Home Cart Quotation About-Us
www.ChineseStandard.net
SEARCH

GB/T 22239-2019 PDF English

Q: Do you accept my currency other than USD?

Yes. https://www.ChineseStandard.us/products/GBT22239-2019 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds.

Q: How to buy and download a true PDF of English version of GB/T 22239-2019?

Answer: A step-by-step guide to download PDF of GB/T 22239-2019_English. Step 1: Visit website https://www.ChineseStandard.net (Pay in USD), or https://www.ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD). Step 2: Search keyword 'GB/T 22239-2019'. Step 3: Click 'Add to Cart'. If multiple PDFs are required, repeat steps 2 and 3 to add up to 12 PDFs to cart. Step 4: Select payment option (Via payment agents Stripe or PayPal). Step 5: Customize Tax Invoice -- Fill up your email etc. Step 6: Click 'Checkout'. Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment is completed and in 9 seconds, you will receive 2 emails attached with the purchased PDFs and PDF-invoice, respectively. Step 8: Optional -- Go to download PDF. Step 9: Optional -- Click Open/Download PDF to download PDFs and invoice. See screenshots for above steps: https://www.chinesestandard.net/Img/LDHowToStep1-3.jpg https://www.chinesestandard.net/Img/LDHowToStep4-6.jpg https://www.chinesestandard.net/Img/LDHowToStep7.jpg https://www.chinesestandard.net/Img/LDHowToStep8.jpg https://www.chinesestandard.net/Img/LDHowToStep9.jpg

US$485.00 · In stock · Download in 9 seconds
GB/T 22239-2019: Information security technology - Baseline for classified protection of cybersecurity
Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure
Status: Valid

GB/T 22239: Historical versions

Standard ID	USD	BUY PDF	Delivery	Standard Title (Description)	Status
GB/T 22239-2019	485	Add to Cart	Auto, 9 seconds.	Information security technology - Baseline for classified protection of cybersecurity	Valid
GB/T 22239-2008	150	Add to Cart	Auto, 9 seconds.	Information security technology -- Baseline for classified protection of information system security	Obsolete

Similar standards

GB/T 22240 GB/T 22081 GB/T 22080 GB/T 19713

GB/T 22239-2019: Information security technology - Baseline for classified protection of cybersecurity

---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GBT22239-2019
NATIONAL STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 Replacing GB/T 22239-2008 Information security technology - Baseline for classified protection of cybersecurity Issued on. MAY 10, 2019 Implemented on. DECEMBER 01, 2019 Issued by. State Market Regulatory Administration; Standardization Administration of PRC.

Foreword... 4 Introduction... 6 1 Scope... 7 2 Normative references... 7 3 Terms and definitions... 8 4 Abbreviations... 11 5 Overview of Classified protection of cybersecurity... 12 5.1 Object under classified protection... 12 5.2 Different classes of security protection ability... 12 5.3 General security requirements and security extension requirements... 13 6 Level 1 security requirements... 14 6.1 General security requirements... 14 6.2 Security extension requirements of cloud computing... 20 6.3 Security extension requirements of mobile internet... 22 6.4 Security extension requirements for IoT... 22 6.5 Security extension requirements for industrial control systems... 23 7 Level 2 security requirements... 25 7.1 General security requirements... 25 7.2 Extension requirements for cloud computing security... 40 7.3 Extension requirements for mobile Internet security... 43 7.4 Extension requirements for IoT security... 45 7.5 Security extension requirements for industrial control systems... 46 8 Level 3 security requirements... 48 8.1 General security requirements... 48 8.2 Extension requirements for cloud computing security... 71 8.3 Extension requirements for mobile Internet security... 76 8.4 Extension requirements for IoT security... 78 8.5 Security extension requirements for industrial control systems... 80 9 Level 4 security requirements... 83 9.1 General security requirements... 83 9.2 Extension requirements for cloud computing security... 106 Information security technology - Baseline for classified protection of cybersecurity

1 Scope

This standard specifies the general security requirements and security extension requirements for the project under classified protection from level 1 to level 4 of the classified protection of cybersecurity. This standard is applicable to guide the security construction and supervision administration of non-confidential objects in different classes. Note. The class-5 protection object is a very important supervision and management object. It has special management modes and security requirements, so it is not described in this standard.

