GB/T 20274.2-2008 English PDF (GBT20274.2-2008)
GB/T 20274.2-2008 English PDF (GBT20274.2-2008)
Regular price
$145.00 USD
Regular price
Sale price
$145.00 USD
Unit price
/
per
Delivery: 3 seconds. Download true-PDF + Invoice.
Get QUOTATION in 1-minute: Click GB/T 20274.2-2008
Historical versions: GB/T 20274.2-2008
Preview True-PDF (Reload/Scroll if blank)
GB/T 20274.2-2008: Information security technology -- Evaluation framework for information systems security assurance -- Part 2: Technical assurance
GB/T 20274.2-2008
GB
NATIONAL STANDARD OF THE
PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
Information Security Technology -
Evaluation Framework for Information Systems
Security Assurance -
Part 4. Technical Assurance
ISSUED ON. JULY 18, 2008
IMPLEMENTED ON. DECEMBER 1, 2008
Issued by. General Administration of Quality Supervision, Inspection and
Quarantine of the People's Republic of China;
Standardization Administration of the People's Republic of
China.
Table of Contents
Foreword ... 6
1 Scope ... 7
2 Normative References ... 7
3 Terms and Definitions ... 7
4 Structure of This Part ... 8
5 Information Security Technical Assurance ... 8
5.1 Overview of Security Technical Assurance ... 8
5.2 Security Technology Architecture Capability Level ... 9
5.3 Examples of Security Technical Assurance Control Requirements ... 9
6 Control Structure of Information Security Technical Assurance ... 15
6.1 Overview ... 15
6.2 Module Classification ... 21
7 FAU Class. Security Audit ... 22
7.1 Automatic Response of Security Audit (FAU_ARP) ... 23
7.2 Generation of Security Audit Data (FAU_GEN) ... 24
7.3 Security Audit Analysis (FAU_SAA) ... 25
7.4 Security Audit Review (FAU_SAR) ... 28
7.5 Selection of Security Audit Event (FAU_SEL) ... 30
7.6 Storage of Security Audit Event (FAU_STG) ... 31
8 FCO Class. Communication ... 34
8.1 Non-repudiation of origin (FCO_NRO) ... 34
8.2 Non-repudiation of receipt (FCO_NRR) ... 36
9 FCS Class. Cryptographic Support ... 38
9.1 Key Management (FCS_CKM) ... 39
9.2 Crypto-operation (FCS_COP) ... 41
10 FDP Class. User Data Protection ... 43
10.1 Access Control Policy (FDP_ACC) ... 46
10.2 Access Control Function (FDP_ACF) ... 47
10.3 Data Authentication (FDP_DAU) ... 48
10.4 Output beyond TSF Control (FDP_ETC) ... 50
10.5 Information Flow Control Policy (FDP_IFC) ... 51
10.6 Information Flow Control Function (FDP_IFF) ... 53
10.7 Input from Outside of TSF Control (FDP_ITC) ... 57
10.8 TOE Internal Transmission (FDP_ITT) ... 59
10.9 Residual Information Protection (FDP_RIP) ... 62
10.10 Reversal (FDP_ROL) ... 63
10.11 Stored Data Integrity (FDP_SDI) ... 65
10.12 Confidentiality Protection of User Data Transmission between TSF
(FDP_UCT) ... 66
10.13 Integrity Protection of User Data Transmission between TSF (FDP_UIT) ... 67
