GB/T 31506-2022 English PDFUS$519.00 ยท In stock
Delivery: <= 5 days. True-PDF full-copy in English will be manually translated and delivered via email. GB/T 31506-2022: Information security technology - Security guidelines for website system of government affairs Status: Valid GB/T 31506: Historical versions
Basic dataStandard ID: GB/T 31506-2022 (GB/T31506-2022)Description (Translated English): Information security technology - Security guidelines for website system of government affairs Sector / Industry: National Standard (Recommended) Classification of Chinese Standard: L80 Word Count Estimation: 26,254 Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration GB/T 31506-2022: Information security technology - Security guidelines for website system of government affairs---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. Information security technology -- Security guidelines for website system of government affairs ICS 35.030 CCSL80 National Standards of People's Republic of China Replacing GB/T 31506-2015 Information Security Technology Government Affairs Website System Security Guide Published on 2022-04-15 2022-11-01 Implementation State Administration for Market Regulation Released by the National Standardization Administration directory Preface I 1 Scope 1 2 Normative references 1 3 Terms and Definitions 1 4 Abbreviations 1 5 Overview 2 5.1 Safety objectives and protective measures 2 5.2 Common operating modes and division of safety responsibilities 3 6 Safety technical measures 3 6.1 Physical Security 3 6.2 Communication network 4 6.3 Area boundaries5 6.4 Content Publishing and Data Security 6 6.5 Computing Environment 6 6.6 Security Management Center 10 7 Safety management measures 12 7.1 Management system 12 7.2 Governing Body 12 7.3 Personnel and training 12 7.4 Development and Delivery 13 7.5 Operation and maintenance 14 7.6 Evaluation checks 16 7.7 Password Management 16 7.8 System Exit 16 Appendix A (Informative) Basic Structure of Government Affairs Website System 17 Appendix B (Informative) Selection of Security Measures Level of Government Website System 19 Appendix C (Normative) Security Measures Scale 20 Appendix D (Informative) Coded Security Measures Table 22 Reference 23 forewordThis document is in accordance with the provisions of GB/T 1.1-2020 "Guidelines for Standardization Work Part 1.Structure and Drafting Rules of Standardization Documents" Drafting. This document replaces GB/T 31506-2015 "Information Security Technology Government Portal System Security Technical Guidelines", and Compared with GB/T 31506-2015, in addition to structural adjustment and editorial changes, the main technical changes are as follows. --- Combined with the standard name change and content, the content of safety management measures has been added to the scope (see Chapter 1); --- Changed the terms and definitions of 3.1~3.3 (see Chapter 3, 3.1~3.3 of the.2015 edition); --- Added English abbreviations in the full text (see Chapter 4); ---Redescribe the overview of Chapter 5, delete the website system logical structure and website system composition structure, and change the website security goal and protective measures and the content of the operating mode (see Chapter 5, Chapter 5 of the.2015 edition); --- Adjust the classification into physical security, communication network, regional boundaries, content publishing and data security, computing environment, security management center, management management systems, governing bodies, personnel and training, development and delivery, operation and maintenance, evaluation inspections, password management, system logout (see Section 6 Chapters and Chapters 7, Chapters 6 and 7 of the.2015 Edition); --- Improve the content of specific safety protection measures in each classification (see Chapters 6 and 7, Chapters 6 and 7 of the.2015 edition); --- Deleted Appendix A (normative appendix) advanced security technical measures (Appendix A of the.2015 edition). Please note that some content of this document may be patented. The issuing authority of this document assumes no responsibility for identifying these patents. This document is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260). This document is drafted by. Beijing Information Security Evaluation Center, CLP Data Service Co., Ltd., Capital Window Operation Management Center, CLP Chief Intercity Internet System Application Co., Ltd., Heilongjiang Cyberspace Research Center, Beijing Urban and Rural Economic Information Center, Hangzhou Anheng Information Technology Co., Ltd., Beijing Tianrongxin Network Security Technology Co., Ltd., Guilin University of Electronic Science and Technology, Hubei Institute of Standardization and Quality, Shaanxi Western Information Engineering Research Institute, H3C Technology Co., Ltd., Shenzhen Kaiyuan Internet Security Technology Co., Ltd., Wuhan Wangan Education Technology Co., Ltd. Co., Ltd., National Application Software Product Quality Inspection and Testing Center, Beijing Shenzhou Lvmeng Technology Co., Ltd., Beijing Digital Certification Co., Ltd. Company, National Industrial Information Security Development Research Center, Beijing Beixinyuan Software Co., Ltd., National Computer Network Emergency Technology Handling Coordination