GB/T 25066-2020 English PDFUS$489.00 · In stock
Delivery: <= 5 days. True-PDF full-copy in English will be manually translated and delivered via email. GB/T 25066-2020: Information security technology - Type and code of information security products Status: Valid GB/T 25066: Historical versions
Basic dataStandard ID: GB/T 25066-2020 (GB/T25066-2020)Description (Translated English): Information security technology - Type and code of information security products Sector / Industry: National Standard (Recommended) Classification of Chinese Standard: L80 Classification of International Standard: 35.040 Word Count Estimation: 26,271 Date of Issue: 2020-04-28 Date of Implementation: 2020-11-01 Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration GB/T 25066-2020: Information security technology - Type and code of information security products---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.Information security technology - Type and code of information security products ICS 35.040 L80 National Standards of People's Republic of China Replace GB/T 25066-2010 Information Security Technology Information security product category and code 2020-04-28 released 2020-11-01 implementation State Administration for Market Regulation Issued by the National Standardization Management Committee Table of contentsForeword Ⅰ 1 Scope 1 2 Normative references 1 3 Terms and definitions 1 4 Abbreviations 1 5 Categories and codes 2 5.1 Category 2 5.2 Code 2 5.3 Category and code table 2 Appendix A (Normative Appendix) Classification Description 6 Appendix B (Normative Appendix) Description of Domain Attributes 21 Reference 22 Information Security Technology Information security product category and code1 ScopeThis standard specifies the main categories and codes of information security products, including physical environment security, communication network security, and regional boundaries Security category, computing environment security category, security management support category and other categories. This standard applies to information security products (excluding secret-related information system products and only providing password calculations) by the national information security management department. Commercial cryptographic products based on law calculations) for classified management, and can guide the productization of information security product manufacturers and user units Planning for information and safety construction.2 Normative referencesThe following documents are indispensable for the application of this document. For dated reference documents, only the dated version applies to this article Pieces. For undated references, the latest version (including all amendments) applies to this document. GB 17859 Classification criteria for security protection levels of computer information systems GB/T 25069 Information Security Technical Terms3 Terms and definitionsThe following terms and definitions defined in GB 17859 and GB/T 25069 apply to this document. 3.1 Information Security Products Software, hardware, or their combination specifically used to ensure information security.4 AbbreviationsThe following abbreviations apply to this document.5 Categories and codes5.1 Category This standard divides information security products into three levels in the form of a three-level catalog, of which the first-level classification includes six categories. Physical environment security Class, Communication Network Security Class, Regional Border Security Class, Computing Environment Security Class, Security Management Support Class and other classes. Physical environment safety. used to protect the environment, equipment, facilities and media from physical damage (such as earthquakes, fires and other natural disasters, and Physical theft, damage and other man-made destruction) information security products. Communication network security. deployed in the network or on the communication terminal, used to monitor and protect network communication, and ensure the confidentiality of network communication. Integrity and availability of information security products. Regional boundary security. deployed on the boundary of the security domain to prevent attacks, infiltrations, or security of internal networks/devices from outside the security domain. An information security product that leaks sensitive information from internal networks/devices across the entire domain. Computing environment security. deployed in the device and its computing environment to protect the integrity, confidentiality, and confidentiality of user equipment, computing or network data Availability, or information security products that guarantee application security. Security management support. to provide security management and support for the normal operation of the network, and information to reduce security risks during operation Safety products. Information security products that cannot be classified into the above five categories are temporarily classified into other categories. 5.2 Code The first-level classification code is a letter, and the second-level classification code is the first-level classification code plus 1 digit (other classes in the second-level classification, The code is the first-level classification code followed by a letter X), and the third-level classification code is the second-level classification code followed by 2 digits. 5.3 Category and code table The categories and codes of information security products are shown in Table 1. Comprehensive information security products can belong to multiple three-level classifications at the same time according to their main functions. See Appendix A for a detailed description of the three-level classification. Information security products can have applicable field attributes, such as applicable to industrial control systems, cloud computing, mobile internet, and Internet of Things Internet domain and big data domain, etc. See Appendix B for domain attribute description.Appendix A(Normative appendix) Classification description A.1 Physical environment security (A) A.1.1 Environmental safety (A1) A.1.1.1 Area protection (A101) This type of product uses relevant information technology as support to provide some form of protection and isolation for specific areas (including fixed or mobile). The purpose is to protect the system or equipment in a specific area from direct human damage. The safety functions of this type of product can be mainly summarized into three aspects. a) Personnel access control; b) Controlled by protected resources; c) Sensor network. Any product that provides one or more of the above functions and that function is the dominant function can be classified into this