Powered by Google www.ChineseStandard.net Database: 189760 (25 May 2024)

GB/T 20273-2006 PDF in English


GB/T 20273-2006 (GB/T20273-2006, GBT 20273-2006, GBT20273-2006)
Standard IDContents [version]USDSTEP2[PDF] delivered inName of Chinese StandardStatus
GB/T 20273-2006English150 Add to Cart 0-9 seconds. Auto-delivery. Information security technology -- Security techniques requirement for database management system Obsolete


Standards related to: GB/T 20273-2006

GB/T 20273-2006: PDF in English (GBT 20273-2006)

GB/T 20273-2006
GB
NATIONAL STANDARD OF THE
PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
Information Security Technology –
Security Techniques Requirement for Database
Management System
ISSUED ON. MAY 31, 2006
IMPLEMENTED ON. DECEMBER 1, 2006
Issued by. General Administration of Quality Supervision, Inspection
and Quarantine of the People’s Republic of China;
Standardization Administration of the People's Republic of
China.
Table of Contents
Foreword ... 4 
Introduction ... 5 
1 Scope ... 7 
2 Normative References ... 7 
3 Terms, Definitions and Abbreviations ... 7 
3.1 Terms and Definitions ... 7 
3.2 Abbreviations ... 10 
4 Basic Requirements for Security Function of Database Management System ... 10 
4.1 Identity Authentication ... 10 
4.1.1 User Identification ... 10 
4.1.2 User Authentication ... 10 
4.2 Discretionary Access Control ... 11 
4.2.1 Access Operation ... 11 
4.2.2 Access Rule ... 12 
4.2.3 Authorization Propagation Restriction ... 12 
4.3 Label ... 12 
4.3.1 Subject Label ... 12 
4.3.2 Object Label ... 12 
4.4 Mandatory Access Control ... 12 
4.4.1 Security Policy of Access Control ... 12 
4.4.2 Granularity and Characteristic of Access Control ... 13 
4.5 Data Flow Control ... 14 
4.6 Security Audit ... 14 
4.7 User Data Integrity ... 14 
4.7.1 Body Integrity and Reference Integrity ... 14 
4.7.2 User Defined Integrity ... 14 
4.7.3 Integrity of Data Manipulation ... 15 
4.8 User Data Confidentiality ... 15 
4.8.1 Stored Data Confidentiality ... 15 
4.8.2 Transported Data Confidentiality ... 15 
4.8.3 Object Reuse ... 15 
4.9 Trusted Path ... 16 
4.10 Inference Control ... 16 
5 Graded Requirements for Security Technology of Database Management System ... 16 
5.1 Grade 1. the User's Discretionary Protection Grade ... 16 
5.1.1 Security Function ... 16 
5.1.2 SSODB Self-security Protection ... 18 
5.1.3 SSODB Design and Realization ... 19 
5.1.4 SSODB Security Management ... 21 
5.2 Grade 2. System Audit Protection Grade ... 22 
5.2.1 Security Function ... 22 
5.2.2 SSODB Self-security Protection ... 24 
5.2.3 SSODB Design and Realization ... 26 
5.2.4 SSODB Security Management ... 30 
5.3 Grade 3. Security Label Protection Grade ... 31 
5.3.1 Security function ... 31 
5.3.2 SSODB Self-security Protection ... 34 
5.3.3 SSODB Design and Realization ... 37 
5.3.4 SSODB Security Management ... 43 
5.4 Grade 4. Structured Protection Grade ... 43 
5.4.1 Security Function ... 43 
5.4.2 SSODB Self-security Protection ... 47 
5.4.3 SSODB Design and Realization ... 50 
5.4.4 SSODB Security Management Requirements ... 56 
5.5 Grade 5. Access Verification Protection Grade ... 56 
5.5.1 Security Function ... 56 
5.5.2 SSODB Self-security Protection ... 60 
5.5.3 SSODB Design and Realization ... 63 
5.5.4 SSODB Security Management ... 69 
Appendix A (Informative) Explanation of Standard Concept ... 70 
A.1 Composition and Inter-relationship ... 70 
A.2 Special Requirements for Security of Database Management System ... 71 
A.3 User Management of Database Management System ... 71 
A.4 Security of Database Management System ... 72 
A.5 Classification of Security Protection Grade of Database Management System
 ... 72 
A.6 About the Subject and Object of Database Management System ... 72 
A.7 About SSODB, SSF, SSP, SFP and their Inter-relationship ... 73 
A.8 About Inference Control ... 73 
A.9 About Encryption Technology and Database Encryption ... 75 
Bibliography ... 76 
Foreword
Appendix A of this Standard is informative.
This Standard was proposed by and shall be under the jurisdiction of the National
Technical Committee on Information Security of Standardization Administration of
China.
Drafting organizations of this Standard. Beijing Siyuan Xinchuang Information Security
Information Co. Ltd. AND Technical Service Center of Jiangnan Computing
Technology Institute.
Chief drafting staffs of this Standard. Ji Zengrui, Wang Zhiqiang, Chen Guanzhi, Lu Ye,
Sun Wei, Jing Qianyuan and Song Jianping.
Introduction
This Standard is used to guide designer how to design and realize database
management system with required security protection grade. It mainly explains the
security technique measures which shall be taken for the database management
system to realize the security requirements for each protection grade in GB
17859-1999, and the specific realization differences of each security technique
requirement at different security protection grades.
Database management system is an important part of information system and is
especially essential for data server storin...
......
 
Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.