Home Cart Quotation About-Us
www.ChineseStandard.net
SEARCH

GB/T 42589-2023 English PDF

US$689.00 ยท In stock
Delivery: <= 6 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 42589-2023: Information security technology - Specification for electronic credential service security
Status: Valid
Standard IDUSDBUY PDFLead-DaysStandard Title (Description)Status
GB/T 42589-2023689 Add to Cart 6 days Information security technology - Specification for electronic credential service security Valid

Similar standards

GB/T 42453   GB/T 42447   GB/T 42460   GB/T 42583   GB/T 42582   

Basic data

Standard ID: GB/T 42589-2023 (GB/T42589-2023)
Description (Translated English): Information security technology - Specification for electronic credential service security
Sector / Industry: National Standard (Recommended)
Classification of Chinese Standard: L80
Classification of International Standard: 35.030
Word Count Estimation: 36,397
Date of Issue: 2023-05-23
Date of Implementation: 2023-12-01
Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration

GB/T 42589-2023: Information security technology - Specification for electronic credential service security


---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
ICS35:030 CCSL80 National Standards of People's Republic of China Information Security Technology Electronic Credential Service Security Specification service security Released on 2023-05-23 2023-12-01 implementation State Administration for Market Regulation Released by the National Standardization Management Committee

table of contents

Preface III 1 Scope 1 2 Normative references 1 3 Terms and Definitions 1 4 Abbreviations 3 5 Overview 3 5:1 Service Framework 3 5:2 Basic Security Services 4 6 Safety technical requirements 5 6:1 General requirements 5 6:2 External Service Security Requirements 7 6:3 Internal Service Security Requirements 9 7 Safety management requirements 9 7:1 Management control requirements 9 7:2 Network Access Management Requirements 10 7:3 Personnel Registration and Management System Requirements 10 7:4 Disaster backup and emergency plan system requirements 10 7:5 Safety management education and training system requirements 10 8 Security Evaluation 11 8:1 Evaluation object 11 8:2 Evaluation method 11 8:3 Evaluation process 21 8:4 Evaluation Conclusion 21 Appendix A (informative) Example of typical electronic credential business process, password/on-line on-demand service process and evaluation record form 22 Reference 28

foreword

This document is in accordance with the provisions of GB/T 1:1-2020 "Guidelines for Standardization Work Part 1: Structure and Drafting Rules for Standardization Documents" drafting: Please note that some contents of this document may refer to patents: The issuing agency of this document assumes no responsibility for identifying patents: This document is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260): This document was drafted by: Xidian University, Institute of Information Engineering, Chinese Academy of Sciences, Aerospace Information Corporation, Beijing Lisichen New Technology Co:, Ltd:, China Electronics Standardization Institute, Shanghai Jiaotong University, Elephant Huiyun Information Technology Co:, Ltd:, Guoxin Electronic Bill Platform Information Service Co:, Ltd:, Beijing Haitai Fangyuan Technology Co:, Ltd: The main drafters of this document: Li Hui, Li Fenghua, Zhao Xingwen, Wang Zhu, Li Shaowei, Hou Haibo, Wang Huili, Qiu Weidong, Zhu Yanchao, Yue Qiang, Geng Kui, Zhou Shuguang, Zhu Hui, Fang Liang, Luo Yurong, Jia Baogang, Cao Jin, Kou Wenlong, Song Qipeng: Information Security Technology Electronic Credential Service Security Specification

1 Scope

This document specifies the security requirements and evaluation of services such as electronic credential issuance, issuance, delivery, storage, approval, inspection, and status management: method: This document is applicable to the design, deployment, provision and evaluation of electronic credential services, and can also provide reference for the supervision of electronic credential services:

2 Normative references

The contents of the following documents constitute the essential provisions of this document through normative references in the text: Among them, dated references For documents, only the version corresponding to the date is applicable to this document; for undated reference documents, the latest version (including all amendments) is applicable to this document: GB/T 22239-2019 Basic Requirements for Network Security Level Protection of Information Security Technology GB/T 25069-2022 Information Security Technical Terminology GB/T 28449-2018 Information Security Technology Network Security Classified Protection Evaluation Process Guide GB/T 32924-2016 Information Security Technology Network Security Early Warning Guidelines GB/T 35273-2020 Personal Information Security Specifications for Information Security Technology GB/T 36635-2018 Basic Requirements and Implementation Guidelines for Network Security Monitoring of Information Security Technology GB/T 37092-2018 Security requirements for cryptographic modules of information security technology GM/T 0031-2014 Technical Specifications for Secure Electronic Signature Password

3 Terms and Definitions

The following terms and definitions defined in GB/T 25069-2022 apply to this document: 3:1 electronic credential electroniccredential Electronic data records that record activities such as economic transactions: Examples: Electronic invoices, passenger tickets, financial settlement notes for public institutions, administrative fee receipts, bank receipts, etc: 3:2 Business processes related to electronic credentials provided by service recipients: Note: Electronic credential services include issuance, issuance, delivery, inspection, status management, etc: 3:3 Entity entity Any concrete or abstract thing that exists or may exist, including the relationship between these things: Examples: person, object, event, idea, process: NOTE: The existence of an entity is independent of the availability of data related to it: [Source: GB/T 5271:17-2010,17:02:05] ......
Image     

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 42589-2023_English be delivered?

Answer: Upon your order, we will start to translate GB/T 42589-2023_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 6 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 42589-2023_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 42589-2023_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.