HOME   Cart(0)   Quotation   About-Us Tax PDFs Standard-List Powered by Google www.ChineseStandard.net Database: 189760 (11 Jan 2025)

GB/T 20274.1-2006 (GB/T 20274.1-2023 Newer Version) PDF English


Search result: GB/T 20274.1-2006 (GB/T 20274.1-2023 Newer Version)
Standard IDContents [version]USDSTEP2[PDF] delivered inName of Chinese StandardStatus
GB/T 20274.1-2023English185 Add to Cart 0-9 seconds. Auto-delivery. Information security technology -- Evaluation framework for information systems security assurance -- Part 1: Introduction and general model Valid
GB/T 20274.1-2006English145 Add to Cart 0-9 seconds. Auto-delivery. Information security technology -- Evaluation framework for information systems security assurance -- Part 1: Introduction and general model Obsolete
BUY with any currencies (Euro, JPY, GBP, KRW etc.): GB/T 20274.1-2023     Newer version: GB/T 20274.1-2023

PDF Preview: GB/T 20274.1-2023


PDF Preview: GB/T 20274.1-2006


GB/T 20274.1-2006: PDF in English (GBT 20274.1-2006)

GB/T 20274.1-2006 GB NATIONAL STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 Information Security Technology - Evaluation Framework for Information Systems Security Assurance - Part 1. Introduction and General Model ISSUED ON. MAY 31, 2006 IMPLEMENTED ON. DECEMBER 1, 2006 Issued by. General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China; Standardization Administration of the People's Republic of China. Table of Contents Foreword ... 5  Introduction ... 6  0.1    Meaning of Information Systems Security Assurance ... 6  0.2    Purpose  and  Significance  of  Compiling  Framework  for  Information  Systems  Security Assurance Evaluation ... 7  1 Scope ... 9  2 Normative References ... 9  3 Terms, Definitions and Abbreviations ... 10  3.1    Terms and Definitions ... 10  3.2    Abbreviations ... 14  4 Overview ... 15  4.1    Introduction ... 15  4.2    Target Readers of Evaluation Framework for ISSA ... 16  4.3    Evaluation Context ... 17  4.4    Document Structure of Evaluation Framework for ISSA ... 18  5 General Model ... 20  5.1    Overview ... 20  5.2    Context of Security Assurance ... 20  5.3    ISSA Evaluation ... 25  5.4    Generation of ISPP and ISST ... 29  5.5    Description Materials of Information Systems Security Assurance (ISSA) ... 33  6 ISSA Evaluation and Evaluation Results ... 39  6.1    Introduction ... 39  6.2    ISPP and ISST Requirements ... 39  6.3    TOE Requirements ... 40  6.4    Declaration of Evaluation Result ... 41  6.5    Application of TOE Evaluation Result ... 42  Appendix A (Normative) Information Systems Protection Profile (ISPP) ... 43  A.1    Overview ... 43  A.2    ISPP Content ... 43  A.2.1    Content and Expression ... 43  A.2.2    ISPP Introduction ... 44  A.2.3    TOE Description ... 44  A.2.4    TOE Security Environment ... 46  A.2.5    Security Assurance Purpose ... 46  A.2.6    Information Systems Security Assurance Requirements ... 47  A.2.7    ISPP Application Explanation ... 48  A.2.8    Declaration of Conformity ... 48  Appendix B (Normative) Specifications of Information Systems Security Target (ISST) ... 50  B.1    Overview ... 50  B.2    ISST Content ... 50  B.2.1    Content and Form ... 50  B.2.2    ISST Introduction ... 51  B.2.3    TOE Description ... 52  B.2.4    TOE Security Environment ... 55  B.2.5    Security Assurance Purpose ... 55  B.2.6    Security Assurance Requirements ... 56  B.2.7    TOE Summary Specifications ... 57  B.2.8    ISPP Declaration ... 58  B.2.9    Declaration of Conformity ... 59  Appendix C (Informative) Description of Information System ... 61  C.1    Overview ... 61  C.2    Description Specifications of Information System ... 61  C.3    Explanation for Description of Information System ... 63  Appendix D (Informative) Explanation of Information Systems Assurance Level (ISAL)... 65  D.1    Overview ... 65  D.2    Classification of Information System Mission ... 65  D.3    Grading of Information System Threats ... 66  D.4    Information Systems Assurance Level (ISAL) Matrix ... 66  D.5    ISAL Grading Requirements ... 66  Bibliography ... 69  Figure 1 Evaluation Context ... 18  Figure 2 Concept and Relationship of Information Systems Security ... 21  Figure 3 Model of ISSA ... 22  Figure 4 Security Assurance Elements of ISSA Life Cycle ... 23  Figure 5 Concept and Relationship of ISSA Evaluation ... 26  Figure 6 Description of ISSA Evaluation ... 27  Figure 7 Entirety and Application of ISSA Evaluation ... 29  Figure 8 Generation Process of ISPP and ISST ... 30  Figure 9 Organization and Structure of Security Assurance Control Requirements ... 34  Figure 10 Application of Security Assurance Requirements ... 37  Figure 11 Evaluation Results ... 39  Figure A.1 ISPP Content ... 45  Figure B.1 ISST Content ... 52  Figure C.1 Description Specifications of Information System for ISSA Evaluation ... 61  Figure C.2 Technical Reference Model of Information System ... 64  Figure D.1 Example for Requirements of Information System Security Management Capability Maturity Level ... 67  Figure D.2 Example for Requirements of Information System Securi... ......
 
Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.