for Automated Information Systems, May 1992.

Violet Book Assessing Controlled Access Protection, 25 May 1992.

Blue Book Introduction to Certification and Accreditation Concepts, January 1994.

Light Pink Book A Guide to Understanding Covert Channel Analysis of Trusted Systems, November 1993.