📄 25-02.html
字号:
</table> </form><!-- LEFT NAV SEARCH END --> </td> <!-- PUB PARTNERS END --><!-- END LEFT NAV --><td rowspan="8" align="right" valign="top"><img src="/images/iswbls.gif" width=1 height=400 alt="" border="0"></td><td><img src="/images/white.gif" width="5" height="1" alt="" border="0"></td><!-- end of ITK left NAV --><!-- begin main content --><td width="100%" valign="top" align="left"><!-- END SUB HEADER -->
<!--Begin Content Column -->
<FONT FACE="Arial,Helvetica" SIZE="-1">
To access the contents, click the chapter and section titles.
</FONT>
<P>
<B>Applied Cryptography, Second Edition: Protocols, Algorthms, and Source Code in C (cloth)</B>
<FONT SIZE="-1">
<BR>
<I>(Publisher: John Wiley & Sons, Inc.)</I>
<BR>
Author(s): Bruce Schneier
<BR>
ISBN: 0471128457
<BR>
Publication Date: 01/01/96
</FONT>
<P>
<form name="Search" method="GET" action="http://search.earthweb.com/search97/search_redir.cgi">
<INPUT TYPE="hidden" NAME="Action" VALUE="Search">
<INPUT TYPE="hidden" NAME="SearchPage" VALUE="http://search.earthweb.com/search97/samples/forms/srchdemo.htm">
<INPUT TYPE="hidden" NAME="Collection" VALUE="ITK">
<INPUT TYPE="hidden" NAME="ResultTemplate" VALUE="itk-full.hts">
<INPUT TYPE="hidden" NAME="ViewTemplate" VALUE="view.hts">
<font face="arial, helvetica" size=2><b>Search this book:</b></font><br>
<INPUT NAME="queryText" size=50 VALUE=""> <input type="submit" name="submitbutton" value="Go!">
<INPUT type=hidden NAME="section_on" VALUE="on">
<INPUT type=hidden NAME="section" VALUE="http://www.itknowledge.com/reference/standard/0471128457/">
</form>
<!-- Empty Reference Subhead -->
<!--ISBN=0471128457//-->
<!--TITLE=APPLIED CRYPTOGRAPHY, SECOND EDITION: Protocols, Algorithms, and Source Code in C//-->
<!--AUTHOR=Bruce Schneier//-->
<!--PUBLISHER=Wiley Computer Publishing//-->
<!--CHAPTER=25//-->
<!--PAGES=599-601//-->
<!--UNASSIGNED1//-->
<!--UNASSIGNED2//-->
<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="25-01.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="25-03.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>
<P><BR></P>
<H3><A NAME="Heading3"></A><FONT COLOR="#000077">25.2 National Computer Security Center (NCSC)</FONT></H3>
<P>The National Computer Security Center, a branch of the NSA, is responsible for the government’s trusted computer program. Currently, the center evaluates commercial security products (both hardware and software), sponsors and publishes research, develops technical guidelines, and generally provides advice, support, and training.
</P>
<P>The NCSC publishes the infamous “Orange Book” [465]. Its actual title is the <I>Department of Defense Trusted Computer System Evaluation Criteria</I>, but that’s a mouthful to say and the book has an orange cover. The Orange Book attempts to define security requirements, gives computer manufacturers an objective way to measure the security of their systems, and guides them as to what to build into their secure products. It focuses on computer security and doesn’t really say a lot about cryptography.</P>
<P>The Orange Book defines four broad divisions of security protection. It also defines classes of protection within some of those divisions. They are summarized in Table 25.2.</P>
<TABLE WIDTH="75%"><TH CAPTION ALIGN="CENTER" COLSPAN="3">Table 25.1<BR>CCEP Modules
<TR>
<TD COLSPAN="3"><HR>
<TR>
<TH WIDTH="25%" VALIGN="TOP" ALIGN="LEFT">Application
<TH WIDTH="25%" VALIGN="TOP" ALIGN="LEFT">Type I
<TH WIDTH="25%" VALIGN="TOP" ALIGN="LEFT">Type II
<TR>
<TD COLSPAN="3"><HR>
<TR>
<TD VALIGN="TOP" ALIGN="LEFT">Voice/low-speed data
<TD VALIGN="TOP" ALIGN="LEFT">Winster
<TD VALIGN="TOP" ALIGN="LEFT">Edgeshot
<TR>
<TD VALIGN="TOP" ALIGN="LEFT">Computer
<TD VALIGN="TOP" ALIGN="LEFT">Tepache
<TD VALIGN="TOP" ALIGN="LEFT">Bulletproof
<TR>
<TD VALIGN="TOP" ALIGN="LEFT">High-speed data
<TD VALIGN="TOP" ALIGN="LEFT">Foresee
<TD VALIGN="TOP" ALIGN="LEFT">Brushstroke
<TR>
<TD VALIGN="TOP" ALIGN="LEFT">Next Generation
<TD VALIGN="TOP" ALIGN="LEFT">Countersign I
<TD VALIGN="TOP" ALIGN="LEFT">Countersign II
<TR>
<TD COLSPAN="3"><HR>
</TABLE>
<P>Sometimes manufacturers say things like “we have C2 security.” This is what they’re talking about. For more information on this, read [1365]. The computer security model used in these criteria is called the Bell-LaPadula model [100,101,102,103].
