HOME   Cart(11)   Quotation   About-Us Policy PDFs Standard-List
www.ChineseStandard.net Database: 189759 (26 Oct 2025)

GB/T 39680-2020 English PDF

US$449.00 · In stock
Delivery: <= 4 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 39680-2020: Information security technology - Technique requirements and evaluation criteria for server security
Status: Valid
Standard IDContents [version]USDSTEP2[PDF] delivered inStandard Title (Description)StatusPDF
GB/T 39680-2020English449 Add to Cart 4 days [Need to translate] Information security technology - Technique requirements and evaluation criteria for server security Valid GB/T 39680-2020

PDF similar to GB/T 39680-2020


Standard similar to GB/T 39680-2020

GB 40050   GB/T 40660   GB/T 39335   GB/T 37027   GB/T 19713   

Basic data

Standard ID GB/T 39680-2020 (GB/T39680-2020)
Description (Translated English) Information security technology - Technique requirements and evaluation criteria for server security
Sector / Industry National Standard (Recommended)
Classification of Chinese Standard L80
Classification of International Standard 35.040
Word Count Estimation 24,236
Date of Issue 2020-12-14
Date of Implementation 2021-07-01
Older Standard (superseded by this standard) GB/T 25063-2010; GB/T 21028-2007
Quoted Standard GB/T 9813.3-2017; GB/T 20272; GB/T 25069
Regulation (derived from) National Standard Announcement No. 28 of 2020
Issuing agency(ies) State Administration for Market Regulation, China National Standardization Administration
Summary This standard specifies the security technical requirements and evaluation criteria for servers. This standard applies to the development, production, maintenance and evaluation of servers.

GB/T 39680-2020: Information security technology - Technique requirements and evaluation criteria for server security


---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
(Information security technology Server security technical requirements and evaluation criteria) ICS 35:040 L80 National Standards of People's Republic of China Replace GB/T 21028-2007, GB/T 25063-2010 Information Security Technology Server security technical requirements and evaluation criteria 2020-12-14 release 2021-07-01 implementation State Administration for Market Regulation Issued by the National Standardization Management Committee

Table of contents

Preface Ⅲ 1 Scope 1 2 Normative references 1 3 Terms, definitions and abbreviations 1 4 Overview 2 5 Safety technical requirements 2 5:1 Safety function requirements 2 5:1:1 Device label 2 5:1:2 Hardware interface security 2 5:1:3 Firmware Security 2 5:1:4 Driver Security 3 5:1:5 Reliable operation support 3 5:1:6 Self-safety management 3 5:2 Safety assurance requirements 4 5:2:1 Development 4 5:2:2 Guidance Document 4 5:2:3 Life Cycle Support 5 5:2:4 Test 5 5:2:5 Vulnerability assessment 6 5:2:6 Maintenance 6 6 Security Evaluation Criteria 6 6:1 Test environment 6 6:2 Evaluation of safety function requirements 7 6:2:1 Device label 7 6:2:2 Hardware interface security 7 6:2:3 Firmware Security 8 6:2:4 Driver Security 9 6:2:5 Reliable operation support 9 6:2:6 Self-security management 10 6:3 Evaluation of safety assurance requirements 12 6:3:1 Development 12 6:3:2 Guidance documents 13 6:3:3 Life Cycle Support 13 6:3:4 Test 15 6:3:5 Vulnerability assessment 17 6:3:6 Maintenance 17 Appendix A (informative appendix) Server operating system security requirements 18 Appendix B (Informative Appendix) Server Security Technical Requirements Classification Table 19 Reference 20