category (A101). A.1.1.2 Disaster prevention and recovery (A102) This type of product uses relevant information technology as support to provide disaster alarm, disaster protection and disaster recovery functions, with the purpose of protecting the system Or the equipment is protected from water, fire, harmful gas, earthquake, lightning and static electricity. The safety functions of this type of product can be mainly summarized into three aspects. a) Disaster detection and alarm before the disaster occurs; b) When a disaster occurs, take emergency measures to protect the system or equipment that is being destroyed, and carry out real-time on-site protection; c) After a disaster occurs, restore the damaged system or equipment. Any product that provides one or more of the above functions, and that function is the dominant function, can be classified into this category (A102). A.1.1.3 Auxiliary support for disaster recovery plan (A103) This type of product uses relevant information technology as support, provides computer assistance for the formulation of disaster recovery plans, and assists software with disaster recovery plans. The purpose is to realize the semi-automatic generation of disaster recovery plan. The safety functions of this type of product can be mainly summarized into three aspects. a) Analysis of the impact of the disaster; b) Outline design or detailed formulation of disaster recovery plan; c) Testing and improvement of disaster recovery plans. Any product that provides one or more of the above functions, and that function is the dominant function, can be classified into this category (A103). A.1.1.4 Electromagnetic interference (A104) This type of product adopts relevant information technology to actively interfere with electromagnetic signals, and the purpose is to block the electromagnetic signal from entering within a certain range. Data communication to prevent the use of electromagnetic signals for information eavesdropping or stealing activities. Any product that provides the above functions and that function is the dominant function can be classified into this category (A104). A.1.1.5 Anti-electromagnetic interference (A105) This type of product uses relevant information technology to prevent electromagnetic interference, the purpose is to protect the operation of the system or equipment and the safety of data. The safety functions of this type of product can be mainly summarized into two aspects. a) Combat electromagnetic interference to the system from outside; b) Eliminate electromagnetic interference from inside the system. Any product that provides one or two of the above functions and that function is the dominant function can be classified into this category (A105). A.1.1.6 Electromagnetic leakage protection (A106) This type of product uses relevant information technology to prevent the leakage of electromagnetic signals, with the purpose of improving the security of sensitive information in a specific security domain. The safety functions of this type of product can be mainly summarized into two aspects. a) Reduce or block the leakage of electromagnetic signals; b) Interference with leaked electromagnetic signals. Any product that provides one or two of the above functions and that function is the dominant function can be classified into this category (A106). A.1.2 Physical security (A2) A.1.2.1 Anti-theft (A201) This type of product uses relevant information technology as support to provide anti-theft protection for equipment or components (such as network detection and alarm), and the purpose is to protect Equipment and components are protected from theft. Any product that provides the above functions and that function is the dominant function can be classified into this category (A201). A.1.2.2 Anti-destroy (A202) This type of product uses relevant information technology as the support to provide anti-damage protection for the equipment, with the purpose of protecting the equipment from natural and man-made damage. The safety functions provided by this type of products can be mainly summarized into two aspects. a) To combat the destruction of natural forces, use certain anti-destroy measures (such as network remote control protection) to protect system equipment and components; b) Against man-made sabotage, use certain anti-destroy measures (such as network remote anti-dismantling alarm) to protect system equipment and components. Any product that provides one or two of the above functions, and that function is the dominant function, can be classified into this category (A202). A.1.2.3 Line interception prevention (A203) This type of product uses relevant information technology as support to prevent unauthorized interception of information transmitted in communication lines, and the purpose is to improve sensitive information. The security of information in the transmission process. The safety functions of this type of product can be mainly summarized into two aspects. a) Detect the line interception, find the line interception and call the police; b) Locate the line interception and find the working position of the line interception equipment. Any product that provides one or two of the above functions and that function is the dominant function can be classified into this category (A203). A.1.2.4 Power protection (A204) This type of product uses relevant information technology as the support to provide power supply guarantee for the reliable operation of system equipment, with the purpose of ensuring the stability of system operation. The safety functions of this type of product can be mainly summarized into two aspects. a) Protection of working continuity of working power supply, such as uninterruptible power supply; b) Protection of working stability of working power supply, such as ripple suppressor. Any product that provides one or two of the above functions and that function is the dominant function can be classified into this category (A204). A.1.2.5 Media Security (A205) This type of product uses relevant information technology as the support to provide protection or destruction of the media and its carried data, with the purpose of preventing data from being unauthorized Authorized access, deletion, or deleted sensitive data is restored without authorization. The safety functions of this type of product can be mainly summarized into three aspects. a) Anti-theft of media data, such as preventing unauthorized copying of media data; b) Destruction of media data, including physical destruction of media and thorough destruction of media data (such as degaussing, etc.) to prevent media data deletion Or the information is leaked by others after being destroyed; c) Anti-destroy of media