GB/T 38249-2019 English PDFUS$359.00 ยท In stock
Delivery: <= 4 days. True-PDF full-copy in English will be manually translated and delivered via email. GB/T 38249-2019: Information security technology - Security guide of cloud computing services for government website Status: Valid
Basic dataStandard ID: GB/T 38249-2019 (GB/T38249-2019)Description (Translated English): Information security technology - Security guide of cloud computing services for government website Sector / Industry: National Standard (Recommended) Classification of Chinese Standard: L80 Classification of International Standard: 35.040 Word Count Estimation: 18,163 Date of Issue: 2019-10-18 Date of Implementation: 2020-05-01 Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration GB/T 38249-2019: Information security technology - Security guide of cloud computing services for government website---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. Information security technology--Security guide of cloud computing services for government website ICS 35.040 L80 National Standards of People's Republic of China Information security technology Government Website Cloud Computing Service Security Guide Published on.2019-10-18 2020-05-01 implementation State market supervision and administration China National Standardization Administration issued ContentForeword III Introduction IV 1 Scope 1 2 Normative references 1 3 Terms and Definitions 1 4 Overview 1 4.1 Security Role 1 4.2 Cloud Computing Service Lifecycle 2 5 Planning Preparation 2 5.1 Overview 2 5.2 Security Responsibilities 3 5.3 Demand Analysis 3 5.4 Service provider selection 5 5.5 Contract Signing 5 5.6 Cloud Migration Solution 6 6 Deployment Migration 6 6.1 Overview 6 6.2 Security Responsibilities 6 6.3 Cloud Migration Implementation 7 6.4 Cloud Migration Delivery 8 7 Operation Management 9 7.1 Overview 9 7.2 Security Responsibilities 9 7.3 Security 10 7.4 Safety Monitoring 10 7.5 Emergency response 10 7.6 Evaluation Improvement 11 8 service exit 11 8.1 Overview 11 8.2 Security responsibilities 11 8.3 Service Exit Security 12 Reference 13ForewordThis standard was drafted in accordance with the rules given in GB/T 1.1-2009. Please note that some of the contents of this document may involve patents. The issuing organization of this document is not responsible for identifying these patents. This standard is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260). This standard was drafted. Xi'an Future International Information Co., Ltd., Alibaba Cloud Computing Co., Ltd., China Electronic Technology Standardization Research Research Institute, Sichuan University, Beijing Information Security Evaluation Center, National Information Technology Security Research Center, Huawei Technologies Co., Ltd., Hangzhou Anhengxin Technology Co., Ltd., Beijing Anxin Tianxing Technology Co., Ltd., Beijing Jingdong Shangke Information Technology Co., Ltd., Shenxin Service Technology Co., Ltd. Company, Beijing Times Vision Information Technology Research Institute, China Telecom Group Co., Ltd., Capital Window, Fiberhome Technology Group Co., Ltd., Hangzhou Dip Technology Co., Ltd., Guangzhou Saibao Certification Center Service Co., Ltd., Northwest University. The main drafters of this standard. Liu Xianang, Chen Xingyu, Ye Runguo, Wang Wei, Shi Chenxi, Liu Junhe, Bai Feng, Zhang Lei, Zhang Hui, Shi Hui, Shen Xiyu, Chen Xuexiu, Zhao Zhangjie, Qi Tao, Zhou Jun, Zhong Jinxin, Li Yuan, He Ming, Liu Guowei, Jiang Zhou, Sun Wei, Lu Yi, Zhang Yue, Wang Tao, Li Ruitao, Huang Shaoqing, Xu Yuna, Pang Siming, Qi Yujie, Jia Siqi, Zhou Liyong, Shang Tao, Zhao Shaomin.IntroductionIn the context of vigorously promoting government websites to choose cloud services, cloud computing has received widespread attention. In the cloud computing service model, in most While traditional information security issues still exist, there are also some new security risks. GB/T 31167 proposes the basic requirements for security management of cloud computing services by government departments, and the life cycle of cloud computing services. Phase safety management and technical requirements. This standard gives the government website the security responsibility of adopting various participating roles in the cloud computing service, and refines the cloud service provider and cloud service. The agent's security responsibilities can be used to guide the construction of website security for government agencies that use cloud computing services. Information security technology Government Website Cloud Computing Service Security Guide1 ScopeThis standard gives the government website the process of adopting cloud computing services, in the stages of planning preparation, deployment migration, operation management, and service exit. Safety technical measures and safety management measures. This standard is applicable to the construction and operation guidance for government websites that use cloud computing services, especially socialized cloud computing services.2 Normative referencesThe following documents are indispensable for the application of this document. For dated references, only dated versions apply to this article. Pieces. For undated references, the latest edition (including all amendments) applies to this document. GB/T 25069 Information Security Technology Terminology GB/T 31167 Information Security Technology Cloud Computing Service Security Guide GB/T 31168 Information Security Technology Cloud Computing Service Security Capability Requirements GB/T 31506-2015 Information Security Technology Government Portal Website System Security Technical Guide3 Terms and definitionsThe following terms and definitions as defined in GB/T 25069 and GB/T 31167 apply to this document. 3.1 Cloud service agent cloudserviceagent Responsible for supporting or facilitating negotiations between cloud service customers and other cloud service providers. Note. including website developers, system integrators, security service providers, etc. 3.2 Government website governmentwebsite A website established by government agencies to publish government information, provide online services, and conduct interactive exchanges. Note. Includes pages that provide users with presentation and interaction features, applications that generate and process pages, middleware, and more.4 Overview4.1 Security role The process of cloud service customers purchasing and using cloud computing services, the main roles and relationships of participation are shown in Figure 1. ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 38249-2019_English be delivered?Answer: Upon your order, we will start to translate GB/T 38249-2019_English as soon as possible, and keep you informed of the progress. The lead time is typically 2 ~ 4 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GB/T 38249-2019_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 38249-2019_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
