GA/T 684-2007 English PDF
Basic dataStandard ID: GA/T 684-2007 (GA/T684-2007)Description (Translated English): Information security technology--Technical requirements for switch security Sector / Industry: Public Security (Police) Industry Standard (Recommended) Classification of Chinese Standard: A90 Classification of International Standard: 35.040 Word Count Estimation: 16,199 Date of Issue: 2007-03-20 Date of Implementation: 2007-05-01 Quoted Standard: GB 17859-1999; GB/T 18336.1-2001 Issuing agency(ies): Ministry of Public Security Summary: This standard specifies the security functional requirements and safety assurance requirements of the switch. This standard applies to the public security industry on the switch product development, production; also can be applied to the switch product procurement and deployment. GA/T 684-2007: Information security technology--Technical requirements for switch security---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.Information security technology - Technical requirements for switch security ICS 35.040 A90 People's Republic of China Public Security Industry Standards Information security technology Security techniques requirement switch Posted 2007-03-20 2007-05-01 implementation People's Republic of China Ministry of Public Security Table of ContentsIntroduction Ⅲ Introduction Ⅳ 1 Scope 1 2 Normative references 1 3 Terms, Definitions and Abbreviations 1 4 1 Safety requirements for the first stage 4.1 Security functional requirements 1 4.1.1 Discretionary Access Control 1 4.1.2 authentication 1 4.1.3 Security Management 2 4.1.4 Virtual LAN division 2 4.2 Security assurance requirements 2 4.2.1 Configuration Management 2 4.2.2 Delivery and operation 2 4.2.3 Development 2 4.2.4 Guidance Document 2 4.2.5 Life Cycle Support 2 4.2.6 Test 2 5 Second Level 3 security requirements 5.1 Security functional requirements 3 5.1.1 Discretionary Access Control 3 5.1.2 authentication 3 5.1.3 Security Management 3 5.1.4 Audit 3 5.1.5 division of Virtual LAN 4 5.2 Security assurance requirements 4 5.2.1 Configuration Management 4 5.2.2 Delivery and operation 4 5.2.3 Development 4 5.2.4 Guidance Document 4 5.2.5 Life Cycle Support 5 5.2.6 Test 5 5.2.7 Vulnerability Assessment 5 6 third-level security requirements 5 6.1 Security functional requirements 5 6.1.1 Discretionary Access Control 5 6.1.2 identification 5 6.1.3 Security Management 6 6.1.4 Audit 6 6.1.5 Virtual LAN division 7 6.2 Security assurance requirements 7 6.2.1 Configuration Management 7 6.2.2 Delivery and operation 7 6.2.3 Development 7 6.2.4 Guidance Document 8 6.2.5 Life Cycle Support 8 6.2.6 Test 8 6.2.7 Vulnerability Assessment 8 8 7 Additional security features 7.1 Network Access Control 8 7.2 VPN function 8 7.3 firewall protection 9 7.4 Intrusion Detection 9 Appendix A (normative) Safety requirements for table 10 References 11ForewordThis standard specifies in detail the various security levels switch should have the security functional requirements and security guarantee from the information technology Certification requirements. Appendix A of this standard is the data appendix. This standard was proposed by the Ministry of Public Security Public Information Network Security Supervision Bureau. This standard is under the jurisdiction of the Ministry of Public Security Information System Standardization Technical Committee. This standard was drafted. State Key Laboratory of Information Security, Graduate School of Chinese Academy of Sciences. The main drafters of this standard. Daiying Xia, left Xiao Dong Ho Shin.IntroductionSwitch is important internetworking equipment, development of technical requirements for assessing the safety switch switches level of security to protect network Security is of great significance. This standard is only one to three security level to do the technical requirements, GB 17859-1999 correspondence with that corresponding to the first stage Users customize the protection level, corresponding to the second stage audit system protection level, third level corresponding to the security token protection level. The standard text in bold indicates a lower level does not appear or enhanced technical requirements. Information security technology Security techniques requirement switch1 ScopeThis standard specifies the hierarchical security functional requirements and security assurance requirements for the switch. This standard applies to public safety switch industry R & D, production; at the same time also be applied to procurement and switch products deploy.2 Normative referencesThe following documents contain provisions which, through reference in this standard and become the standard terms. For dated references, subsequent Amendments (not including errata content) or revisions do not apply to this standard, however, encourage the parties to the agreement are based on research Whether the latest versions of these documents. For undated reference documents, the latest versions apply to this standard. GB 17859-1999 computer information system security protection classification criterion GB/T 18336.1-2001 Information technology - Security techniques - Evaluation criteria for IT security - Part 1. Introduction and general model 3 Terms, definitions and abbreviations 3.1 Terms and Definitions GB 17859-1999 and GB/T 18336.1-2001 and established the following terms and definitions apply to this standard. 3.1.1 A hardware-based network card address, to complete the package forwarding packets enabled network devices. 3.2 Acronyms The following abbreviations apply to this standard. Access Control List ACL AccessControlList Intrusion Detection System IDS InstrusionDetectionSystem Internet Protocol security protocol IPSec InternetProtocolSecurity MAC MediaAccessControl MAC MPLS Multi-ProtocolLabelSwitching Multiprotocol Label Switching Virtual LAN VLAN VirtualLocalAreaNetwork Virtual Private Network VPN VirtualPrivateNetwork 4 first-level security requirements 4.1 Functional safety requirements 4.1.1 Discretionary Access Control The exchange shall execute discretionary access control policy, the administrator attribute table, to control different administrators to configure the switch data and other Data View, edit, and perform procedures on the switch, to prevent unauthorized personnel to these activities. 4.1.2 authentication 4.1.2.1 Identification Administrator Before entering the system administrator session, the safety function should be identified as an administrator. Discrimination when using the password mechanism, and each time you login system EC progress. Password should be invisible and encrypted storage and transmission protection. ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GA/T 684-2007_English be delivered?Answer: Upon your order, we will start to translate GA/T 684-2007_English as soon as possible, and keep you informed of the progress. The lead time is typically in 9 seconds (download/delivered in 9 seconds). The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GA/T 684-2007_English with my colleagues?Answer: Yes. The purchased PDF of GA/T 684-2007_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
