The Orange Book


In the past 10 years, there has been a surge in personnel who have entered the cybersecurity field. This article argues that the Department of Defense’s “Rainbow Series” of books for information security is still relevant today for informing the expertise of both new and experienced information security professionals. The Rainbow Series is composed of 27 Department of Defense books where each book in a series is a different color, hence the name “Rainbow Series.” One book in particular, Trusted Computer System Evaluation Criteria, also known as the “Orange Book” is still used as a reference for security assessments today. Although the Orange Book may seem ancient due to its publication date in the 1980s, the Orange Book could have predicted the problems we have today with ransomware and trojan horses.

Read Full Article »

Show comments Hide Comments

Related Articles