2 Normative references

The following documents are essential to the application of this document. For the dated documents, only the versions with the dates indicated are applicable to this document; for the undated documents, only the latest version (including all the amendments) are applicable to this standard. GB 17859 Classified criteria for security protection of computer information system GB/T 22240 Information security technology - Classification guide for classified protection of information system security GB/T 25069 Information security technology glossary GB/T 31167-2014 Information security technology - Security guide of cloud computing services GB/T 31168-2014 Information security technology - Security ability requirements of cloud computing services GB/T 32919-2016 Information security technology - Application guide to industrial control system security control

3 Terms and definitions

The terms and definitions defined in GB 17859, GB/T 22240, GB/T 25069, GB/T 31167-2014, GB/T 31168-2014, GB/T 32919-2016, as well as the following terms and definitions, apply to this document. For ease of use, some of the terms and definitions in GB/T 31167-2014, GB/T 31168-2014, GB/T 32919- 2016 are listed repeatedly. 3.1 Cybersecurity The ability by taking necessary measures to prevent network from attacks, intrusions, interference, destruction and illegal use, as well as accidents, to make the network in a stable and reliable state of operation, and to ensure the integrity, confidentiality and availability of network data. 3.2 Security protection ability The degree to withstand threats, detect security incidents, recover from previous conditions after damage. 3.3 Cloud computing A mode for accessing a scalable, flexible physical or virtual shared resource pool through a network, and self-serving and managing resources on demand. Note. Examples of resources include servers, operating systems, networks, software, applications, storage devices. [GB/T 31167-2014, definition 3.1] 3.4 Cloud service provider The provider of cloud computing services. Note. Cloud service providers manage, operate, support computing infrastructure and software for cloud computing; deliver cloud computing resources through the network. [GB/T 31167-2014, definition 3.3]

4 Abbreviations

The following abbreviations apply to this document. AP. Wireless Access Point DCS. Distributed Control System DDoS. Distributed Denial of Service ERP. Enterprise Resource Planning FTP. File Transfer Protocol HMI. Human Machine Interface IaaS. Infrastructure-as-a-Service ICS. Industrial Control System IoT. Internet of Things IP. Internet Protocol

5 Overview of Classified protection of cybersecurity

5.1 Object under classified protection The object under classified protection refers to the objects in the classified protection of cybersecurity. It usually refers to a system consisting of computers or other information terminals and related device that collects, stores, transmits, exchanges, processes information in accordance with certain rules and procedures. It mainly includes basic information networks, cloud computing platforms / systems, big data applications / platforms / resources, Internet of Things (IoT), industrial control systems, systems using mobile internet technologies. The object under classified protection is, based on the degree of harm to national security, economic construction, and social life, and the degree of harm to national security, social order, public interests, the legitimate rights and interests of citizens, legal persons, and other organizations after damage, divided into five protection classes from low to high. See GB/T 22240 for the method of determining the security protection level of the protected object. 5.2 Different classes of security protection ability The basic security protection abilities that different classes of protected objects shall possess are as follows. Level 1 security protection ability. It shall be able to protect against critical resource damage caused by malicious attacks from individuals, threat sources with few resources, general natural disasters, other threats of a considerable degree of harm. After the damage, it may restore some functions. Level 2 security protection ability. It shall be able to protect against important resource damage caused by malicious attacks from small external sources, threat sources with a small amount of resources, general natural disasters, other threats of considerable harm. It may find important security loopholes and handle security incidents, restore some functions within a period of time after they are damaged. Level 3 security protection ability. It shall be able to protect against important resource damage caused by malicious attacks from externally organized groups, threat sources with richer resources, more severe natural disasters, other threats of a considerable degree under a unified security policy. It can timely identify and monitor the attack behavior and deal with security incidents in a timely manner. After being damaged, it can quickly recover most of its functions. Level 4 security protection ability. It shall be able to protect against important resource damage caused by malicious attacks from national-level, hostile organizations, resource-rich threat sources, severe natural disasters, other threats of considerable harm under a unified security policy. It can timely identify and monitor the attack behavior and security incidents in a timely manner. After being damaged, it can quickly recover all of its functions. Level 5 security protection ability. omitted.

