GB/T 36950-2018 English PDFUS$599.00 ยท In stock
Delivery: <= 5 days. True-PDF full-copy in English will be manually translated and delivered via email. GB/T 36950-2018: Information security technology -- Security technical requirements of smart card (EAL4+) Status: Valid
Basic dataStandard ID: GB/T 36950-2018 (GB/T36950-2018)Description (Translated English): Information security technology -- Security technical requirements of smart card (EAL4+) Sector / Industry: National Standard (Recommended) Classification of Chinese Standard: L80 Classification of International Standard: 35.040 Word Count Estimation: 30,375 Date of Issue: 2018-12-28 Date of Implementation: 2019-07-01 Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration GB/T 36950-2018: Information security technology -- Security technical requirements of smart card (EAL4+)---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. Information security technology--Security technical requirements of smart card (EAL4 ) ICS 35.040 L80 National Standards of People's Republic of China Information security technology Smart Card Security Technical Requirements (EAL4) Securitytechnicalrequirementsofsmartcard(EAL4 ) Published on.2018-12-28 2019-07-01 implementation State market supervision and administration China National Standardization Administration issued ContentForeword III Introduction IV 1 Scope 1 2 Normative references 1 3 Terms and Definitions 1 4 Abbreviations 1 5 Smart Card Description 2 5.1 Overall structure 2 5.2 Password Algorithm 2 5.3 Environment 2 6 Security Issue Definition 2 6.1 Overview 2 6.2 Asset 3 6.3 Threat 4 6.4 Organizational Security Policy 6 6.5 Hypothesis 7 7 Security Objective 7 7.1 Smart Card Security Purpose 7 7.2 Environmental Safety Objectives 8 8 Safety requirements 9 8.1 Security Function Requirements 9 8.2 Security Requirements 11 9 Basic principles 19 9.1 Basic principles of security objectives 19 9.2 Basic Principles of Safety Requirements 22 Reference 24ForewordThis standard was drafted in accordance with the rules given in GB/T 1.1-2009. Please note that some of the contents of this document may involve patents. The issuing organization of this document is not responsible for identifying these patents. This standard is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260). This standard was drafted. IC Card Application Service Center of Ministry of Housing and Urban-Rural Development, Sino-foreign Construction Information Co., Ltd., Shenzhen Hang Shunde Cheng Technology Co., Ltd., Shenzhen Huaxu Technology Development Co., Ltd., Shenzhen Deka Technology Co., Ltd., information industry information security testing Evaluation Center, Shanghai Huahong Integrated Circuit Co., Ltd., NXP (China) Management Co., Ltd., Infineon Integrated Circuit (Beijing) Co., Ltd. Division, Shanghai Fudan Microelectronics Group Co., Ltd., China Banknote Credit Card Industry Development Co., Ltd., Hengbao Co., Ltd., G&D (China) Information Technology Co., Ltd., Beijing Yispeed Code Data Processing Co., Ltd., Shanghai Pujiang Smart Card System Co., Ltd., Eastcom Peace Technology Co., Ltd., Zhongshan Dahua Intelligent Technology Co., Ltd., Shandong Huaguan Smart Card Co., Ltd., Tianjin Global Magnetic Card Co., Ltd. Division, Fujian Suotian Information Technology Co., Ltd., Beijing Zhixin Microelectronics Technology Co., Ltd., Weishitong Information Industry Co., Ltd., Fu State Digital Video Smart Card Co., Ltd., Jiangxi Hongcheng One Card Investment Co., Ltd. The main drafters of this standard. Huo Shanshan, Zhang Yonggang, Liu Jian, Dong Jingjing, Shang Zhiyu, Wang Guanhua, Chen Chaohua, Yin Jun, Yang Jingyuan, Chen Yong, Wang Xiaoyu, Wang Baozhen, Liang Shaofeng, Fang Shuping, Ding Xiaoming, Chang Jiang, Huang Xianming, Li Yue, Duan Hongyang, Huang Xiaopeng, Yan Yahua, Liu Zhenduo, Ji Hongyi, Jiang Bin, Fu Qingqin, Wang Huibo, Chen Weiming, Tan Suyun.IntroductionAs the application range of smart cards continues to expand, the complexity of the application environment is also increasing, which in turn requires smart cards to be more secure. Protection ability. The EAL4 of this standard is to enhance AVA_VAN.3 to AVA_VAN.4 based on EAL4. Information security technology Smart Card Security Technical Requirements (EAL4)1 ScopeThis standard specifies the technical requirements for smart card security, including smart card description, security problem definition, security purpose, security requirements and basic principles. Technical requirements. This standard applies to the testing and evaluation of smart card products, and can also be used for the research and development of such products.2 Normative referencesThe following documents are indispensable for the application of this document. For dated references, only dated versions apply to this article. Pieces. For undated references, the latest edition (including all amendments) applies to this document. GB/T 18336.1-2015 Information technology security technology - Information technology - Safety assessment criteria - Part 1. Profile and general model GB/T 18336.2-2015 Information technology security technology - Information technology - Safety assessment criteria - Part 2 GB/T 18336.3-2015 Information technology security technology - Information technology - Safety assessment criteria - Part 3. Security components GB/T 22186-2016 Information security technology IC card chip security technical requirements with central processing unit3 Terms and definitionsThe terms and definitions defined in GB/T 18336.1-2015 apply to this document. 3.1 Integrated circuit A certain process is used to interconnect resistors, capacitors, and transistors for electronic components that perform arithmetic processing or storage functions. 3.2 Smart card smartcard An integrated circuit card with a central processing unit. Note. From the data transmission method can be divided into contact smart card and contactless smart card.4 AbbreviationsThe following abbreviations apply to this document. APDU. Application Protocol Data Unit (ApplicationProtocolDataUnit) COS. Chip Operating System (ChipOperatingSystem) EAL. Evaluation AssuranceLevel IC. Integrated Circuit (Integrated Circuit) TOE. Evaluation object (TargetofEvaluation) TSF. Evaluation Object Security Function (TOESecurityFunction) USB. Universal Serial Bus (UniversalSerialBus) ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 36950-2018_English be delivered?Answer: Upon your order, we will start to translate GB/T 36950-2018_English as soon as possible, and keep you informed of the progress. The lead time is typically 3 ~ 5 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GB/T 36950-2018_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 36950-2018_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
