Home   Cart   Quotation   Policy   About-Us
www.ChineseStandard.net
SEARCH

GB/T 30275-2013 English PDF

US$629.00 · In stock
Delivery: <= 5 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 30275-2013: Information security technology -- Authentication and authorization -- Authentication middleware framework and interface specification
Status: Valid
Standard IDUSDBUY PDFLead-DaysStandard Title (Description)Status
GB/T 30275-2013629 Add to Cart 5 days Information security technology -- Authentication and authorization -- Authentication middleware framework and interface specification Valid

Similar standards

GB/T 30279   GB/T 30276   GB/T 31168   GB/T 30278   GB/T 30270   GB/T 30282   

Basic data

Standard ID: GB/T 30275-2013 (GB/T30275-2013)
Description (Translated English): Information security technology -- Authentication and authorization -- Authentication middleware framework and interface specification
Sector / Industry: National Standard (Recommended)
Classification of Chinese Standard: L80
Classification of International Standard: 35.040
Word Count Estimation: 27,213
Quoted Standard: GB/T 9387.2-1995; GB/T 15843.1-2008; GB/T 18794.2-2002; GB/T 25069-2010
Regulation (derived from): National Standards Bulletin 2013 No. 27
Issuing agency(ies): General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China
Summary: This standard specifies the authentication middleware system framework, components, functions and common interface, and gives certified middleware workflow. This standard applies to certified middleware and components design, development, and guide the de

GB/T 30275-2013: Information security technology -- Authentication and authorization -- Authentication middleware framework and interface specification


---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology. Authentication and authorization. Authentication middleware framework and interface specification ICS 35.040 L80 National Standards of People's Republic of China Information Security Technology Authentication and Authorization Authentication middleware framework and interface specifications Issued on. 2013-12-31 2014-07-15 implementation Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China Standardization Administration of China released

Table of Contents

Preface Ⅰ Introduction Ⅱ 1 Scope 1 2 Normative references 1 3 Terms and definitions 4 Abbreviations 2 5 certified middleware Goal 3 5.1 Functional Objective 3 5.2 non-functional target 3 5.3 Safety Goal 3 6 Authentication middleware framework 3 6.1 Overview 3 6.2 middleware authentication mode 5 6.3 Component description 6 6.4 Identification assertion 7 Relationship 6.5 certified middleware and application systems 7 6.6 Authentication middleware and service-oriented architecture 7 7 component specification 8 7.1 Authentication middleware management component 8 7.2 authentication component 10 7.3 single sign-on module 12 7.4 Privacy assembly 15 7.5 attribute query component 16 Appendix A (informative) Certification middleware workflow 18 References 22

Foreword

This standard was drafted in accordance with GB/T 1.1-2009 given rules. This standard by the National Safety Standardization Technical Committee (SAC/TC260) and focal points. Some content of this document may involve patents, the issuing authority of this document does not assume responsibility for the identification of these patents. This standard is mainly drafted by. Institute of Software, Chinese Academy of Sciences and Data Communication Protection Research and Education Center, Beijing number Word Certificate Authority Limited. The main drafters of this standard. Xu Jing, FENG Deng, Jingji Wu, Zhang Liwu, Zhang Yan, Li Qiang, Yang Jing, Zhang Zhenfeng, Zhan Banghua, Yan Shi.

Introduction

Authentication security system is one of the most basic security feature is the primary security needs of the vast majority of information systems. However, with long-term To closely combine security features with specific business enables application developers often consider business functions but also need to consider security To achieve full functionality. Because not all developers have a comprehensive safety knowledge, this is not only time consuming, it can not guarantee safety Complete the implementation of full-featured. Therefore, the safety function, especially authentication function and business functions stripped way for middleware applications The system provides specialized security is the development trend of the field of security. In addition, since each system is the lack of standardized interfaces identification and reference models in the construction process, between different systems are not compatible and can not be Interconnection, resulting in a large number of duplicate development and construction waste. At the same time more difficult to further system integration. Therefore, China's urgent need to develop authentication middleware framework and interface specifications of the authentication process information system for standardization. thereby Enhance the interoperability of information systems, and promote the development and promotion of middleware certification, from a macro point of view will also help promote China's information Security system. The main objective of this standard is to provide a certified middleware framework specification and component descriptions, identification and implementation process to be standardized, However, to make this standard better and operability can be realized, this standard at the same time a number of common interfaces defined so as real Current reference, these definitions do not affect this standard certified middleware framework versatility. In practice, according to the demand for these pick Port for further specification. Information Security Technology Authentication and Authorization Authentication middleware framework and interface specifications

1 Scope

This standard specifies the authentication middleware framework, components, functions and common interface, and gives certified middleware workflow. This standard applies to certified middleware and components design, development, and guide the development of testing and related applications that type of system.

2 Normative references

The following documents for the application of this document is essential. For dated references, only the dated version suitable for use herein Member. For undated references, the latest edition (including any amendments) applies to this document. GB/T 9387.2-1995 Information processing systems - Open Systems Interconnection - Basic Reference Model - Part 2. Security Architecture GB/T 15843.1-2008 Identification Information technology - Security techniques - Entity Part 1. Overview GB/T 18794.2-2002 Information technology - Open Systems Interconnection - Security frameworks for open systems - Part 2. Authentication framework GB/T 25069-2010 Information security technology terms

3 Terms and Definitions

GB/T 9387.2-1995, GB/T 15843.1-2008, GB/T 18794.2-2002 and GB/T 25069-2010 defined The following terms and definitions apply to this document. 3.1 Relying Party relyingparty According to information obtained from the other entity to determine how the system operation entities. Note. Applications such as authentication systems rely on middleware for user authentication. 3.2 Assertion assertion To the relying party credible statement contains the user identity information may also contain proven properties. Note. The assertion may be digitally signed, or through a secure protocol to obtain from a trusted source. 3.3 Property attribute Collectively and nature of the relationship between the target object. 3.4 Identification authentication The process of establishing trust between the user's identity. 3.5 Identification of key negotiation authenticatedkeyagreement The two sides more than two parties or entities through interaction with each other to establish a trust relationship between identity and form a common secret key with To protect the subsequent communication security. ......
Image     

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 30275-2013_English be delivered?

Answer: Upon your order, we will start to translate GB/T 30275-2013_English as soon as possible, and keep you informed of the progress. The lead time is typically 3 ~ 5 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 30275-2013_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 30275-2013_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.