The IT Law Wiki

Orange Book

32,062pages on
this wiki
Add New Page
Add New Page Talk0

CD standard Edit

Orange Book refers to the format that enables CD-R drives to record discs that regular CD-ROM players can read. The Orange Book defines how CD-R devices can append index data to an existing disc's directory if data is added to the disc over multiple sessions.

Security Edit

Named because of the color of its cover, the Orange Book was the DoD Trusted Computer System Evaluation Criteria (DoD 5200.28-STD). It provided the information needed to classify computer systems as security levels of A, B, C, or D, defining the degree of trust that may be placed in them. It was "intended to guide commercial system production generally and thereby improve the security of systems in use."[1]

Traditional criteria for secure systems, as specified in the 'Orange Book,' have not been successes. They do not capture current needs or models of computation. Worse yet, they have largely failed in the marketplace; very few customers actually bought Orange Book-rated systems, even when they were available.[2]
Another key failing of the Orange Book approach to security included its omission

of networking concerns.[3]

References Edit

  1. Cybersecurity Today and Tomorrow: Pay Now or Pay Later, at 9, n.14.
  2. Information Technology for Counterterrorism: Immediate Actions and Future Possibilities, at 46.
  3. Id. at 46 n.29.

Also on Fandom

Random Wiki