GB/T 25062-2010 English PDFUS$789.00 · In stock
Delivery: <= 6 days. True-PDF full-copy in English will be manually translated and delivered via email. GB/T 25062-2010: Information security technology -- Authentication and authorization -- Role-based access control model and management specification Status: Valid
Basic dataStandard ID: GB/T 25062-2010 (GB/T25062-2010)Description (Translated English): Information security technology -- Authentication and authorization -- Role-based access control model and management specification Sector / Industry: National Standard (Recommended) Classification of Chinese Standard: L80 Classification of International Standard: 35.040 Word Count Estimation: 34,352 Date of Issue: 2010-09-02 Date of Implementation: 2011-02-01 Quoted Standard: ISO/IEC 13568-2002 Regulation (derived from): Announcement of Newly Approved National Standards No. 4 of 2010 (total 159) Issuing agency(ies): General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China Summary: This standard specifies the role-based access control (RBAC) model, RBAC systems and management functional specification, This standard applies to information systems design and implementation of RBAC subsystem, related systems testing and product sourcing also refer to the use, GB/T 25062-2010: Information security technology -- Authentication and authorization -- Role-based access control model and management specification---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. Information security technology. Authentication and authorization. Role-based access control model and management specification ICS 35.040 L80 National Standards of People's Republic of China Information Security Technology Authentication and Authorization Role-based access control model and management practices Issued on. 2010-09-02 2011-02-01 implementation Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China Standardization Administration of China released Table of ContentsIntroduction Ⅲ Introduction Ⅳ 1 Scope 1 2 Normative references 1 3 Terms and definitions 4 Abbreviations 2 Consistency 2 5 6 RBAC Reference Model 2 6.1 Overview 2 6.2 Core RBAC 3 6.3 Hierarchy RBAC 4 6.4 with Constrained RBAC 5 7 RBAC systems and management functional specification 6 7.1 Overview 6 7.2 Core RBAC 7 7.3 Hierarchy RBAC 11 7.4 Static separation of duty relations 14 7.5 Dynamic separation of duty 18 Appendix A (informative) Functional Specification Overview 23 A.1 Overview 23 A.2 Core RBAC Functional Specification 23 A.3 hierarchical RBAC Functional Specification 24 A.4 static separation of duty relations Functional Specification 24 A.5 dynamic separation of duty relations Functional Specification 25 A.6 Functional Specification pack 26 Annex B (informative) Principle components 27 B.1 Overview 27 B.2 core RBAC 27 B.3 hierarchical RBAC 27 B.4 static separation of duty relations 27 B.5 dynamic separation of duty 28 Appendix C (Informative Appendix) Z language Example 29ForewordThis standard Annex A, Annex B and Annex C is informative appendix. This standard by the National Safety Standardization Technical Committee (SAC/TC260) and focal points. This standard was drafted. Institute of Software, Information Security Generic Technology National Engineering Research Center. The main drafters of this standard. Dengguo Feng, Xu Zhen, Zhaizheng De, Zhang Min, Zhang Fan, Huang Liang, Chuang Chung.IntroductionMainstream IT products suppliers in large quantities in their real database management systems, security management systems, network operating systems and other products Online role-based access control, yet no agreed set its features. The lack of a widely accepted model, based on the result of the angle Color Access Control utility and does not understand the meaning of the normative and uncertainty. The standard reference ANSIINCITS359-2004, use a Reference model to define role-based access control features, and describe the features of the functional specification, the above methods do not resolve these Norms and uncertain issues. Information Security Technology Authentication and Authorization Role-based access control model and management practices1 ScopeThis standard specifies the role-based access control (RBAC) model, RBAC system management functions and specifications. This standard applies to information system design and implementation of RBAC subsystems, system testing and product-related procurement may also refer to use.2 Normative referencesThe following documents contain provisions which, through reference in this standard and become the standard terms. For dated references, subsequent Amendments (not including errata content) or revisions do not apply to this standard, however, encourage the parties to the agreement are based on research Whether the latest versions of these documents. For undated reference documents, the latest versions apply to this standard. ISO /IEC 13568.2002 Information technology - Z formal specification comment syntax, semantics and formal system3 Terms and DefinitionsThe following terms and definitions apply to this standard. 3.1 Assembly component This refers to one of the four RBAC feature set. Core RBAC, hierarchical RBAC, Static separation of duty relations, dynamic separation of duty relationship. 3.2 Object object You need to control access to system resources, such as files, printers, terminals, database records. 3.3 Operation operation Executable image of a program, when invoked for the user to perform certain functions. 3.4 Permissions permission License to perform an operation on one or more objects that RBAC protected. 3.5 Role role Organizational context a job function, the user is granted a role will have the appropriate authority and responsibility. 3.6 User user , Resource or service access implementation of the main people, machines, networks, autonomous intelligent agents. 3.7 Session session From the user to activate the role of a collection of maps. 3.8 Separation of duties separationofduty Constraints limit the user to obtain permission set of conflict of interest, for example, a user can not obtain permission to accounting and auditing at the same time. ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 25062-2010_English be delivered?Answer: Upon your order, we will start to translate GB/T 25062-2010_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 6 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GB/T 25062-2010_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 25062-2010_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
