GB/T 37939-2019 PDF English
US$679.00 · In stock · Download in 9 secondsGB/T 37939-2019: Information security technology - Security techniques requirement for network storage Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedureStatus: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivery | Name of Chinese Standard | Status |
| GB/T 37939-2019 | English | 679 |
Add to Cart
|
6 days
|
Information security technology - Security techniques requirement for network storage
| Valid |
Excerpted PDFs (Download full copy in 9 seconds upon purchase)PDF Preview: GB/T 37939-2019
GB/T 37939-2019: Information security technology - Security techniques requirement for network storage
---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GBT37939-2019
(Information Security Technology Network Storage Security Technical Requirements)
ICS 35.040
L80
National Standards of People's Republic of China
Information Security Technology Network Storage Security Technical Requirements
Informationsecuritytechnology-Securitytechniquesrequirementfor
Networkstorage
Published on.2019-08-30
2020-03-01 implementation
State market supervision and administration
China National Standardization Administration issued
Content
Foreword I
1 Scope 1
2 Normative references 1
3 Terms and Definitions 1
4 Abbreviations 2
5 Product Description 2
5.1 Network Storage Description 2
5.2 Network Storage Security Framework 3
5.3 Level Division Description 3
6 Security function requirements 4
6.1 Level 1 Security Function Requirements 4
6.2 Level 2 Security Function Requirements 7
6.3 Level 3 Security Function Requirements 13
7 Security requirements 19
7.1 First level security requirements 19
7.2 Level 2 Security Requirements 21
7.3 Level 3 Security Requirements 24
Appendix A (informative) Comparison of safety requirements 28
Reference 30
Foreword
This standard was drafted in accordance with the rules given in GB/T 1.1-2009.
Please note that some of the contents of this document may involve patents. The issuing organization of this document is not responsible for identifying these patents.
This standard is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260).
This standard was drafted. China Electronics Technology Standardization Research Institute, Huawei Technologies Co., Ltd., the Third Institute of the Ministry of Public Security, Huazhong Science and Technology University
Xue, Shanghai Jiaotong University, Lenovo (Beijing) Information Technology Co., Ltd., Beijing Yuen Network Technology Co., Ltd., China Information Security Assessment
Center, Hangzhou Hikvision Digital Technology Co., Ltd., Inspur Electronic Information Industry Co., Ltd.
The main drafters of this standard. Ge Xiaoyu, Wang Wei, Chen Yu, Liu Xiangang, Gu Jian, Lu Yi, Wang Haiqi, Tan Zhipeng, Wu Chentao, An Gaofeng,
Li Xinxin, Liu Jun, Qian Xiaodong, Xu Dongyang, Pang Bo, Wang Wei, Fu Zhuo, Wen Zhongling, Zhao Jiang.
Information Security Technology Network Storage Security Technical Requirements
1 Scope
This standard specifies the security technical requirements for network storage, including security functional requirements and security requirements.
This standard applies to the design and implementation of network storage. The security testing and management of network storage can be used as reference.
2 Normative references
The following documents are indispensable for the application of this document. For dated references, only dated versions apply to this article.
Pieces. For undated references, the latest edition (including all amendments) applies to this document.
GB/T 18336.3-2015 Information technology security technology - Information technology - Safety assessment criteria - Part 3. Security components
GB/T 25069-2010 Information Security Technology Terminology
3 Terms and definitions
The following terms and definitions as defined in GB/T 18336.3-2015 and GB/T 25069-2010 apply to this document.
3.1
Network storage networkstorage
A dedicated storage device connected to the server based on different protocols over the network.
Example. Network storage typically includes DAS storage devices, NAS storage devices, SAN storage devices, and object storage devices.
3.2
Direct attached storage directattachedstorage
Connect the storage device directly to the storage fabric on the server.
3.3
Storage area network storageareanetwork
A storage architecture that connects storage devices and application servers over a network and provides access to data blocks.
3.4
Network attached storage networkattachedstorage
A storage architecture that provides direct access to storage devices and provides file-level data access using the Network File Sharing Protocol.
3.5
Object storage objectbasedstorage
An object-based approach to providing storage architecture for data access.
Note. An object typically includes data, metadata describing the object, and a unique identifier for the object.
3.6
Redundant array of independent disks redundantarrayofindependentdisks
Each of the individual disks is formed into a logical hard disk in different combinations.
3.7
Mirroring mirroring
Copy data from one logical disk volume to several logical disk volumes in real time.
GB/T 37939-2019
(Information Security Technology Network Storage Security Technical Requirements)
ICS 35.040
L80
National Standards of People's Republic of China
Information Security Technology Network Storage Security Technical Requirements
Informationsecuritytechnology-Securitytechniquesrequirementfor
Networkstorage
Published on.2019-08-30
2020-03-01 implementation
State market supervision and administration
China National Standardization Administration issued
Content
Foreword I
1 Scope 1
2 Normative references 1
3 Terms and Definitions 1
4 Abbreviations 2
5 Product Description 2
5.1 Network Storage Description 2
5.2 Network Storage Security Framework 3
5.3 Level Division Description 3
6 Security function requirements 4
6.1 Level 1 Security Function Requirements 4
6.2 Level 2 Security Function Requirements 7
6.3 Level 3 Security Function Requirements 13
7 Security requirements 19
7.1 First level security requirements 19
7.2 Level 2 Security Requirements 21
7.3 Level 3 Security Requirements 24
Appendix A (informative) Comparison of safety requirements 28
Reference 30
Foreword
This standard was drafted in accordance with the rules given in GB/T 1.1-2009.
Please note that some of the contents of this document may involve patents. The issuing organization of this document is not responsible for identifying these patents.
This standard is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260).
This standard was drafted. China Electronics Technology Standardization Research Institute, Huawei Technologies Co., Ltd., the Third Institute of the Ministry of Public Security, Huazhong Science and Technology University
Xue, Shanghai Jiaotong University, Lenovo (Beijing) Information Technology Co., Ltd., Beijing Yuen Network Technology Co., Ltd., China Information Security Assessment
Center, Hangzhou Hikvision Digital Technology Co., Ltd., Inspur Electronic Information Industry Co., Ltd.
The main drafters of this standard. Ge Xiaoyu, Wang Wei, Chen Yu, Liu Xiangang, Gu Jian, Lu Yi, Wang Haiqi, Tan Zhipeng, Wu Chentao, An Gaofeng,
Li Xinxin, Liu Jun, Qian Xiaodong, Xu Dongyang, Pang Bo, Wang Wei, Fu Zhuo, Wen Zhongling, Zhao Jiang.
Information Security Technology Network Storage Security Technical Requirements
1 Scope
This standard specifies the security technical requirements for network storage, including security functional requirements and security requirements.
This standard applies to the design and implementation of network storage. The security testing and management of network storage can be used as reference.
2 Normative references
The following documents are indispensable for the application of this document. For dated references, only dated versions apply to this article.
Pieces. For undated references, the latest edition (including all amendments) applies to this document.
GB/T 18336.3-2015 Information technology security technology - Information technology - Safety assessment criteria - Part 3. Security components
GB/T 25069-2010 Information Security Technology Terminology
3 Terms and definitions
The following terms and definitions as defined in GB/T 18336.3-2015 and GB/T 25069-2010 apply to this document.
3.1
Network storage networkstorage
A dedicated storage device connected to the server based on different protocols over the network.
Example. Network storage typically includes DAS storage devices, NAS storage devices, SAN storage devices, and object storage devices.
3.2
Direct attached storage directattachedstorage
Connect the storage device directly to the storage fabric on the server.
3.3
Storage area network storageareanetwork
A storage architecture that connects storage devices and application servers over a network and provides access to data blocks.
3.4
Network attached storage networkattachedstorage
A storage architecture that provides direct access to storage devices and provides file-level data access using the Network File Sharing Protocol.
3.5
Object storage objectbasedstorage
An object-based approach to providing storage architecture for data access.
Note. An object typically includes data, metadata describing the object, and a unique identifier for the object.
3.6
Redundant array of independent disks redundantarrayofindependentdisks
Each of the individual disks is formed into a logical hard disk in different combinations.
3.7
Mirroring mirroring
Copy data from one logical disk volume to several logical disk volumes in real time.
......
Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al.
Tips & Frequently Asked QuestionsQuestion 1: How long will the true-PDF of English version of GB/T 37939-2019 be delivered?Answer: The full copy PDF of English version of GB/T 37939-2019 can be downloaded in 9 seconds, and it will also be emailed to you in 9 seconds (double mechanisms to ensure the delivery reliably), with PDF-invoice. Question 2: Can I share the purchased PDF of GB/T 37939-2019_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 37939-2019_English will be deemed to be sold to your employer/organization who actually paid for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. www.ChineseStandard.us -- GB/T 37939-2019 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds. How to buy and download a true PDF of English version of GB/T 37939-2019?A step-by-step guide to download PDF of GB/T 37939-2019_EnglishStep 1: Visit website https://www.ChineseStandard.net (Pay in USD), or https://www.ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD).
Step 2: Search keyword "GB/T 37939-2019".
Step 3: Click "Add to Cart". If multiple PDFs are required, repeat steps 2 and 3 to add up to 12 PDFs to cart.
Step 4: Select payment option (Via payment agents Stripe or PayPal).
Step 5: Customize Tax Invoice -- Fill up your email etc.
Step 6: Click "Checkout".
Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment is completed and in 9 seconds, you will receive 2 emails attached with the purchased PDFs and PDF-invoice, respectively.
Step 8: Optional -- Go to download PDF.
Step 9: Optional -- Click Open/Download PDF to download PDFs and invoice.
See screenshots for above steps: Steps 1~3 Steps 4~6 Step 7 Step 8 Step 9
|