GB/T 36958-2018 PDF English
US$370.00 · In stock · Download in 9 secondsGB/T 36958-2018: Information security technology - Technical requirements of security management center for classified protection of cybersecurity Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedureStatus: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivery | Name of Chinese Standard | Status |
| GB/T 36958-2018 | English | 370 |
Add to Cart
|
0-9 seconds. Auto-delivery
|
Information security technology - Technical requirements of security management center for classified protection of cybersecurity
| Valid |
Excerpted PDFs (Download full copy in 9 seconds upon purchase)PDF Preview: GB/T 36958-2018
GB/T 36958-2018: Information security technology - Technical requirements of security management center for classified protection of cybersecurity
---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GBT36958-2018
GB
NATIONAL STANDARD OF THE
PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
Information security technology - Technical
requirements of security management center for
classified protection of cybersecurity
Issued on. DECEMBER 28, 2018
Implemented on. JULY 01, 2019
Issued by. State Administration for Market Regulation;
Standardization Administration of PRC.
Table of Contents
Foreword... 3
Introduction... 4
1 Scope... 5
2 Normative references... 5
3 Terms and definitions... 5
4 Abbreviations... 6
5 Overview of security management center... 6
6 Technical requirements for the second-level security management center... 9
7 Technical requirements for the third-level security management center... 17
8 Technical requirements for the fourth-level security management center... 29
9 Technical requirements for fifth-level security management center... 44
10 Technical requirements for security management center of cross-grading
system... 44
Appendix A (Normative) Correspondence between security management
center and cybersecurity classified protection object’s level... 46
Appendix B (Normative) Classification of technical requirements of security
management center... 47
Appendix C (Informative) Normalized security event attributes... 49
Foreword
This standard was drafted in accordance with the rules given in GB/T 1.1-2009.
Please note that certain contents of this document may involve patents. The
issuing agency of this document is not responsible for identifying these patents.
This standard was proposed by and shall be under the jurisdiction of the
National Information Security Standardization Technical Committee (SAC/TC
260).
Drafting organizations of this standard. The 15th Research Institute of China
Electronics Technology Group Corporation (Information Industry Information
Security Evaluation Center), the Third Research Institute of the Ministry of
Public Security, the First Research Institute of the Ministry of Public Security,
Wangshen Information Technology (Beijing) Co., Ltd.
The main drafters of this standard. Huo Shanshan, Ren Weihong, Liu Jian,
Zhang Yi, Dong Jingjing, Liu Kaiming, Zheng Guogang, Tao Yuan, Chen
Guangyong, Li Qiuxiang, Lu Qing, Wang Gang.
1 Scope
This standard specifies the technical requirements for the cybersecurity
classified protection for security management center.
This standard is applicable to guide security manufacturers and operating &
using organizations to design, construct and operate security management
centers in accordance with the requirements of this standard.
2 Normative references
The following documents are essential to the application of this document. For
the dated documents, only the versions with the dates indicated are applicable
to this document; for the undated documents, only the latest version (including
all the amendments) are applicable to this standard.
GB/T 5271.8 Information technology - Vocabulary - Part 8.Security
GB 17859-1999 Computer information system -- Criteria for classifying
security protection level
GB/T 25069 Information security technology - Glossary
GB/T 25070 Information security technology - Technical requirements of
security design for information system classified protection
3 Terms and definitions
The terms and definitions as defined in GB 17859-1999, GB/T 5271.8, GB/T
25069, GB/T 25070 as well as the following terms and definitions apply to this
document.
3.1
Data acquisition interface
An interface that collects security events, vulnerabilities, related
configuration and status information on monitoring objects such as host
operating systems, database systems, network devices, security devices in
the network environment.
4 Abbreviations
The following abbreviations apply to this document.
CPU. Central Processing Unit
CVE. Common Vulnerabilities & Exposures
DDoS. Distributed Denial of Service
5 Overview of security management center
5.1 General description
The security management center, as a system platform for unified management
of the security policies of the cybersecurity classified protection objects and the
security mechanism of the secure computing environment, the security area
boundary and the secure communication network, realizes unified management,
unified monitoring, unified audit, comprehensive analysis, collaborative
protection.
5.2 Function description
System management mainly uses administrators to configure, control and
manage system resources and operations, including user identity management,
system resource configuration, system loading and startup, abnormal handling
of system operation, support for managing local and remote disaster backup
and recovery.
6 Technical requirements for the second-level security management center
6.1 Functional requirements
6.1.1 System management requirements
6.1.1.2 Data protection
6.1.1.2.1 Data confidentiality
Data confidentiality shall meet the following requirements.
6.1.1.2.2 Data integrity
Data integrity shall meet the following requirements.
6.1.1.2.3 Data backup and recovery
Data backup and recovery shall meet the following requirements.
6.1.1.3 Security incident management
6.1.1.3.2 Security event alarm
Security event alarms shall have an alarm function, which can generate alarms
based on preset thresholds when abnormalities are found.
6.1.1.3.3 Security incident response
Security incident response shall meet the following requirements.
6.1.1.4 Risk management
6.1.1.4.1 Asset management
Asset management shall meet the following requirements.
6.1.1.4.2 Threat management
Threat management shall meet the following requirements.
6.1.1.4.3 Vulnerability management
Vulnerability management shall allow the creation and maintenance of asset
vulnerability lists; support the merging and updating of vulnerability lists.