data, to prevent accidental or deliberate destruction of media data from losing. Any product that provides one or more of the above functions and that function is the dominant function can be classified into this category (A205). A.1.3 Physical Environment Security Other (AX) The physical environment safety products that cannot be classified into the above 2 categories are temporarily classified as physical environment safety other categories (AX). A.2 Communication network security (B) A.2.1 Communication security (B1) Virtual Private Network (B101) This type of product provides the basic function of logically isolating the secure communication link on the public communication basic network. Establish dedicated secure transmission channels on physical links such as Internet links or mobile Internet links to ensure the security of data network transmission. The safety functions of this type of product can be mainly summarized into five aspects. a) Identification of the communicating party; b) Key agreement, working keys are generated through negotiation, etc.; c) Secure transmission tunnel establishment; d) Secure data transmission, ensuring the secure transmission of data through segmentation, compression and decompression, encryption and decryption, integrity verification, etc. of the transmitted data; e) The key is dynamically updated. Any product that provides all of the above functions and that function is the dominant function can be classified into this category (B101). A.2.2 Network monitoring and control (B2) A.2.2.1 Network intrusion detection (B201) This type of product monitors network intrusions, automatically recognizes various intrusions and gives alarms, with the purpose of discovering network violations in time Security policy behavior and signs of attack. Any product that provides the above functions and that function is the dominant function can be classified into this category (B201). A.2.2.2 Network activity monitoring and analysis (B202) This type of product monitors and analyzes network transmission information, with the purpose of providing support for administrators in network management. The safety functions of this type of product can be mainly summarized into two aspects. a) Monitor according to different network protocols, record and restore network communication information; b) Use traffic analysis and other means to match network activity information with pre-set security policies to find abnormalities in network activity. Any product that provides one or two of the above functions and that function is the dominant function can be classified into this category (B202). A.2.2.3 Flow control (B203) This type of product is a traffic management system for traffic monitoring and bandwidth control of the network in the security domain, which can achieve reasonable bandwidth allocation. The purpose is to optimize the use of bandwidth resources and avoid network congestion, thereby protecting the bandwidth occupation of key applications and improving bandwidth utilization. The safety functions of this type of product can be mainly summarized into two aspects. a) Traffic monitoring, monitoring and analyzing the distribution of network traffic; b) Bandwidth control, providing bandwidth management functions such as bandwidth limitation, bandwidth reservation, and bandwidth guarantee. Any product that provides all the above functions and that function is the dominant function can be classified into this category (B203). A.2.2.4 Internet behavior management (B204) This type of product is used to audit and control network users' use of the network, perform web access filtering, network application control, and information collection Auditing, user behavior analysis, etc., are aimed at real-time monitoring and management of network resource usage and regulating online behavior. The safety functions of this type of product can be mainly summarized into five aspects. a) Perform identity authentication or terminal management for Internet users; b) Identify and control URLs, Internet search content or file downloads; c) Identify and control the content of outgoing information that is sent online through e-mail, web posting, instant messaging, FTP, etc.; d) Identify and control Internet applications; e) Record and keep network behavior information (user identity, login time, access domain name/application, etc.). Any product that provides one or more of the above functions and that function is the dominant function can be classified into this category (B204). A.2.2.5 Anti-spam (B205) This type of product recognizes and processes spam based on predefined rules, with the purpose of preventing the spread of spam. Any product that provides the above functions and that function is the dominant function can be classified into this category (B205). A.2.2.6 Information filtering (B206) This type of product filters network information according to pre-defined rules. The purpose is to enter the network inflow/outflow information defined in the filtering strategy Line filtering control. The safety functions of this type of product can be mainly summarized into four aspects. a) Text filtering; b) Image filtering; c) Multimedia stream filtering; d) Other information filtering. Any product that provides one or more of the above functions and that function is the dominant function can be classified into this category (B206). A.2.3 Communication Network Security Other (BX) Communication network security products that cannot be classified into the above two categories are temporarily classified as communication network security other categories (BX). A.3 Regional boundary security (C) A.3.1 Isolation (C1) A.3.1.1 Terminal isolation (C101) This type of product connects two different security domains at the same time, and uses physical disconnection technology to realize the security separation of the physical isolation of the security domain on the terminal. Leave the card or safely isolate the computer. Any product that provides the above functions and that function is the dominant function can be classified into this category (C101). A.3.1.2 Network isolation (C102) This type of product is located between two different security domains, using protocol isolation technology to achieve security isolation and information exchange on the network product. Any product that provides the above functions and that function is the dominant function can be classified into this category (C102). A.3.1.3 Network one-way import (C103) This type of product is located between two different security domains, and the only channel for one-way transmission of information is physically constructed to realize information one-way guidance ...... |
