HOME   Cart(0)   Quotation   About-Us Tax PDFs Standard-List Powered by Google www.ChineseStandard.net Database: 189760 (30 Nov 2024)

GB/T 35787-2017 PDF in English


GB/T 35787-2017 (GB/T35787-2017, GBT 35787-2017, GBT35787-2017)
Standard IDContents [version]USDSTEP2[PDF] delivered inName of Chinese StandardStatus
GB/T 35787-2017English85 Add to Cart 0-9 seconds. Auto-delivery. Security technical requirement for the read-write equipment of the electronic identification of motor vehicles Valid
Standards related to (historical): GB/T 35787-2017
PDF Preview

GB/T 35787-2017: PDF in English (GBT 35787-2017)

GB/T 35787-2017 GB NATIONAL STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.240.15 L 80 Security Technical Requirement for the Read-write Equipment of the Electronic Identification of Motor Vehicles ISSUED ON. DECEMBER 29, 2017 IMPLEMENTED ON. JULY 1, 2018 Issued by. General Administration of Quality Supervision, Inspection and Quarantine; Standardization Administration of the People’s Republic of China. Table of Contents Foreword ... 3  1 Scope ... 4  2 Normative References ... 4  3 Terms and Definitions ... 4  4 Abbreviations ... 5  5 General Requirements ... 5  5.1 Requirements of Communication Security ... 5  5.2 Basic Structure ... 5  5.3 Cryptographic Algorithm ... 6  5.4 Key Management ... 6  5.5 Confidentiality ... 6  5.6 Integrity ... 6  5.7 Non-repudiation ... 6  5.8 Identity Authentication ... 7  5.9 Access Control ... 7  5.10 Audit Record ... 8  6 Manufacturing and Scrap Disposal ... 8  6.1 Manufacturing ... 8  6.2 Scrap Disposal ... 8  Foreword This Standard was drafted in accordance with the rules in GB/T 1.1-2009. Please be noted that certain content in this document might involve patents. The institution that issues this document does not undertake the responsibility of identifying these patients. This Standard was proposed by and shall be under the jurisdiction of The Ministry of Public Security of the People’s Republic of China. The drafting organizations of this Standard. Traffic Management Research Institute of the Ministry of Public Security, China Electronics Standardization Institute, RAY-LINKS (Beijing) Technologies Co., Ltd., National Quality Supervision and Testing Center for RFID Products, National Road Traffic Safety Product Quality Supervision and Inspection Center. The main drafters of this Standard. Liu Dongbo, Huangjin, Hu Jiabin, Xu Minjie, Fang Wangsheng, Gaolin, Guanchao, Li Zhuofan, Yangyong, Daijia. Security Technical Requirement for the Read-write Equipment of the Electronic Identification of Motor Vehicles 1 Scope This Standard specifies the general security requirements, manufacturing and scrap disposal of the read-write equipment of the electronic identification of motor vehicles. This Standard is applicable to the design, development, test and application of the read-write equipment and application system of the electric identification of motor vehicles. 2 Normative References The following documents are indispensable to the application of this Standard. In terms of references with a specified date, only versions with a specified date are applicable to this Standard. The latest version (including all the modifications) of references without a specified date is applicable to this Standard. GB/T 35789.1-2017 General Specification for the Electronic Identification of Motor Vehicles - Part 1. Automobile GM/T 0024 SSL VPN Specification GM/T 0035.1-2014 Specifications of Cryptographic Application for RFID Systems - Part 1. Cryptographic Protection Framework and Security Levels GM/T 0035.5 Specifications of Cryptographic Application for RFID Systems - Part 5. Specification for Key Management 3 Terms and Definitions What is defined in GB/T 35789.1-2017, and the following terms and definitions are applicable to this document. 3.1 Security Module Security module refers to a component, which is imbedded in the read-write equipment and provides the function of cryptographic operation to the read-write equipment. 5.3 Cryptographic Algorithm Security module and PSAM card shall adopt cryptographic algorithm approved by national password management department. 5.4 Key Management Key management shall comply with the following requirements. a) The generation, input, storage, dispersion and usage of key shall comply with the requirement in GM/T 0035.5; b) Key in the security module shall be managed by institutions authorized by public security organs; c) Key in the PSAM card shall be managed by competent departments of application industries. 5.5 Confidentiality 5.5.1 Storage confidentiality Storage confidentiality shall comply with the following requirements. a) Sensitive information shall adopt cryptographic algorithm for encryption protection, so as to prevent unauthorized access; b) Access permission information and keys shall be stored in the security module or the PSAM card; c) Asymmetric algorithm private key and symmetric algorithm key shall not be readable. 5.5.2 Transmission confidentiality SSL VPN technology, which complies with the requirement in GM/T 0024, should be adopted, so as to guarantee transmission confidentiality between the read-write equipment and the application system. 5.6 Integrity Cryptography shall be adopted to verify sensitive information in the transmission between the read-write equipment and the application system, so as to find out information being tampered, deleted or interpolated. 5.7 Non-repudiation Digital signature technology shall be adopted to implement non-repudiation between the read-write equipment and the application system. ......
 
Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.