Appendix E contains an extensive bibliography with even more pointers to security books than this FAQ contains.
A videotape of the "NOVA" (PBS's Science Program on TV) episode that explained/reenacted this story is available from PBS Home Video. They have a toll-free 800 number within North America.
I believe that this program was aired on the BBC's "HORIZON" program, and thus will be available from BBC Enterprises, but I haven't checked this out yet - AEM
INFOSEC Awareness Office National Computer Security Centre 9800 Savage Road Fort George G. Meade, MD 20755-6000 Tel +1 301 766-8729If you ask to be put on the mailing list, you'll get a copy of each new book as it comes out (typically a couple a year).
I was told that this offer is only valid for US citizens ("We only send this stuff to a US postal address"). Non-US people have to PAY to get hold of these documents. They can be ordered from NTIS, the National Technical Information Service:
NTIS, 5285 Port Royal Rd, Springfield VA 22151, USA order dept phone: +1-703-487-4650, fax +1-703-321-8547The ITSEC (Information Technology Security Evaluation Criteria) is a harmonized document developed by the British, German, French, and Netherlands governments. It separates functional and assurance requirements, and has many other differences from the TCSEC.
You can get your copy (again, free/gratis) by writing:
Commission of the European Communities Directorate XIII/F SOG-IS Secretariat Rue de la Loi 200 B-1049 BRUSSELS BelgiumAlso note that NCSC periodically publish an "Evaluated Products List" which is the definitive statement of which products have been approved at what TCSEC level under which TCSEC interpretations. This is useful for separating the output of marketdroids from the truth.
These are all available for FTP browsing from "cert.sei.cmu.edu".