11 FIA Class. Identification and Authentication ... 70
11.1 Authentication Failure (FIA_AFL) ... 71
11.2 User Attribute Definition (FIA_ATD) ... 72
11.3 Specification of Secret (FIA_SOS) ... 73
11.4 User Authentication (FIA_UAU) ... 74
11.5 User Identification (FIA_UID) ... 79
11.6 User-Subject Binding (FIA_USB) ... 80
12 FMT Class. Security Management ... 81
12.1 Management of Function in TSF (FMT_MOF) ... 82
12.2 Management of Security Attribute (FMT_MSA) ... 83
12.3 Management of TSF Data (FMT_MTD) ... 86
12.4 Revocation (FMT_REV) ... 88
12.5 Security Attribute Expiration (FMT_SAE) ... 89
12.6 Security Management Role (FMT_SMR) ... 90
13 FPR Class. Secrecy ... 92
13.1 Anonymity (FPR_ANO) ... 92
13.2 Pseudonym (FPR_PSE) ... 93
13.3 Unlinkability (FPR_UNL) ... 95
13.4 Unobservability (FPR_UNO) ... 96
14 FPT Class. TSF Protection ... 98
14.1 Basic Abstract Machine Testing (FPT_AMT) ... 100
14.2 Failure Protection (FPT_FLS) ... 100
14.3 Availability of Output TSF Data (FPT_ITA) ... 101
14.4 Confidentiality of Output TSF Data (FPT_ITC) ... 102
14.5 Integrity of Output TSF Data (FPT_ITI) ... 103
14.6 Transmission of TSF Data in TOE (FPT_ITT) ... 105
14.7 TSF Physical Protection (FPT_PHP) ... 107
14.8 Trusted Recovery (FPT_RCV) ... 109
14.9 Replay Detection (FPT_RPL) ... 112
14.10 Reference Arbitration (FPT_RVM) ... 113
14.11 Domain Separation (FPT_SEP) ... 114
14.12 Status Synchronization Protocol (FPT_SSP) ... 116
14.13 Timestamp (FPT_STM) ... 117
14.14 Consistency of TSF Data between TSF (FPT_TDC) ... 118
14.15 Consistency of TSF Data Replication in TOE (FPT_TRC) ... 119
14.16 TSF Self-test (FPT_TST) ... 119
15 FRU Class. Resource Utilization ... 121
15.1 Fault Tolerance (FRU_FLT) ... 121
15.2 Service Priority (FRU_PRS) ... 122
15.3 Resource Allocation (FRU_RSA) ... 124
16 FTA Class. TOE Access ... 125
16.1 Optional Attribute Scope Restriction (FTA_LSA) ... 126
16.2 Multiple Concurrent Sessions Restriction (FTA_MCS)... 127
16.3 Session Locking (FTA_SSL) ...
Get QUOTATION in 1-minute: Click GB/T 20274.2-2008
Historical versions: GB/T 20274.2-2008
Preview True-PDF (Reload/Scroll if blank)
GB/T 20274.2-2008: Information security technology -- Evaluation framework for information systems security assurance -- Part 2: Technical assurance
GB/T 20274.2-2008
GB
NATIONAL STANDARD OF THE
PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
Information Security Technology -
Evaluation Framework for Information Systems
Security Assurance -
Part 4. Technical Assurance
ISSUED ON. JULY 18, 2008
IMPLEMENTED ON. DECEMBER 1, 2008
Issued by. General Administration of Quality Supervision, Inspection and
Quarantine of the People's Republic of China;
Standardization Administration of the People's Republic of
China.