</P>
<P>The NCSC has published a whole series of books on computer security, sometimes called the Rainbow Books (all the covers have different colors). For example, <I>Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria</I> [1146], sometimes called the “Red Book,” interprets the Orange Book for networks and network equipment. The <I>Trusted Database Management System Interpretation of the Trusted Computer System Evaluation Criteria</I> [1147]—I can’t even begin to describe the color of that cover—does the same for databases. There are now over 30 of these books, some with hideously colored covers.</P>
<P>For a complete set of the Rainbow Books, write Director, National Security Agency, INFOSEC Awareness, Attention: C81, 9800 Savage Road, Fort George G. Meade, MD 20755-6000; (410) 766-8729. Don’t tell them I sent you.</P>
<H3><A NAME="Heading4"></A><FONT COLOR="#000077">25.3 National Institute of Standards and Technology (NIST)</FONT></H3>
<P>The NIST is the National Institute of Standards and Technology, a division of the U.S. Department of Commerce. Formerly the NBS (National Bureau of Standards), it changed its name in 1988. Through its Computer Systems Laboratory (CSL), NIST promotes open standards and interoperability that it hopes will spur the economic development of computer-based industries. To this end, NIST issues standards and guidelines that it hopes will be adopted by all computer systems in the United States. Official standards are published as FIPS (Federal Information Processing Standards) publications.
</P>
<P>If you want copies of any FIPS (or any other NIST publication), contact National Technical Information Service (NTIS), U.S. Department of Commerce, 5285 Port Royal Road, Springfield, VA 22161; (703) 487-4650; or visit gopher://csrc.ncsl.nist.gov.</P>
<P>When Congress passed the Computer Security Act of 1987, NIST was mandated to define standards for ensuring the security of sensitive but unclassified information in government computer systems. (Classified information and Warner Amendment data are under the jurisdiction of the NSA.) The Act authorizes NIST to work with other government agencies and private industry in evaluating proposed technology standards.</P>
<TABLE WIDTH="80%"><TH CAPTION ALIGN="CENTER" COLSPAN="2">Table 25.2<BR>Orange Book Classifications
<TR>
<TD COLSPAN="2"><HR>
<TR>
<TD WIDTH="5%">
<TD VALIGN="TOP" ALIGN="LEFT">
<TR>
<TD COLSPAN="2" VALIGN="TOP" ALIGN="LEFT">D: Minimal Security<BR>C: Discretionary Protection
<TR>
<TD VALIGN="TOP" ALIGN="LEFT">
<TD VALIGN="TOP" ALIGN="LEFT">C1: Discretionary Security Protection<BR>C2: Controlled Access Protection
<TR>
<TD COLSPAN="2" VALIGN="TOP" ALIGN="LEFT">B: Mandatory Protection
<TR>
<TD VALIGN="TOP" ALIGN="LEFT">
<TD VALIGN="TOP" ALIGN="LEFT">B1: Labeled Security Protection<BR>B2: Structured Protection<BR>B3: Security Domains
<TR>
<TD COLSPAN="2" VALIGN="TOP" ALIGN="LEFT">A: Verified Protection
<TR>
<TD VALIGN="TOP" ALIGN="LEFT">
<TD VALIGN="TOP" ALIGN="LEFT">A1: Verified Design
<TR>
<TD COLSPAN="2"><HR>
</TABLE>
<P>NIST issues standards for cryptographic functions. U.S. government agencies are required to use them for sensitive but unclassified information. Often the private sector adopts these standards as well. NIST issued DES, DSS, SHS, and EES.
</P>
<P>All these algorithms were developed with some help from the NSA, ranging from analyzing DES to designing DSS, SHS, and the Skipjack algorithm in EES. Some people have criticized NIST for allowing the NSA to have too much control over these standards, since the NSA’s interests may not coincide with those of NIST. It is unclear how much actual influence NSA has on the design and development of the algorithms. Given NIST’s limited staff, budget, and resources, NSA’s involvement is probably considerable. NSA has significant resources to contribute, including a computer facility second-to-none.</P><P><BR></P>
<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="25-01.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="25-03.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>
[an error occurred while processing this directive]
<!-- all of the reference materials (books) have the footer and subfoot reveresed --><!-- reference_subfoot = footer --><!-- reference_footer = subfoot --><!-- BEGIN SUB FOOTER --> <br><br> </TD> </TR> </TABLE> <table width="640" border=0 cellpadding=0 cellspacing=0> <tr> <td align="left" width=135><img src="/images/white.gif" width=100 height="1" alt="" border="0"></td> <!-- END SUB FOOTER -->
<!-- all of the books have the footer and subfoot reveresed --><!-- reference_subfoot = footer --><!-- reference_footer = subfoot --><!-- FOOTER --> <td width="515" align="left" bgcolor="#FFFFFF"><font face="arial, helvetica" size="1"><b><a href="/products.html"><font color="#006666">Products</font></a> | <a href="/contactus.html"><font color="#006666">Contact Us</font></a> | <a href="/aboutus.html"><font color="#006666">About Us</font></a> | <a href="http://www.earthweb.com/corporate/privacy.html" target="_blank"><font color="#006666">Privacy</font></a> | <a href="http://www.itmarketer.com/" target="_blank"><font color="#006666">Ad Info</font></a> | <a href="/"><font color="#006666">Home</font></a></b> <br><br> Use of this site is subject to certain <a href="/agreement.html">Terms & Conditions</a>, <a href="/copyright.html">Copyright © 1996-1999 EarthWeb Inc.</a><br> All rights reserved. Reproduction whole or in part in any form or medium without express written permision of EarthWeb is prohibited.</font><p></td> </tr></table></BODY></HTML><!-- END FOOTER -->
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -