devine@vianet.UUCP (Bob Devine) (03/05/87)
From "Electronics" March 5, 87 comes the following bit about how your tax dollars are hard at work: The National Security Agency may muddy up the already clouded market for security products when it publishes a new list of "endorsed and preferred" computer and communications security devices and vendors. The new "Information Systems Security Products and Services" will supplement, but not supercede, the Defense Department's "DOD Standard - Trusted Computer Systems Evaluation Criteria", also known as the Orange Book, which describes the Pentagon's criteria for classifying hardware and software and includs an apparently outdated evaluated products list. The new book may be out by the end of the month. The NSA's National Computer Security Center also has been working on an appendix to the Orange Book that would, for the first time, cover security-product standards for local- and wide-area networks. Meanwhile, NATO plans to write its own standards for secure computer and communication devices, apparently in conflict with the Orange Book. This last paragraph should prove to be interesting in light of the NBS's push with GOSIP for OSI networks and DOD's long-time backing of the TCP/IP suite. Bob Devine