Home Cart Quotation About-Us
www.ChineseStandard.net
SEARCH

GB/T 35279-2017 English PDF

Q: How long will the true-PDF of English version of GB/T 35279-2017 be delivered?

Upon your order, we will start to translate GB/T 35279-2017_English as soon as possible, and keep you informed of the progress. The lead time is typically 2 ~ 4 working days. The lengthier the document the longer the lead time.

Q: Can I share the purchased PDF of GB/T 35279-2017_English with my colleagues?

Yes. The purchased PDF of GB/T 35279-2017_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Q: Does the price include tax/VAT?

Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries). Avoidance of Double Taxation Agreements (DTAs) between Singapore and 100+ Countries: https://www.iras.gov.sg/taxes/international-tax

Q: Do you accept my currency other than USD?

Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.

US$439.00 · In stock
Delivery: <= 4 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 35279-2017: Information security technology -- Security reference architecture of cloud computing
Status: Valid

Standard ID	USD	BUY PDF	Lead-Days	Standard Title (Description)	Status
GB/T 35279-2017	439	Add to Cart	4 days	Information security technology -- Security reference architecture of cloud computing	Valid

Similar standards

GB/T 34953.4 GB/T 35273 GB/T 34953.2 GB/T 35282 GB/T 35274

Basic data

Standard ID: GB/T 35279-2017 (GB/T35279-2017)
Description (Translated English): Information security technology -- Security reference architecture of cloud computing
Sector / Industry: National Standard (Recommended)
Classification of Chinese Standard: L80
Classification of International Standard: 35.040
Word Count Estimation: 22,248
Date of Issue: 2017-12-29
Date of Implementation: 2018-07-01
Regulation (derived from): National Standards Bulletin 2017 No. 32
Issuing agency(ies): General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China

GB/T 35279-2017: Information security technology -- Security reference architecture of cloud computing

---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology - Security reference architecture of cloud computing ICS 35.040 L80 National Standards of People's Republic of China Information Security Technology Cloud Computing Security Reference Architecture 2017-12-29 Posted 2018-07-01 implementation General Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China China National Standardization Administration released Directory Preface Ⅰ Introduction Ⅱ 1 Scope 1 2 Normative references 1 3 Terms and definitions 1 4 Overview 2 4.1 Related concepts of cloud computing 2 4.2 The role of cloud computing to participate 2 4.3 Cloud Computing Security Challenges 2 4.4 Cloud computing security roles and responsibilities involved in the role 3 4.4.1 service mode and control range 3 4.4.2 Cloud Service Client 3 4.4.3 Cloud service providers 4 4.4.4 Cloud Agents 4 4.4.5 Cloud Auditor 5 4.4.6 Cloud Basic Network Operator 5 5 Cloud Computing Security Reference Architecture 5 5.1 Overview 5 5.2 Cloud Service Customer 7 5.2.1 Security Cloud Service Management 7 5.2.2 Security Cloud Service Collaboration 5.3 cloud service providers 9 5.3.1 Cloud Service Provider Framework Components and Subcomponents Overview 9 5.3.2 Security Cloud Service Collaboration 9 5.3.3 Secure Cloud Service Management 10 5.4 Cloud Agents 11 5.4.1 Overview 11 5.4.2 Technical Agents 12 5.4.3 Business agents 13 5.4.4 Security Cloud Service Collaboration 13 5.4.5 Security Service Aggregation 14 5.4.6 Secure Cloud Service Management 14 5.4.7 Security Service Intermediation 15 5.4.8 Security Services Arbitration 15 5.5 Cloud Auditor 16 5.6 Cloud Basic Network Operator 16 Appendix A (informative) cloud computing security risks 17