6 Level 1 security requirements

6.1 General security requirements 6.1.1 Security physical environment 6.1.1.1 Physical access control At the entrance and exit of the computer room, it shall assign a special person on duty or equip with an electronic access control system to control, identify and record the entering personnel. 6.1.1.2 Protection against theft and vandalism Device or main components shall be fixed and identified with obvious signs that are not easy to remove. 6.1.1.3 Lightning protection All kinds of cabinets, facilities and device shall be safely grounded through the grounding system. 6.1.1.4 Fire prevention The computer room shall be equipped with fire extinguishing device. 6.1.1.5 Waterproof and moisture-proof It shall take measures to prevent rainwater from penetrating through the windows, roof and walls of the computer room. 6.1.1.6 Temperature and humidity control It shall set necessary temperature and humidity adjustment facilities, so that the temperature and humidity changes in the computer room are within the range allowed by the device operation. 6.1.1.7 Power supply It shall configure the voltage stabilizer and overvoltage protection device along the power supply lines in the computer room. 6.1.2 Security communication network 6.1.2.1 Communication transmission It shall use the checking techniques to ensure data integrity during communication. 6.1.2.2 Trusted authentication It may, based on the trusted root, carry out the trusted authentication of the system boot program, system program, etc. of the boundary device; issue alarm when detecting the damage of the credibility of the device. 6.1.3 Secure area border 6.1.3.1 Border protection It shall ensure that the access and data flows across borders communicate through controlled interfaces as provided by border devices. 6.1.3.2 Access control This requirement includes. a) It shall set the access control rules at the network boundary according to the access control policy. By default, the controlled interface denies all communication except for the communication allowed; b) Remove redundant or invalid access control rules; optimize access control lists; ensure that the number of access control rules is minimized; c) It shall check the source address, destination address, source port, destination port, protocol, etc., to allow / deny data packets to enter and exit. 6.1.3.3 Trusted authentication It may, based on the trusted root, carry out the trusted authentication of the system boot program, system program, etc. of the boundary device; issue alarm when detecting the damage of the credibility of the device.

7 Level 2 security requirements

7.1 General security requirements 7.1.1 Security physical environment 7.1.1.1 Selection of physical location This requirement includes. a) The site of the computer room shall be selected in a building that has the ability to resist earthquakes, wind and rain; b) The site of the computer room shall be avoided on the top floor or basement of the building, otherwise it shall strengthen the waterproof and moisture-proof measures. 7.1.1.2 Physical access control For the entrance and exit of the computer room, it shall assign a special person on duty or be equipped with an electronic access control system to control, identify, record the entering personnel. 7.1.1.3 Protection against theft and vandalism This requirement includes. a) It shall fix the device or main components; set obvious signs that are not easy to remove; b) It shall lay the communication cables in a hidden and safe place. 7.1.1.4 Lightning protection All kinds of cabinets, facilities and device shall be safely grounded through the grounding system. 7.1.1.5 Fire protection This requirement includes. a) The computer room shall be equipped with an automatic fire protection system, which can automatically detect fire conditions, automatically alarm, automatically extinguish fires; b) The computer room and related working rooms and supporting rooms shall use building materials with fire resistance rating. 7.1.1.6 Waterproof and moisture-proof This requirement includes. a) It shall take measures to prevent rainwater from penetrating through the windows, roof and walls of the computer room; b) It shall take measures to prevent condensation of water vapor in the computer room and the transfer and penetration of underground water. 7.1.1.7 Anti-static It shall use antistatic floor slab or floor; take the necessary grounded antistatic measures. 7.1.1.8 Temperature and humidity control It shall provide temperature and humidity automatic adjustment facilities, so that the temperature and humidity changes in the computer room are within the allowable range of device operation. 7.1.1.9 Power supply This requirement includes. a) It shall configure the voltage stabilizers and overvoltage protection device along the power supply lines of the computer room; b) It shall provide a short-term backup power supply, to at least meet the normal operating requirements of the device in the event of a power outage. 7.1.1.10 Electromagnetic protection Power lines and communication cables shall be laid separately to avoid mutual interference. 7.1.2 Security communication network 7.1.2.1 Network architecture This requirement includes. a) It shall divide different network areas; allocate addresses to each network area in accordance with the principles of convenient management and control; b) It shall avoid deploying important network areas at the borders; it shall adopt reliable technical isolation measures between important network areas and other network areas. 7.1.2.2 Communication transmission It shall use the checking techniques to ensure data integrity during communication. 7.1.2.3 Trusted authentication It may, based on the trusted root, carry out trusted authentication for the system boot program, system program, important configuration parameters, and communication application programs of the communication device; issue an alarm after the damage of credibility is detected; form the verification result into audit record and send it to the security management center.