Table of Contents
Foreword ... 6
1 Scope ... 7
2 Normative References ... 7
3 Terms and Definitions ... 7
4 Structure of This Part ... 8
5 Information Security Technical Assurance ... 8
5.1 Overview of Security Technical Assurance ... 8
5.2 Security Technology Architecture Capability Level ... 9
5.3 Examples of Security Technical Assurance Control Requirements ... 9
6 Control Structure of Information Security Technical Assurance ... 15
6.1 Overview ... 15
6.2 Module Classification ... 21
7 FAU Class. Security Audit ... 22
7.1 Automatic Response of Security Audit (FAU_ARP) ... 23
7.2 Generation of Security Audit Data (FAU_GEN) ... 24
7.3 Security Audit Analysis (FAU_SAA) ... 25
7.4 Security Audit Review (FAU_SAR) ... 28
7.5 Selection of Security Audit Event (FAU_SEL) ... 30
7.6 Storage of Security Audit Event (FAU_STG) ... 31
8 FCO Class. Communication ... 34
8.1 Non-repudiation of origin (FCO_NRO) ... 34
8.2 Non-repudiation of receipt (FCO_NRR) ... 36
9 FCS Class. Cryptographic Support ... 38
9.1 Key Management (FCS_CKM) ... 39
9.2 Crypto-operation (FCS_COP) ... 41
10 FDP Class. User Data Protection ... 43
10.1 Access Control Policy (FDP_ACC) ... 46
10.2 Access Control Function (FDP_ACF) ... 47
10.3 Data Authentication (FDP_DAU) ... 48
10.4 Output beyond TSF Control (FDP_ETC) ... 50
10.5 Information Flow Control Policy (FDP_IFC) ... 51
10.6 Information Flow Control Function (FDP_IFF) ... 53
10.7 Input from Outside of TSF Control (FDP_ITC) ... 57
10.8 TOE Internal Transmission (FDP_ITT) ... 59
10.9 Residual Information Protection (FDP_RIP) ... 62
10.10 Reversal (FDP_ROL) ... 63
10.11 Stored Data Integrity (FDP_SDI) ... 65
10.12 Confidentiality Protection of User Data Transmission between TSF
(FDP_UCT) ... 66
10.13 Integrity Protection of User Data Transmission between TSF (FDP_UIT) ... 67
11 FIA Class. Identification and Authentication ... 70
11.1 Authentication Failure (FIA_AFL) ... 71
11.2 User Attribute Definition (FIA_ATD) ... 72
11.3 Specification of Secret (FIA_SOS) ... 73
11.4 User Authentication (FIA_UAU) ... 74
11.5 User Identification (FIA_UID) ... 79
11.6 User-Subject Binding (FIA_USB) ... 80
12 FMT Class. Security Management ... 81
12.1 Management of Function in TSF (FMT_MOF) ... 82
12.2 Management of Security Attribute (FMT_MSA) ... 83
12.3 Management of TSF Data (FMT_MTD) ... 86
12.4 Revocation (FMT_REV) ... 88
12.5 Security Attribute Expiration (FMT_SAE) ... 89
12.6 Security Management Role (FMT_SMR) ... 90
13 FPR Class. Secrecy ... 92
13.1 Anonymity (FPR_ANO) ... 92
13.2 Pseudonym (FPR_PSE) ... 93
13.3 Unlinkability (FPR_UNL) ... 95
13.4 Unobservability (FPR_UNO) ... 96
14 FPT Class. TSF Protection ... 98
14.1 Basic Abstract Machine Testing (FPT_AMT) ... 100
14.2 Failure Protection (FPT_FLS) ... 100
14.3 Availability of Output TSF Data (FPT_ITA) ... 101
14.4 Confidentiality of Output TSF Data (FPT_ITC) ... 102
14.5 Integrity of Output TSF Data (FPT_ITI) ... 103
14.6 Transmission of TSF Data in TOE (FPT_ITT) ... 105
14.7 TSF Physical Protection (FPT_PHP) ... 107
14.8 Trusted Recovery (FPT_RCV) ... 109
14.9 Replay Detection (FPT_RPL) ... 112
14.10 Reference Arbitration (FPT_RVM) ... 113
14.11 Domain Separation (FPT_SEP) ... 114
14.12 Status Synchronization Protocol (FPT_SSP) ... 116
14.13 Timestamp (FPT_STM) ... 117
14.14 Consistency of TSF Data between TSF (FPT_TDC) ... 118
14.15 Consistency of TSF Data Replication in TOE (FPT_TRC) ... 119
14.16 TSF Self-test (FPT_TST) ... 119
15 FRU Class. Resource Utilization ... 121
15.1 Fault Tolerance (FRU_FLT) ... 121
15.2 Service Priority (FRU_PRS) ... 122
15.3 Resource Allocation (FRU_RSA) ... 124
16 FTA Class. TOE Access ... 125
16.1 Optional Attribute Scope Restriction (FTA_LSA) ... 126
16.2 Multiple Concurrent Sessions Restriction (FTA_MCS)... 127
16.3 Session Locking (FTA_SSL) ...