Foreword

This standard was drafted in accordance with the rules given in GB/T 1.1-2009. This standard by the National Information Security Standardization Technical Committee (SAC/TC260) and focal point. This standard was drafted. Peking University School of Software and Microelectronics, China Electronics Standardization Institute, Chinese Academy of Sciences Information Engineering State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Shaoguan University, Beijing Ding Pu Technology Co., Ltd., Beijing Times Granville Information Technology Co., Ltd., China Mobile Communications Corporation, Huawei Technologies Co., Ltd., China Telecom Co., Ltd. Beijing Research Institute, Chengdu University of Information Engineering, CICC Data System Co., Ltd., China UnionPay Co., Ltd., Ali Cloud Computing Co., Ltd. Tide (Beijing) Electronic Information Co., Ltd., State Cloud Technology Co., Ltd., Shanghai People Network Security Technology Co., Ltd., Neusoft shares Co., Ltd., Beijing Tian Rongxin Network Security Technology Co., Ltd., Xinhua three Technology Co., Ltd., Heilongjiang Province Electronic Information Products Supervision and Inspection Hospital, Baidu Online Network Technology (Beijing) Co., Ltd., Opzoon Technology Co., Ltd., China Information Security Research Institute Co., Ltd., China Information Security All Measurement and Evaluation Center, China Electronics Technology Group 30 Institute, Xi'an University of Electronic Science and Technology, Chongqing University of Posts and Telecommunications, Chengdu University of Electronic Science and Technology, West Future International Information Co., Ltd. The main drafters of this standard. Qing Sihan, Wang Hui-liu, Liu Xian Gang, Chen Chi, Xie Chaoyi, season system Kai, talk Jianfeng, Li Xueying, Wang Haiyang, Wang Xinjie, Chen Xuexiu, Yang Chen, Luo Fengying, Ma Wenping, Bo Hongtao, Ren Lanfang, Ge Xiaoyu, Tang Hongyu, Wan Guogen, Cui Ling, Yang Yang, Zhao Jiang, Cui Jin, Gong Yibin, Shi Xiangyu, Ark, Ma Jie, Wang Zhimin, Liu Dongmei, Du Jing, Wang Qiang, Zhou Qiming, Chen Xiaofeng, Tian Ling, Feng Chao, Lu Na, Wang Xizhong, Wen Weiping, Xu Fei, Zou Qi, Sun Song children, Li Yanbin, Huang Yonghong.

Introduction

Cloud computing is a service-oriented computing model, which abstracts various computing resources and provides new business models Performance, low cost of continuous computing, storage space and various software services, support for all types of information technology, can be a reasonable allocation of computing resources, to mention High computing resource utilization, reduce costs and promote energy-saving emission reduction, to achieve truly ideal green computing. Cloud computing brings many conveniences and advantages as well as multiple levels of impact and challenge to information security. Cloud computing service meter Computing model, dynamic virtualization management and multi-tier service model triggered a new information security issues; cloud service level agreement has Dynamic and multi-participatory characteristics of the responsibility identified and the existing information security system has brought a new impact; the strong calculation of cloud computing and storage When storage capacity is illegally used, it will have a huge impact on the existing safety management system. In a cloud service, information and business security involves all the cloud computing roles involved in the service. In order to clearly describe the cloud service In the security responsibilities of various participating roles, we need to build a cloud computing security reference architecture, put forward cloud computing roles, role security responsibilities, security work The components and the relationship between them. This standard applies to guide all cloud computing participants in the cloud computing system planning safety assessment and design. Information Security Technology Cloud Computing Security Reference Architecture

1 Scope

This standard specifies the cloud computing security reference architecture, describes the role of cloud computing, standardize the role of security responsibilities, security features components And its relationship. This standard applies to guide all cloud computing participants in the cloud computing system planning safety assessment and design.

2 Normative references

The following documents for the application of this document is essential. For dated references, only the dated version applies to this article Pieces. For undated references, the latest edition (including all amendments) applies to this document. Information technology - Security terminology Information Security Technology Cloud Computing Service Security Guide

3 Terms and definitions

GB/T 25069-2010 and GB/T 31167-2014 Terms and definitions apply to this document. For ease of use, below The terms and definitions in GB/T 31167-2014 are listed repeatedly. 3.1 Cloud computing cloudcomputing Access scalable and flexible physical or virtual resource pools over the network and self-service access and management of resource patterns as needed. Examples of resources include servers, operating systems, networks, software, applications, and storage devices. [GB/T 31167-2014, Definition 3.1] 3.2 Cloud service provider cloudserviceprovider Provider of cloud computing services. Note. Cloud service providers manage, operate and support cloud computing computing infrastructure and software and deliver cloud computing resources over the network. [GB/T 31167-2014, Definition 3.3] 3.3 Cloud service client cloudserviceconsumer Participants who use cloud computing services to establish business relationships with cloud providers. [GB/T 31167-2014, Definition 3.4] 3.4 Cloud computing environment cloudcomputingenvironment A cloud computing platform provided by a cloud service provider, and a collection of software and related components deployed by a customer on a cloud computing platform. [GB/T 31167-2014, Definition 3.8] 3.5 Cloud auditor cloudauditor It is generally an independent third party audit agency that is responsible for auditing the provision and use of cloud services to cover operations, performance and security. ......

Image

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 35279-2017_English be delivered?

Answer: Upon your order, we will start to translate GB/T 35279-2017_English as soon as possible, and keep you informed of the progress. The lead time is typically 2 ~ 4 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 35279-2017_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 35279-2017_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.