Skip to product information
1 of 5

PayPal, credit cards. Download editable-PDF and invoice in 1 second!

GB/T 35787-2017 English PDF (GBT35787-2017)

GB/T 35787-2017 English PDF (GBT35787-2017)

Regular price $85.00 USD
Regular price Sale price $85.00 USD
Sale Sold out
Shipping calculated at checkout.
Quotation: In 1-minute, 24-hr self-service. Click here GB/T 35787-2017 to get it for Purchase Approval, Bank TT...

GB/T 35787-2017: Security technical requirement for the read-write equipment of the electronic identification of motor vehicles

This Standard specifies the general security requirements, manufacturing and scrap disposal of the read-write equipment of the electronic identification of motor vehicles. This Standard is applicable to the design, development, test and application of the read-write equipment and application system of the electric identification of motor vehicles.
GB/T 35787-2017
GB
NATIONAL STANDARD OF THE
PEOPLE REPUBLIC OF CHINA
ICS 35.240.15
L 80
Security Technical Requirement for the
Read-write Equipment of the Electronic
Identification of Motor Vehicles
ISSUED ON. DECEMBER 29, 2017
IMPLEMENTED ON. JULY 1, 2018
Issued by. General Administration of Quality Supervision, Inspection and Quarantine;
Standardization Administration of the PEOPLE Republic of
China.
Table of Contents
Foreword ... 3
1 Scope ... 4
2 Normative References ... 4
3 Terms and Definitions ... 4
4 Abbreviations ... 5
5 General Requirements ... 5
5.1 Requirements of Communication Security ... 5
5.2 Basic Structure ... 5
5.3 Cryptographic Algorithm ... 6
5.4 Key Management ... 6
5.5 Confidentiality ... 6
5.6 Integrity ... 6
5.7 Non-repudiation ... 6
5.8 Identity Authentication ... 7
5.9 Access Control ... 7
5.10 Audit Record ... 8
6 Manufacturing and Scrap Disposal ... 8
6.1 Manufacturing ... 8
6.2 Scrap Disposal ... 8
Foreword
This Standard was drafted in accordance with the rules in GB/T 1.1-2009. Please be noted that certain content in this document might involve patents. The institution that issues this document does not undertake the responsibility of identifying these patients.
This Standard was proposed by and shall be under the jurisdiction of The Ministry of Public Security of the PEOPLE Republic of China.
The drafting organizations of this Standard. Traffic Management Research Institute of the Ministry of Public Security, China Electronics Standardization Institute, RAY-LINKS (Beijing) Technologies Co., Ltd., National Quality Supervision and Testing Center for RFID Products, National Road Traffic Safety Product Quality Supervision and Inspection Center.
The main drafters of this Standard. Liu Dongbo, Huangjin, Hu Jiabin, Xu Minjie, Fang Wangsheng, Gaolin, Guanchao, Li Zhuofan, Yangyong, Daijia.
Security Technical Requirement for the
Read-write Equipment of the Electronic
Identification of Motor Vehicles
1 Scope
This Standard specifies the general security requirements, manufacturing and scrap disposal of the read-write equipment of the electronic identification of motor vehicles. This Standard is applicable to the design, development, test and application of the read-write equipment and application system of the electric identification of motor vehicles.
2 Normative References
The following documents are indispensable to the application of this Standard. In terms of references with a specified date, only versions with a specified date are applicable to this Standard. The latest version (including all the modifications) of references without a specified date is applicable to this Standard.
GB/T 35789.1-2017 General Specification for the Electronic Identification of Motor Vehicles - Part 1. Automobile
GM/T 0024 SSL VPN Specification
GM/T 0035.1-2014 Specifications of Cryptographic Application for RFID Systems - Part 1. Cryptographic Protection Framework and Security Levels
GM/T 0035.5 Specifications of Cryptographic Application for RFID Systems - Part 5. Specification for Key Management
3 Terms and Definitions
What is defined in GB/T 35789.1-2017, and the following terms and definitions are applicable to this document.
3.1 Security Module
Security module refers to a component, which is imbedded in the read-write equipment and provides the function of cryptographic operation to the read-write equipment. 5.3 Cryptographic Algorithm
Security module and PSAM card shall adopt cryptographic algorithm approved by national password management department.
5.4 Key Management
Key management shall comply with the following requirements.
a) The generation, input, storage, dispersion and usage of key shall comply with the requirement in GM/T 0035.5;
b) Key in the security module shall be managed by institutions authorized by public security organs;
c) Key in the PSAM card shall be managed by competent departments of
application industries.
5.5 Confidentiality
5.5.1 Storage confidentiality
Storage confidentiality shall comply with the following requirements.
a) Sensitive information shall adopt cryptographic algorithm for encryption protection, so as to prevent unauthorized access;
b) Access permission information and keys shall be stored in the security module or the PSAM card;
c) Asymmetric algorithm private key and symmetric algorithm key shall not be readable.
5.5.2 Transmission confidentiality
SSL VPN technology, which complies with the requirement in GM/T 0024, should be adopted, so as to guarantee transmission confidentiality between the read-write equipment and the application system.
5.6 Integrity
Cryptography shall be adopted to verify sensitive information in the transmission between the read-write equipment and the application system, so as to find out information being tampered, deleted or interpolated.
5.7 Non-repudiation
Digital signature technology shall be adopted to implement non-repudiation between the read-write equipment and the application system.

View full details