Skip to product information
1 of 12

PayPal, credit cards. Download editable-PDF and invoice in 1 second!

GB/T 20270-2006 English PDF (GBT20270-2006)

GB/T 20270-2006 English PDF (GBT20270-2006)

Regular price $145.00 USD
Regular price Sale price $145.00 USD
Sale Sold out
Shipping calculated at checkout.
Quotation: In 1-minute, 24-hr self-service. Click here GB/T 20270-2006 to get it for Purchase Approval, Bank TT...

GB/T 20270-2006: Information security technology -- Basis security techniques requirement for network

This Standard specifies basis security techniques requirements necessary for network system of every security grade according to the division of five security protection grades in GB 17859-1999 and the roles of network system in information system.
GB/T 20270-2006
GB
NATIONAL STANDARD OF THE
PEOPLE REPUBLIC OF CHINA
ICS 35.040
L 80
Information Security Technology ?€?
Basis Security Techniques Requirement for Network
ISSUED ON. MAY 31, 2006
IMPLEMENTED ON. DECEMBER 1, 2006
Issued by. General Administration of Quality Supervision, Inspection
and Quarantine;
Standardization Administration of the People's Republic
of China.
Table of Contents
Foreword ... 5
Introduction ... 6
1 Scope ... 8
2 Normative References ... 8
3 Terms, Definitions and Abbreviations ... 8
3.1 Terms and definitions??...??8
3.2 Abbreviation??...??10
4 Composition and Interrelationship of Network Security ... 10
5 Basic Requirements for Network Security Function ... 12
5.1 Identity Authentication??...??12
5.1.1 User Identification??...??12
5.1.2 User Authentication??...??12
5.1.3 User-Subject Binding??...??12
5.1.4 Authentication Failure Handling??...??12
5.2 Discretionary Access Control??...??13
5.2.1 Access Control Policy??...??13
5.2.2 Access Control Function??...??13
5.2.3 Scope of Access Control??...??13
5.2.4 Granularity of Access Control??...??13
5.3 Tag??...??14
5.3.1 Subject Tag??...??14
5.3.2 Object Tag??...??14
5.3.3 Tag Integrity??...??14
5.3.4 Output of Information with Tag??...??14
5.4 Mandatory Access Control??...??15
5.4.1 Access Control Policy??...??15
5.4.2 Access Control Function??...??15
5.4.3 Scope of Access Control??...??16
5.4.4 Granularity of Access Control??...??16
5.4.5 Access Control Environment??...??16
5.5 Data Flow Control??...??16
5.6 Security Audit??...??16
5.6.1 Response of Security Audit??...??16
5.6.2 Generation of Security Audit Data??...??17
5.6.3 Security Audit Analysis??...??17
5.6.4 Security Audit Consult??...??18
5.6.5 Selection of Security Audit Event??...??18
5.6.6 Storage of Security Audit Event??...??18
5.7 User Data Integrity??...??19
5.7.1 Integrity of Storage Data??...??19
5.7.2 Integrity of Transmitted Data??...??19
5.7.3 Integrity of Processed Data??...??19
5.8 User Data Confidentiality??...??19
5.8.1 Confidentiality of Storage Data??...??19
5.8.2 Confidentiality of Transmitted Data??...??20
5.8.3 Reusing of Object Security??...??20
5.9 Trusted Path??...??20
5.10 Non-repudiation??...??20
5.10.1 Non-repudiation of Origin??...??20
5.10.2 Non-repudiation of Receipt??...??21
5.11 Network Security Monitoring??...??21
6 Requirements for Network Security Function at Each Grade and Layer ... 21 6.1 Identity Authentication Function??...??21
6.2 Discretionary Access Control Function??...??23
6.3 Tag Function??...??25
6.4 Mandatory Access Control Function??...??26
6.5 Data Flow Control Function??...??27
6.6 Security Audit function??...??27
6.7 Protection Function of User Data Integrity??...??28
6.8 User Data Confidentiality Protection Function??...??30
6.9 Trusted path function??...??31
6.10 Non-repudiation Function??...??31
6.11 Network Security Monitoring Function??...??32
7 Grading Requirements for Network Security Technology ... 33
7.1 Grade 1. the User's Discretionary Protection Grade??...??33
7.1.1 Grade 1 Security Function Requirements??...??33
7.1.2 Grade 1 Security Assurance Requirements??...??35
7.2 Grade 2. System Audit Protection Grade??...??36
7.2.1 Grade 2 Security Function Requirements??...??36
7.2.2 Grade 2 Security Assurance Requirements??...??39
7.3 Grade 3. Security Tag Protection Grade??...??40
7.3.1 Grade 3 Security Function Requirements??...??40
7.3.2 Grade 3 Security Assurance Requirements??...??46
7.4 Grade 4. Structured Protection Grade??...??47
7.4.1 Grade 4 Security Function Requirements??...??47
7.4.2 Grade 4 Security Assurance Requirements??...??53
7.5 Grade 5. Access Verification Protection Grade??...??54
7.5.1 Grade 5 Security Function Requirements??...??54
7.5.2 Grade 5 Security Assurance Requirements??...??60
Appendix A ... 62
A.1 Composition and Interrelationship??...??62
A.2 Description about the Main Fun...

View full details