Formal computer security evaluation criteria that originated in the 1960s when the U.S. government began a research program investigating the security of its initial multiple-user operating systems. Though the developers of operating systems said they were secure, the Tiger Teams or Sneakers completing the security investigation said that this was not true. For this reason, the U.S. Department of Defense began working in the 1970s on what became known as “the Trusted Computer Security Evaluation Criteria,” which delineated the military’s requirements for trusted computer security. Referred to as the “Orange Book” because of the cover’s color, these criteria were initially published in 1983. The current version was published in 1985, and the concept behind the book was to provide levels of trust that any given tested operating system was clear of vulnerabilities that could lead to a security breach.
Consequently, six trust-level ratings were delineated, ranging from C1 (the lowest trust level) to A1 (the highest trust level). Besides the Orange Book, a series of books known as “the rainbow series” also gives trust-level details for networks and databases.
In the 1980s in the United Kingdom, similar developments were under way.
For example, the Department of Trade and Industry noted the need for the delineation of criteria for trusted IT products and systems for the private sector. Consequently, the U.K.’s Commercial Computer Security Centre was charged with developing useful criteria in this regard, and in 1989 the “Green Books” containing such information were published. At about the same time, Germany and France published similar criteria, known respectively as the “Green Book” and the “Blue-White-Red Book.”
After their publication, the United Kingdom, France, Germany, and the Netherlands noted the considerable overlap present in the criteria in the various colored publications. They therefore decided to merge their efforts and produce just one set of criteria. This merger resulted in the 1991 publication of the Information Technology Security Evaluation Criteria (ITSEC). The latter, complemented two years later with a methodology for evaluation, resulted in the publication of the Information Technology Security Evaluation Manual (ITSEM). ITSEC has six assurance levels, with E1 representing the lowest level of assurance and E6 representing the highest level.
During the 1990s, ITSEC had become the most successful computer security evaluation criteria because it had greater flexibility than the Orange Book and was cheaper and easier to use. By March 1998, the United Kingdom, France, Finland, Germany, Greece, the Netherlands, Norway, Portugal, Spain, Sweden, and Switzerland signed an agreement stating that ITSEC certificates given by any of the certification bodies would be recognized by the remaining countries. Finally the European and North American efforts were merged into the Common Criteria. The CC were accepted as ISO standard 15408 in 1999.
See Also: Rainbow Series Books; Organe Book; Tiger Team or Sneakers.
Hayes, K. Common Criteria—A Worldwide Choice. [Online, 1998.] IT Security Website. http://www.itsecurity.com/papers/88.htm.