Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 6. Domain 5: Security architectu... > Evaluation Methods, Certification, a...

Evaluation Methods, Certification, and Accreditation

Evaluation methods and criteria are designed to gauge the real-world security of systems and products. The Trusted Computer System Evaluation Criteria (TCSEC, aka the Orange Book), is the granddaddy of evaluation models, developed by the U.S. Department of Defense in the 1980s. Other international models have followed, including ITSEC and the Common Criteria.

When choosing security products, how do you know which is best? How can a security professional know that the act of choosing and using a specific vendor’s software will not introduce malicious code? How can a security professional know how well the software was tested and what the results were? TCSEC, ITSEC, and the Common Criteria were designed to answer those questions.


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint