RE: C2 security standards
From: Zuska, John (zuska.j@ic.grainger.com)Date: 05/24/02
- Previous message: Leonardo Pereira Guimaraes: "ICMP_MASKREQ"
- Maybe in reply to: Juan Ignacio Trentalance: "C2 security standards"
- Next in thread: Juan Ignacio Trentalance: "RE: C2 security standards"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Zuska, John" <zuska.j@ic.grainger.com> To: "'focus-sun@securityfocus.com'" <focus-sun@securityfocus.com> Date: Fri, 24 May 2002 10:27:41 -0500
I found this information off of Sun's website.
"C2 Auditing, also called Controlled Access Protection, can produce a more
detailed audit report. The Department of Defense defined C2 auditing as part
of it's guidelines for various levels of computer security in the 1980's.
These requirements are outlined in the Orange Book or Trusted Computer
Systems Evaluation Criteria (TC-SEC). Security levels are listed starting
with D for the lowest, up to A1 for the highest. The National Computer
Security Center (NCSC) evaluates systems based on this criteria."
additionally the NCSC papers are availible here
http://www.radium.ncsc.mil/tpep/library/rainbow/5200.28-STD.html
and
http://www.radium.ncsc.mil/tpep/library/rainbow/NCSC-TG-005.html
-John Zuska
UNIX System Administrator
Grainger E-Business
- Previous message: Leonardo Pereira Guimaraes: "ICMP_MASKREQ"
- Maybe in reply to: Juan Ignacio Trentalance: "C2 security standards"
- Next in thread: Juan Ignacio Trentalance: "RE: C2 security standards"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
