| Date: Thu, 26 Jul 2007 22:03:34 +0000
| From: Michael Watterson <watty at eircom.net>
| I'm sure it's not the NSA.
my recollection is most of the books (the notable
exception being the CIA's Red White & Blue book)
were available from the NBS (now(?) called NIST),
albeit the NSA was involved with the authorship.
( I have this very vague recollection the earliest
versions were from the NSA, but because the NSA is
secretive (they were the spooks who used to deny
their own existence), and the point was to improve
security of and in commercial ventures (software
and businesses) as well as the government (not just
the DoD), distribution responsibility was transfered
to the NBS, who are the exact opposite. )
|[ ... ]
| I presume you mean like Red book CD Audio, White Book VCD etc ..
NO. “InfoSec” (Andrew's new job) is US-DoD (military)
shorthand for “Information Security”. in DoD/NSA-land
that means keeping everything Top Secret, and keeping
the Top Secret stuff really secret. the various books
we are talking about are guidelines (NOT standards)
for how to do that. (most are really boring as well.)
the core book is the Orange Book for standalone systems,
with the Yellow Book (for networking) being the most(?)
important extension. those two are rather theoretical,
as in mathematics-type theoretical, and are intended for
systems designers (architects), albeit there are other
books for (end?-)users, administrators, MP (military
police) types, and so on.
the books are so-called because of the colour of
the (original?) covers. which, as I recall, was
an accident (the printers had a large stock of
orange paper, or something like that).
| Brian Foster wrote:
| > | Date: Thu, 26 Jul 2007 13:11:16 +0100
| > | From: "Andrew Court" <syklops at gmail.com>
| > |
| > | Starting a new job in InfoSec on tuesday, and I would get
| > | a real kick out of having some of the Rainbow Series books
| > | on my desk. [ ... ]
▶ ▶ I AM CURRENTLY LOOKING FOR A JOB! ◀ ◀ | Brian Foster
Experienced (>25 yrs) software engineer: | Montpellier, FRANCE
• Unix, Linux, embedded, design-for-test; | Stop E$$o (ExxonMobile)!
• Software/hardware co-design, debugging; | http:/www.stopesso.com
• Kernels, drivers, filesystems, &tc; Résumé (CV) & contact details:
• IDL, automated testing, process, &tc. http://www.blf.utvinternet.ie
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!