Foreword

This standard was drafted in accordance with the rules given in GB/T 1:1-2009: This standard replaces GB/T 21028-2007 "Information Security Technology Server Security Technical Requirements" and GB/T 25063-2010 "Information Information Security Technology Server Security Evaluation Requirements", compared with GB/T 21028-2007 and GB/T 25063-2010, the main technical changes Change as follows: ---Integrated the contents of the two standards GB/T 21028-2007 and GB/T 25063-2010, and revised the standard name to "Information Security Technical Server Security Technical Requirements and Evaluation Guidelines; ---Modified the server security level division, adjusted from the original five levels to basic level and enhanced level (see Chapter 5, GB/T 21028- Chapter 5 of:2007 and Chapter 4 to Chapter 8 of GB/T 25063-2010); ---Added the firmware security technical requirements and corresponding evaluation criteria in the security function requirements (see 5:1:3 and 6:2:3); ---Added the technical requirements for safety management and corresponding evaluation criteria in the safety function requirements (see 5:1:6 and 6:2:6); ---Modified the operating system security technical requirements (see Appendix A, GB/T 21028-2007 5:1:1:2, 5:2:1:2, 5:3:1:2, 5:4: 1:2, 5:5:1:2 and 4:2, 5:2, 6:2, 7:2 of GB/T 25063-2010); --- Deleted the specific security requirements and corresponding evaluation requirements of the database management system (see 5:1:1:3, GB/T 21028-2007 5:2:1:3, 5:3:1:3, 5:4:1:3, 5:5:1:3 and GB/T 25063-2010 4:3, 5:3, 6:3, 7:3); --- The specific safety requirements and corresponding evaluation requirements of the application system have been deleted (see 5:1:1:4 and 5:2:1 of GB/T 21028-2007: 4: 5:3:1:4, 5:4:1:4, 5:5:1:4 and 4:4, 5:4, 6:4, 7:4 of GB/T 25063-2010): Please note that certain contents of this document may involve patents: The issuing agency of this document is not responsible for identifying these patents: This standard was proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260): Drafting organizations of this standard: Inspur Electronic Information Industry Co:, Ltd:, Lenovo (Beijing) Co:, Ltd:, Huawei Technologies Co:, Ltd:, Xinhua Three Technologies Co:, Ltd:, China Academy of Information and Communications Technology, Blue Shield Information Security Technology Co:, Ltd:, China Cyber Security Review Technology and Certification Certification Center, China Electric Power Research Institute, Third Research Institute of Ministry of Public Security, China Information Security Evaluation Center, China Electronic Technology Standardization Research Institute, National Computer Network and Information Security Management Center, Sugon Information Industry (Beijing) Co:, Ltd:, Suzhou Inspur Intelligent Technology Co:, Ltd: The main drafters of this standard: Zhang Dong, Liu Gang, Li Ruxin, Pang Ting, Wan Xiaolan, Zhang Zhibing, Liu Qiang, Shen Yongbo, Song Guixiang, Wang Endong, Zhao Jiang, Song Haohao, Sun Yan, Mao Junjie, Li Ling, Yan Minhui, Ge Xiaoyu, Du Kehong, Lei Ming, Wang Hui, Ni Ping, Lu Zhen, Deng Yu, Zhang Baofeng, Sun Yafei, Kong Yuting, Bai Xinlu, Cao Zhu, Cha Li, Zhang Tianhan: The previous releases of the standard replaced by this standard are as follows: ---GB/T 21028-2007; ---GB/T 25063-2010: Information Security Technology Server security technical requirements and evaluation criteria

1 Scope

This standard specifies the security technical requirements and evaluation criteria for servers: This standard applies to the development, production, maintenance and evaluation of servers:

2 Normative references

The following documents are indispensable for the application of this document: For dated reference documents, only the dated version applies to this article Pieces: For undated references, the latest version (including all amendments) applies to this document: GB/T 9813:3-2017 Computer General Specification Part 3: Server GB/T 20272 Information Security Technology Operating System Security Technical Requirements GB/T 25069 Information Security Technical Terms 3 Terms, definitions and abbreviations 3:1 Terms and definitions The following terms and definitions defined in GB/T 9813:3-2017, GB/T 20272 and GB/T 25069 apply to this document: 3:1:1 Server A computer system that provides specific application services to client computers in a network environment: Note 1: Computer system refers to server hardware system, which mainly includes independent computing unit, storage unit, network transmission unit, monitoring management unit, power supply unit and Drivers, etc: Note 2: Rewrite GB/T 9813:3-2017, definition 3:1: 3:1:2 Server boot firmware serverbootfirmware Responsible for the initialization and configuration of the server chipset, collecting and summarizing hardware resource information and booting the program into the operating system: 3:1:3 Out-of-bandmanagementmodule An independent management unit that controls, manages and maintains the server through a dedicated physical channel: Note: For example, the baseboard management controller of the x86 platform: 3:1:4 Out-of-bandmanagementmodulefirmware A program that exists in the out-of-band management module to realize its functions: 3:1:5 Driverprogram Provides software programs for operating or controlling specific devices in the server for operating systems or applications:

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 39680-2020_English be delivered?

Answer: Upon your order, we will start to translate GB/T 39680-2020_English as soon as possible, and keep you informed of the progress. The lead time is typically 2 ~ 4 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 39680-2020_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 39680-2020_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.

Refund Policy     Privacy Policy     Terms of Service     Shipping Policy     Contact Information