National Computer Security Center
Home > Security Definitions - National Computer Security Center
SearchSecurity.com Definitions (Powered by WhatIs.com)
EMAIL THIS
LOOK UP TECH TERMS Powered by: WhatIs.com
Search listings for thousands of IT terms:
Browse tech terms alphabetically:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

National Computer Security Center

Show me everything on Web Application Security

DEFINITION - The National Computer Security Center (NCSC) is a U.S. government organization within the National Security Agency (NSA) that evaluates computing equipment for high security applications to ensure that facilities processing classified or other sensitive material are using trusted computer systems and components. NCSC was founded in 1981 as the Department of Defense Computer Security Center and changed to its current name in 1985. The organization works with industry, education, and government agency partners to promote research and standardization efforts for secure information system development. The NCSC also functions in an educational capacity to disseminate information about issues surrounding secure computing, most significantly through its annual National Information Systems Security Conference.

The NCSC's computer evaluation program is carried out by another NSA organization, the Trusted Product Evaluation Program (TPEP), which tests commercial products against a comprehensive set of security-related criteria. NCSC issued the first Department of Defense (DoD) Trusted Computer System Evaluation Criteria (TCSEC) in August, 1983. The document, more commonly referred to as the "orange book," was reissued in 1985 as a DoD standard that included the stated goals of providing manufacturers with security-related standards regarding features for inclusion in products, and providing DoD components with information about security metrics for the evaluation of trust levels to be accorded various products used for processing sensitive material.

Learn more about Web Application Security
Web application attacks security guide: Preventing attacks and flaws: This guide explains how Web application attacks occur, identifies Web application attacks, and provides Web application security tools and tactics to protect against them.
Web application attacks security guide: Preventing attacks and flaws: This guide explains how Web application attacks occur, identifies Web application attacks, and provides Web application security tools and tactics to protect against them.
Information security book excerpts and reviews: Visit the Information Security Bookshelf for book reviews and free chapter downloads.
Quiz: Could you detect an application attack?: Test your application security awareness, review common application attacks and learn how to improve application layer logging to detect and protect against these attacks.
State-based attacks: Session management: This excerpt reviews session management techniques developers can use to protect against session hijacking and other Web application attacks.
Content Spoofing: This excerpt from "Preventing Web Attacks with Apache" explains how content spoofing attacks exploit vulnerabilities and how to use Apache to protect against them.

LAST UPDATED: 13 Apr 2005

Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com

More resources from around the web:
- The NSA has a Web page about the National Computer Security Center.
- TPEP offers more information about their evaluation process.
- SearchSecurity.com provides links to more about the National Computer Security Center.





FILE EXTENSION AND FILE FORMAT LIST
File Extension and File Format List:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #


RELATED CONTENT
Attackers zero in on Web application vulnerabilities
Secure coding and vulnerability scanning could mitigate many Web application attacks
Self-defending Web applications thwart attacks
Michael Coates, a volunteer with OWASP, is leading a project that helps developers inject code into applications to give them self-defense mechanisms.
Facebook, McAfee partner to fix social network security issues
Facebook beefs up its account remediation process with a free malware scanning tool, security education and a free antivirus trial followed by a...

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
anonymous Web surfing  (SearchSecurity.com)
buffer overflow  (SearchSecurity.com)




Get More National Computer Security Center Answers
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2010, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts