GA/T 1139-2014 English PDFUS$699.00 · In stock
Delivery: <= 4 days. True-PDF full-copy in English will be manually translated and delivered via email. GA/T 1139-2014: Information security technology. Security technical requirements for database scanning products
Basic dataStandard ID: GA/T 1139-2014 (GA/T1139-2014)Description (Translated English): Information security technology. Security technical requirements for database scanning products Sector / Industry: Public Security (Police) Industry Standard (Recommended) Classification of Chinese Standard: A90 Classification of International Standard: 35.240 Word Count Estimation: 20,242 Date of Issue: 2014-03-10 Date of Implementation: 2014-03-10 Quoted Standard: GB 17859-1999; GB/T 18336.1-2008; GB/T 25069-2010; GB/T 18336.2-2008; GB/T 18336.3-2008 Regulation (derived from): Notice on Publication of Public Safety Industry Standard (Year of 2014); Industry Standard Record Announcement No. 4 of 2015 (No. 184) Issuing agency(ies): Ministry of Public Security Summary: This standard specifies the security requirements, security assurance requirements and classification requirements for database scanning products. This standard applies to the design, development and testing of database scanning products. GA/T 1139-2014: Information security technology. Security technical requirements for database scanning products---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. Information security technology.Security technical requirements for database scanning products ICS 35.240 A90 People's Republic of China Public Security Industry Standards Information Security Technology Technical requirements for product safety database scanning Issued on. 2014-03-10 2014-03-10 implementation People's Republic of China Ministry of Public Security Table of ContentsIntroduction Ⅲ Introduction Ⅳ 1 Scope 1 2 Normative references 1 3 Terms and definitions Product Description 1 4 database scanning 5 2 Security Environment 5.1 Hypothesis 2 5.2 Threat 2 5.3 2 Organization for Security Policy 6 security objectives 3 6.1 Product Safety Objective 3 6.2 Environmental security objectives 3 7 Security functional requirements 4 7.1 Scan Type 4 7.2 scanning policies 4 7.3 Analysis of results of the scan process 4 7.4 Stability and fault tolerance of 5 5 7.5 upgrade capability 7.6 on the target object 5 7.7 identification and authentication 5 7.8 Security Management 6 7.9 Audit Log 6 8 7 Security assurance requirements 8.1 Configuration Management 7 8.2 Delivery and Operation 8 8.3 Development 8 8.4 guidance document 10 10 8.5 Life Cycle Support 8.6 Test 10 8.7 Vulnerability assessment 11 9 basic principles of technical requirements 12 9.1 Security functional requirements Fundamentals 12 9.2 Security assurance requirements 13 Fundamentals 10 classification requirements 13 10.1 Overview 13 10.2 Classification of security functional requirements 13 10.3 Classification of security assurance requirements 14ForewordThis standard was drafted in accordance with GB/T 1.1-2009 given rules. This standard was proposed by the Ministry of Public Security Network Security Protection Agency. This standard is under the jurisdiction of the Ministry of Public Security Information System Standardization Technical Committee. This standard was drafted. Ministry of Public Security of Computer Information System Security Product Quality Supervision and Inspection Center, Hangzhou Hengxin Information Technology Co., Secretary, Ministry of Public Security the third Institute. The main drafters of this standard. Excellent Yu, Zhang Yan, Gu Jian, Zhao, Lu Zhen, Fan Yuan, Sun Xiaoping.IntroductionThis standard is described in detail and product safety database scanning environment-related assumptions, threats and organizational security policies defined database sweep Security purposes described products and their supporting environment, demonstrated safety and functional requirements can be traced back cover product safety purposes, safety purposes can chase Traceability and safety covering environment-related assumptions, threats and organizational security policies. The standard base-level reference to GB/T 18336.3-2008 prescribed level EAL2 security assurance requirements, and enhance the level at EAL4 level Security assurance requirements based on the vulnerability analysis requires upgrade to an attacker can withstand moderate attack potential attack. This standard gives only database security scanning products should meet the technical requirements, but specific technical database implementations scanning products Type, method is not required. Information Security Technology Technical requirements for product safety database scanning1 ScopeThis standard specifies the safety features of the product database scanning requirements, security assurance requirements and grading requirements. This standard applies to the design, development and testing database scanning products.2 Normative referencesThe following documents for the application of this document is essential. For dated references, only the dated version suitable for use herein Member. For undated references, the latest edition (including any amendments) applies to this document. GB 17859-1999 computer information system security protection classification criterion GB/T 18336-2008 (all parts), Information technology - Security techniques - Information Technology Security Evaluation Guidelines GB/T 25069-2010 Information security technology terms3 Terms and DefinitionsGB 17859-1999, terms and definitions GB/T 18336-2008 (all parts) and GB/T 25069-2010 defined apply This document.4 Product description database scanningDatabase scanning products through the database system administrator privileges on the database system authentication, authorization, auditing, and other aspects of data security Safety checks, to discover the existence of the database system vulnerabilities purposes. Moreover database scanning products are also responsible for protecting themselves and their inner Security of important data. Figure 1 shows a typical operating environment database scanning products. Figure 1 Typical operating environment database scanning ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GA/T 1139-2014_English be delivered?Answer: Upon your order, we will start to translate GA/T 1139-2014_English as soon as possible, and keep you informed of the progress. The lead time is typically 2 ~ 4 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GA/T 1139-2014_English with my colleagues?Answer: Yes. The purchased PDF of GA/T 1139-2014_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
