GB/T 39575-2020 English PDFUS$229.00 · In stock
Delivery: <= 3 days. True-PDF full-copy in English will be manually translated and delivered via email. GB/T 39575-2020: Technical requirements for security capability of mobile terminal with syncretic function Status: Valid
Basic dataStandard ID: GB/T 39575-2020 (GB/T39575-2020)Description (Translated English): Technical requirements for security capability of mobile terminal with syncretic function Sector / Industry: National Standard (Recommended) Classification of Chinese Standard: M30 Classification of International Standard: 33.050 Word Count Estimation: 12,123 Date of Issue: 2020-12-14 Date of Implementation: 2021-07-01 Quoted Standard: YD/T 3082-2016; YD/T 3228-2017 Regulation (derived from): National Standard Announcement No. 28 of 2020 Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration Summary: This standard specifies the technical requirements for the security capabilities of mobile terminals with integrated functions, including hardware security capabilities, operating system security capabilities, application software security capabilities, communication connection security capabilities, and personal information security protection capabilities. This standard applies to mobile terminals with fusion functions of various standards, and other terminals can also be used as a reference. GB/T 39575-2020: Technical requirements for security capability of mobile terminal with syncretic function---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. Technical requirements for security capabilities of mobile terminals with fusion functions) ICS 33:050 M30 National Standards of People's Republic of China Mobile terminal security capabilities with fusion functions skills requirement 2020-12-14 release 2021-07-01 implementation State Administration for Market Regulation Issued by the National Standardization Management Committee Table of contentsPreface Ⅲ Introduction Ⅳ 1 Scope 1 2 Normative references 1 3 Terms and definitions, abbreviations 1 3:1 Terms and definitions 1 3:2 Abbreviations 1 4 Mobile terminal security architecture with fusion function 2 4:1 Overview of Security Architecture 2 4:2 Hardware safety goal 2 4:3 Operating system security goals 2 4:4 Application software security goals 2 4:5 Communication connection security goal 2 4:6 Personal Information Security Objective 2 5 Security technical requirements for mobile terminals with fusion functions 3 5:1 Hardware Security 3 5:1:1 Unique ID 3 5:1:2 Design safety 3 5:1:3 Preventing physical attacks 3 5:2 Operating system and application software security 3 5:2:1 Secure Boot 3 5:2:2 Integrity Check 3 5:2:3 Terminal access authentication 3 5:2:4 Identification and identification 3 5:2:5 Access Control 3 5:2:6 Access Control 4 5:2:7 Security domain isolation 4 5:2:8 Log Audit 4 5:2:9 System Security 4 5:2:10 Upgrade update 4 5:2:11 Software Security 4 5:3 Communication connection security 5 5:3:1 Network access security 5 5:3:2 Peripheral interface security 5 5:3:3 Data transmission integrity 5 5:3:4 Data transmission confidentiality 5 5:3:5 Data transmission robustness 5 5:4 Personal Information Security 5 5:4:1 Collection of personal information 5 5:4:2 Personal information storage 5 5:4:3 Personal information processing 6 5:4:4 Transfer of personal information 6 5:4:5 Deletion of personal information 6 Reference 7ForewordThis standard was drafted in accordance with the rules given in GB/T 1:1-2009: Please note that certain contents of this document may involve patents: The issuing agency of this document is not responsible for identifying these patents: This standard was proposed by the Ministry of Industry and Information Technology of the People's Republic of China: This standard is under the jurisdiction of the National Communication Standardization Technical Committee (SAC/TC485): Drafting organizations of this standard: China Academy of Information and Communications Technology, Qualcomm Wireless Communication Technology (China) Co:, Ltd:, Zhenzhen Zebra Technology Trade (Shanghai) Co:, Ltd:, Lenovo Mobile Communication Technology Co:, Ltd: The main drafters of this standard: Yao Yinan, Chen Wanying, Dong Ji, Zhai Shijun, Wang Yuxiao, Wang Jiayi, Du Zhimin, Weng Yuan, Li Xin:IntroductionWith the rapid development of the mobile Internet, traditional smart terminal phones, tablet computers, etc:, cannot fully meet the needs of users: Therefore, there are many mobile terminals with integrated functions such as vehicle-mounted smart terminals, wearable smart terminals, smart homes, etc: User is sharing However, it also faces many security risks when it is affected by the rich and colorful functions brought by mobile terminals with integrated functions: In recent years, The frequent occurrence of security incidents such as malicious fees and privacy leaks on functional mobile terminals has greatly affected the use of users and restricted its development: The reason is that fusion functions are gradually increasing, but the terminal design itself does not have too many security considerations, especially for data communication transmission: Appropriate security protection has caused security issues such as personal information leakage and tariff loss: Therefore, it is necessary to The hardware, operating system, peripheral interface, application software and personal information protection of the terminal put forward a set of security technical requirements: The formulation of this standard aims to standardize the security technical requirements of mobile terminals with integrated functions, improve their security protection capabilities, and thereby prevent All kinds of security threats on the terminal, to prevent users' interests from being harmed: Mobile terminal security capabilities with fusion functions skills requirement1 ScopeThis standard specifies the technical requirements for the security capabilities of mobile terminals with fusion functions, including hardware security capabilities and operating system security capabilities: Technical requirements for power, application software security capabilities, communication connection security capabilities, and personal information security protection capabilities: This standard applies to mobile terminals with integrated functions of various standards, and other terminals can also be used as a reference:2 Normative referencesThe following documents are indispensable for the application of this document: For dated reference documents, only the dated version applies to this article Pieces: For undated references, the latest version (including all amendments) applies to this document: YD/T 3082-2016 Technical requirements for personal information protection on mobile smart terminals YD/T 3228-2017 Mobile Application Software Security Evaluation Method 3 Terms and definitions, abbreviations 3:1 Terms and definitions The following terms and definitions apply to this document: 3:1:1 Mobile terminal with syncretic function It can collect and process information of people or things, have cellular network and Internet network access functions, support voice or data communication, and have Terminal equipment with integrated functions: 3:1:2 Syncreticfunction Based on terminal hardware and software resources and capabilities, non-communication industry functions other than voice and data communications carried on the terminal (for example: Digital TV broadcasting, vehicle control, code scanning, human body information collection, etc:): 3:1:3 Desensitization The original data is processed through obfuscation and other methods to achieve data protection that shields sensitive data and irreversibly recovers the shielded data the way: 3:1:4 PersonalInformation It can be processed by the information system, related to a specific natural person, and capable of identifying the specific natural person alone or in combination with other information: Computer data: 3:2 Abbreviations The following abbreviations apply to this document: ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 39575-2020_English be delivered?Answer: Upon your order, we will start to translate GB/T 39575-2020_English as soon as possible, and keep you informed of the progress. The lead time is typically 1 ~ 3 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GB/T 39575-2020_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 39575-2020_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