6.2 Interface requirements
6.2.1 Third-party plug-in/agent interface protocol requirements
The security management center shall support conventional interfaces such as
SNMP Trap, Syslog, Web Service, customized interfaces, third-party plug-in or
agent interfaces, to implement data exchange between components and third-
party platforms.
6.3 Self-security requirements
6.3.1 Identity authentication
The administrator identity authentication of the security management center
console shall meet the following requirements.
6.3.2 Access control
The access control of the security management center console shall meet the
following requirements.
6.3.3 Security audit
The security audit of the security management center console shall meet the
following requirements.
6.3.4 Software fault tolerance
The software fault tolerance of the security management center console shall
provide the data validity check function, to ensure that the data format or length
input through the man-machine interface or through the interface meets the
system setting requirements.
6.3.7 Data security
The data security of the security management center console shall meet the
following requirements.
7 Technical requirements for the third-level security management center
7.1 Functional requirements
7.1.1 System management requirements
7.1.1.2 Data protection
7.1.1.2.1 Data confidentiality
Data confidentiality shall meet the following requirements.
7.1.1.2.2 Data integrity
Data integrity shall meet the following requirements.
7.1.1.2.3 Data backup and recovery
Data backup and recovery shall meet the following requirements.
7.1.1.2.4 Remaining information protection
The remaining information protection shall ensure that the storage space
where the identification information of the subject and object is located is
completely cleared before being released or redistributed to other
subjects, regardless of whether the information is stored on the hard disk
or in the memory.
7.1.1.3 Security event management
7.1.1.3.2 Security event alarm
Security event alarms shall meet the following requirements.
7.1.1.3.4 Event correlation analysis
Event correlation analysis shall meet the following requirements.
7.1.1.3.5 Statistical analysis report
The statistical analysis report shall meet the following requirements.
7.1.1.4 Risk management
7.1.1.4.1 Asset management
Asset management shall meet the following requirements.
7.1.1.4.2 Asset business value assessment
Asset business value evaluation shall support custom asset business
value evaluation models, which can form asset business value levels
based on parameters such as asset type, asset importance, impact after
damage, scope involved.
7.1.1.5 Resource monitoring
7.1.1.5.1 Availability monitoring
Availability monitoring shall meet the following requirements.
7.2 Interface requirements
7.3 Self-security requirements
7.3.1 Identity authentication
The administrator identity authentication of the security management center
console shall meet the following requirements.
8 Technical requirements for the fourth-level security management center
8.1 Functional requirements
8.1.1 System management requirements
8.1.2.3 Equipment policy management
8.1.2.3.1 Security configuration policy
Equipment management shall meet the following requirements.
8.1.2.3.2 Intrusion prevention
Intrusion prevention shall meet the following requirements.
8.1.2.3.3 Malicious code prevention
Malware prevention shall meet the following requirements.
8.1.2.4 Password guarantee
Password guarantee shall provide guarantee for the correctness, compliance
and effectiveness of the cryptographic technology, products, services of the
managed objects. In the IoT system platform, the security administrator shall
conduct unified management of the keys used in the system, including the
generation, distribution, update, storage, backup, destruction of the keys;
meanwhile take necessary measures to ensure the security of the keys.
8.1.3 Audit management requirements
8.2 Interface requirements
8.2.1 Third-party plug-in/agent interface protocol requirements
The interface protocol requirements shall meet the following requirements.
8.2.2 Interface security requirements
Interface security requirements shall meet the following requirements.
8.3 Self-security requirements
8.3.1 Identity authentication
The administrator’s identity authentication of the security management center
console shall meet the following requirements.
8.3.7 Resource control
The resource control of the security management center console shall meet the
following requirements.
8.3.8 Intrusion prevention
The intrusion prevention of the security management center console shall meet
the following requirements.
8.3.9 Data security
The data security of the security management center console shall meet the
following requirements.
9 Technical requirements for fifth-level security management center
The technical requirements for the fifth-level security management center shall
be formulated separately.
......
Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al.
Tips & Frequently Asked QuestionsQuestion 1: How long will the true-PDF of English version of GB/T 36958-2018 be delivered?Answer: The full copy PDF of English version of GB/T 36958-2018 can be downloaded in 9 seconds, and it will also be emailed to you in 9 seconds (double mechanisms to ensure the delivery reliably), with PDF-invoice. Question 2: Can I share the purchased PDF of GB/T 36958-2018_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 36958-2018_English will be deemed to be sold to your employer/organization who actually paid for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. www.ChineseStandard.us -- GB/T 36958-2018 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds. How to buy and download a true PDF of English version of GB/T 36958-2018?A step-by-step guide to download PDF of GB/T 36958-2018_EnglishStep 1: Visit website https://www.ChineseStandard.net (Pay in USD), or https://www.ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD).
Step 2: Search keyword "GB/T 36958-2018".
Step 3: Click "Add to Cart". If multiple PDFs are required, repeat steps 2 and 3 to add up to 12 PDFs to cart.
Step 4: Select payment option (Via payment agents Stripe or PayPal).
Step 5: Customize Tax Invoice -- Fill up your email etc.
Step 6: Click "Checkout".
Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment is completed and in 9 seconds, you will receive 2 emails attached with the purchased PDFs and PDF-invoice, respectively.
Step 8: Optional -- Go to download PDF.
Step 9: Optional -- Click Open/Download PDF to download PDFs and invoice.
See screenshots for above steps: Steps 1~3 Steps 4~6 Step 7 Step 8 Step 9
|