HOME   Cart(0)   Quotation   About-Us Tax PDFs Standard-List Powered by Google www.ChineseStandard.net Database: 189760 (31 May 2025)

PDF GB/T 20274.2-2008 English


Search result: GB/T 20274.2-2008
Standard IDContents [version]USDSTEP2[PDF] delivered inName of Chinese StandardStatus
GB/T 20274.2-2008English145 Add to Cart 0-9 seconds. Auto-delivery. Information security technology -- Evaluation framework for information systems security assurance -- Part 2: Technical assurance Valid

PDF Preview: GB/T 20274.2-2008                   
      

GB/T 20274.2-2008: PDF in English (GBT 20274.2-2008)

GB/T 20274.2-2008 GB NATIONAL STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 Information Security Technology - Evaluation Framework for Information Systems Security Assurance - Part 4. Technical Assurance ISSUED ON. JULY 18, 2008 IMPLEMENTED ON. DECEMBER 1, 2008 Issued by. General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China; Standardization Administration of the People's Republic of China. Table of Contents Foreword ... 6  1 Scope ... 7  2 Normative References ... 7  3 Terms and Definitions ... 7  4 Structure of This Part ... 8  5 Information Security Technical Assurance ... 8  5.1 Overview of Security Technical Assurance ... 8  5.2 Security Technology Architecture Capability Level ... 9  5.3 Examples of Security Technical Assurance Control Requirements ... 9  6 Control Structure of Information Security Technical Assurance ... 15  6.1 Overview ... 15  6.2 Module Classification ... 21  7 FAU Class. Security Audit ... 22  7.1 Automatic Response of Security Audit (FAU_ARP) ... 23  7.2 Generation of Security Audit Data (FAU_GEN) ... 24  7.3 Security Audit Analysis (FAU_SAA) ... 25  7.4 Security Audit Review (FAU_SAR) ... 28  7.5 Selection of Security Audit Event (FAU_SEL) ... 30  7.6 Storage of Security Audit Event (FAU_STG) ... 31  8 FCO Class. Communication ... 34  8.1 Non-repudiation of origin (FCO_NRO) ... 34  8.2 Non-repudiation of receipt (FCO_NRR) ... 36  9 FCS Class. Cryptographic Support ... 38  9.1 Key Management (FCS_CKM) ... 39  9.2 Crypto-operation (FCS_COP) ... 41  10 FDP Class. User Data Protection ... 43  10.1 Access Control Policy (FDP_ACC) ... 46  10.2 Access Control Function (FDP_ACF) ... 47  10.3 Data Authentication (FDP_DAU) ... 48  10.4 Output beyond TSF Control (FDP_ETC) ... 50  10.5 Information Flow Control Policy (FDP_IFC) ... 51  10.6 Information Flow Control Function (FDP_IFF) ... 53  10.7 Input from Outside of TSF Control (FDP_ITC) ... 57  10.8 TOE Internal Transmission (FDP_ITT) ... 59  10.9 Residual Information Protection (FDP_RIP) ... 62  10.10 Reversal (FDP_ROL) ... 63  10.11 Stored Data Integrity (FDP_SDI) ... 65  10.12 Confidentiality Protection of User Data Transmission between TSF (FDP_UCT) ... 66  10.13 Integrity Protection of User Data Transmission between TSF (FDP_UIT) ... 67  11 FIA Class. Identification and Authentication ... 70  11.1 Authentication Failure (FIA_AFL) ... 71  11.2 User Attribute Definition (FIA_ATD) ... 72  11.3 Specification of Secret (FIA_SOS) ... 73  11.4 User Authentication (FIA_UAU) ... 74  11.5 User Identification (FIA_UID) ... 79  11.6 User-Subject Binding (FIA_USB) ... 80  12 FMT Class. Security Management ... 81  12.1 Management of Function in TSF (FMT_MOF) ... 82  12.2 Management of Security Attribute (FMT_MSA) ... 83  12.3 Management of TSF Data (FMT_MTD) ... 86  12.4 Revocation (FMT_REV) ... 88  12.5 Security Attribute Expiration (FMT_SAE) ... 89  12.6 Security Management Role (FMT_SMR) ... 90  13 FPR Class. Secrecy ... 92  13.1 Anonymity (FPR_ANO) ... 92  13.2 Pseudonym (FPR_PSE) ... 93  13.3 Unlinkability (FPR_UNL) ... 95  13.4 Unobservability (FPR_UNO) ... 96  14 FPT Class. TSF Protection ... 98  14.1 Basic Abstract Machine Testing (FPT_AMT) ... 100  14.2 Failure Protection (FPT_FLS) ... 100  14.3 Availability of Output TSF Data (FPT_ITA) ... 101  14.4 Confidentiality of Output TSF Data (FPT_ITC) ... 102  14.5 Integrity of Output TSF Data (FPT_ITI) ... 103  14.6 Transmission of TSF Data in TOE (FPT_ITT) ... 105  14.7 TSF Physical Protection (FPT_PHP) ... 107  14.8 Trusted Recovery (FPT_RCV) ... 109  14.9 Replay Detection (FPT_RPL) ... 112  14.10 Reference Arbitration (FPT_RVM) ... 113  14.11 Domain Separation (FPT_SEP) ... 114  14.12 Status Synchronization Protocol (FPT_SSP) ... 116  14.13 Timestamp (FPT_STM) ... 117  14.14 Consistency of TSF Data between TSF (FPT_TDC) ... 118  14.15 Consistency of TSF Data Replication in TOE (FPT_TRC) ... 119  14.16 TSF Self-test (FPT_TST) ... 119  15 FRU Class. Resource Utilization ... 121  15.1 Fault Tolerance (FRU_FLT) ... 121  15.2 Service Priority (FRU_PRS) ... 122  15.3 Resource Allocation (FRU_RSA) ... 124  16 FTA Class. TOE Access ... 125  16.1 Optional Attribute Scope Restriction (FTA_LSA) ... 126  16.2 Multiple Concurrent Sessions Restriction (FTA_MCS)... 127  16.3 Session Locking (FTA_SSL) ... ......
 
Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.