Center, Yuanjiang Shengbang (Beijing) Network Security Technology Co., Ltd., Hengan Jiaxin (Beijing) Technology Co., Ltd., Valley Network Security Technology Co., Ltd., Shanghai Information Security Evaluation and Certification Center, Shaanxi Network and Information Security Evaluation Center, Jiangsu Electronic Information Products Quality Supervision and Inspection Institute (Jiangsu Information Security Evaluation Center), Institute of Information Engineering, Chinese Academy of Sciences, Sichuan Information Security Evaluation Center Xin, Beijing Knows Chuangyu Information Technology Co., Ltd., and Shanghai Guanan Information Technology Co., Ltd. The main drafters of this document. Liu Haifeng, Li Yuan, Zhao Zhangjie, Zuo Xiaodong, Li Chenyang, Min Jinghua, Zhou Yachao, Gao Lei, Shu Min, Li Xun, Lu Yanhui, Zhang Fasheng, Yu Xiaoyan, Ma Yao, He Hai, Lin Mingfeng, Ding Yong, Gu Xin, Wang Kun, Yang Hongqi, Pan Zhengtai, Li Zhenyu, Cha Wenjing, Wang Jie, Suga Zhigang, Wang Caihong, Liu Xing'an, Fu Dapeng, Tian Lidan, Liu Weihua, Zuo Hongqiang, Zheng Ming, Sun Ke, Yu Zhongchen, Jiang Huan, Wan Xiaolan, Liu Zhong, Wang Wenlei, Liu Yuling, Zhang Tengbiao, Yang Jing, Wang Danchen, Xu Tonghai, Xie Jiang, Yao Jinlong, An Gaofeng, Yang Bo, Li Huiying, Jiang Zhengwei, Wan Yaodong, Xu Chunlei. The previous versions of this document and its superseded documents are as follows. ---First released in.2015 as GB/T 31506-2015; ---This is the first revision. Information Security Technology Government Affairs Website System Security Guide1 ScopeThis document gives the security technical measures and security management measures that can be taken when implementing security protection for the government website system. This document is suitable for guiding government departments to carry out security protection of website systems, and can also be used as a safety supervision for government website systems. A reference when managing and evaluating inspections.2 Normative referencesThe contents of the following documents constitute essential provisions of this document through normative references in the text. Among them, dated citations documents, only the version corresponding to that date applies to this document; for undated references, the latest edition (including all amendments) applies to this document. GB/T 8566-2007 Information Technology Software Life Cycle Process GB/T 25069 Information Security Technical Terminology GB/T 30998-2014 Information Technology Software Security Assurance Specification GB/T 31168 Information Security Technology Cloud Computing Service Security Capability Requirements GB/T 32925-2016 Basic requirements for security management of government networked computer terminals for information security technology GB/T 33562-2017 Implementation Guide for Information Security Technology Security Domain Name System GB/T 35273-2020 Information Security Technology Personal Information Security Specification GB/T 36637-2018 Information Security Technology ICT Supply Chain Security Risk Management Guidelines GB/T 37002-2018 Information Security Technology Email System Security Technical Requirements GB/T 37729-2019 Information Technology Intelligent Mobile Terminal Application Software (APP) Technical Requirements GB/T 38249-2019 Information Security Technology Government Website Cloud Computing Service Security Guidelines GB/T 38645-2020 Information Security Technology Network Security Incident Emergency Drill Guide GB/T 39477-2020 Information Security Technology Government Information Sharing Data Security Technical Requirements GB/T 39786-2021 Basic requirements for cryptographic applications of information security technology information systems GB 50174-2017 Data Center Design Specification3 Terms and DefinitionsThe terms and definitions defined in GB/T 25069 and the following apply to this document. 3.1 The website application system established by the government affairs department to release government affairs information, provide online services, and carry out interactive exchanges, etc. and support its operation It is an information system composed of physical environment, network environment, software and hardware, and information generated and released. 3.2 A collection of cloud infrastructure and service software provided by cloud service providers. [Source. GB/T 31167-2014, 3.7]4 AbbreviationsThe following abbreviations apply to this document. ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 31506-2022_English be delivered?Answer: Upon your order, we will start to translate GB/T 31506-2022_English as soon as possible, and keep you informed of the progress. The lead time is typically 3 ~ 5 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GB/T 31506-2022_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 31506-2022_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.Question 5: Should I purchase the latest version GB/T 31506-2022?Answer: Yes. Unless special scenarios such as technical constraints or academic study, you should always prioritize to purchase the latest version GB/T 31506-2022 even if the enforcement date is in future. Complying with the latest version means that, by default, it also complies with all the earlier versions, technically. |