8 Level 3 security requirements

8.1 General security requirements 8.1.1 Security physical environment 8.1.1.1 Selection of physical location This requirement includes. a) The site of the computer room shall be selected in a building that has the ability to resist earthquakes, wind and rain; b) The site of the computer room shall be avoided on the top floor or basement of the building; otherwise it shall strengthen the waterproof and moisture-proof measures. 8.1.1.2 Physical access control The computer room’s entrance and exit shall be equipped with an electronic access control system to control, identify and record the entering personnel. 8.1.1.3 Protection against theft and vandalism This requirement includes. a) The device or main components shall be fixed and identified with obvious signs that are not easy to remove; b) The communication cables shall be laid in a hidden and safe place; c) It shall set up anti-theft alarm system in the computer room or a video surveillance system with a dedicated person on duty. 8.1.1.4 Lightning protection This requirement includes. a) All kinds of cabinets, facilities and device shall be safely grounded through the grounding system; b) It shall take measures to prevent induction lightning, such as installing lightning protection devices or overvoltage protection devices. 8.1.1.5 Fire protection This requirement includes. a) The computer room shall be equipped with an automatic fire protection system, which can automatically detect fire conditions, automatically alarm, automatically extinguish fires; b) The machine room and related working rooms and auxiliary rooms shall use building materials with fire resistance rating; c) The computer room shall be divided into different regions for management; it shall provide fire prevention means between different regions. 8.1.1.6 Waterproof and moisture-proof This requirement includes. a) It shall take measures to prevent rainwater from penetrating through the windows, roof and walls of the computer room; b) It shall take measures to prevent condensation of water vapor in the computer room and the transfer and penetration of underground water; c) It shall install the water-sensitive detection instruments or components, to test and alarm the water in the computer room.

9 Level 4 security requirements

9.1 General security requirements 9.1.1 Security physical environment 9.1.1.1 Selection of physical location This requirement includes. a) The site of the computer room shall be selected in a building that has the ability to resist earthquakes, wind and rain; b) The site of the computer room shall be avoided on the top floor or basement of the building; otherwise it shall strengthen the waterproof and moisture-proof measures. 9.1.1.2 Physical access control This requirement includes. a) The entrance and exit of the computer room shall be equipped with an electronic access control system to control, identify and record the entering personnel; b) The important area shall be equipped with a second electronic access control system to control, identify and record the entering personnel. 9.1.1.3 Protection against theft and vandalism This requirement includes. a) The device or main components shall be fixed and marked with obvious signs that are not easy to remove; b) The communication cables shall be laid in a hidden and safe place; c) It shall set up an anti-theft alarm system in the computer room or a video surveillance system with a dedicated person on duty. 9.1.1.4 Lightning protection This requirement includes. a) All kinds of cabinets, facilities and device shall be safely grounded through the grounding system; b) It shall take measures to prevent induction lightning, such as installing lightning protection devices or overvoltage protection devices. 9.1.1.5 Fire protection This requirement includes. a) The computer room shall be equipped with an automatic fire protection system, which can automatically detect fire conditions, automatically alarm, automatically extinguish fires; b) The computer room and related working rooms and supporting rooms shall use building materials with fire resistance rating; c) The computer room shall be divided into different regions for management; in between regions, it shall take fire prevention measures. 9.1.1.6 Waterproof and moisture-proof This requirement includes. a) It shall take measures to prevent rainwater from penetrating through the windows, roof and walls of the computer room; b) It shall take measures to prevent condensation of water vapor in the computer room and the transfer and penetration of underground water; c) It shall install the water-sensitive detection instruments or components, to carry out waterproof testing and alarm for the computer room. ......
Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al.

Image 1 Image 2 Image 3

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of English version of GB/T 22239-2019 be delivered?

Answer: The full copy PDF of English version of GB/T 22239-2019 can be downloaded in 9 seconds, and it will also be emailed to you in 9 seconds (double mechanisms to ensure the delivery reliably), with PDF-invoice.

Question 2: Can I share the purchased PDF of GB/T 22239-2019_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 22239-2019_English will be deemed to be sold to your employer/organization who actually paid for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. www.ChineseStandard.us -- GB/T 22239-2019 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds.

Question 5: Should I purchase the latest version GB/T 22239-2019?

Answer: Yes. Unless special scenarios such as technical constraints or academic study, you should always prioritize to purchase the latest version GB/T 22239-2019 even if the enforcement date is in future. Complying with the latest version means that, by default, it also complies with all the earlier versions, technically.

How to buy and download a true PDF of English version of GB/T 22239-2019?

A step-by-step guide to download PDF of GB/T 22239-2019_English

Step 1: Visit website https://www.ChineseStandard.net (Pay in USD), or https://www.ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD).
Step 2: Search keyword "GB/T 22239-2019".
Step 3: Click "Add to Cart". If multiple PDFs are required, repeat steps 2 and 3 to add up to 12 PDFs to cart.
Step 4: Select payment option (Via payment agents Stripe or PayPal).
Step 5: Customize Tax Invoice -- Fill up your email etc.
Step 6: Click "Checkout".
Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment is completed and in 9 seconds, you will receive 2 emails attached with the purchased PDFs and PDF-invoice, respectively.
Step 8: Optional -- Go to download PDF.
Step 9: Optional -- Click Open/Download PDF to download PDFs and invoice.
See screenshots for above steps: Steps 1~3 Steps 4~6 Step 7 Step 8 Step 9