GA/T 698-2014 English PDFUS$739.00 · In stock
Delivery: <= 4 days. True-PDF full-copy in English will be manually translated and delivered via email. GA/T 698-2014: Information security technology. Technical requirements for information filtering products GA/T 698: Historical versions
Basic dataStandard ID: GA/T 698-2014 (GA/T698-2014)Description (Translated English): Information security technology. Technical requirements for information filtering products Sector / Industry: Public Security (Police) Industry Standard (Recommended) Classification of Chinese Standard: A90 Classification of International Standard: 35.240 Word Count Estimation: 21,278 Date of Issue: 2014-03-24 Date of Implementation: 2014-03-24 Older Standard (superseded by this standard): GA/T 698-2007 Quoted Standard: GB 17859-1999; GB/T 18336.1-2008; GB/T 18336.2-2008; GB/T 18336.3-2008; GB/T 25069-2010 Regulation (derived from): Notice on Publication of Public Safety Industry Standard (Year of 2014); Industry Standard Record Announcement No. 4 of 2015 (No. 184) Issuing agency(ies): Ministry of Public Security Summary: This standard specifies the information security requirements, safety assurance requirements and classification requirements for information filtering products. This standard applies to the design, development and testing of information filtering products GA/T 698-2014: Information security technology. Technical requirements for information filtering products---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. Information security technology.Technical requirements for information filtering products ICS 35.240 A90 People's Republic of China Public Security Industry Standards Replacing GA/T 698-2007 Information security technology information filtering technical requirements Issued on. 2014-03-24 2014-03-24 implementation People's Republic of China Ministry of Public Security Table of ContentsIntroduction Ⅲ Introduction Ⅳ 1 Scope 1 2 Normative references 1 3 Terms and definitions 4 Abbreviations 1 Information filtering Product Description 1 5 2 6 Security Environment 6.1 Hypothesis 2 6.2 Threat 3 6.3 3 Organization for Security Policy 7 security objectives 3 7.1 Product Safety Objective 3 7.2 Objective 4 Environmental Safety 8 security functional requirements 4 8.1 protocol identification 4 8.2 application filtering 4 8.3 Policy Applications 6 8.4 identification and authentication 6 8.5 Identification of failure handling 7 8.6 lock timeout or cancellation 7 8.7 Safety Support System 7 8.8 administrator permissions 7 8.9 Remote Management Security 7 8.10 Audit Logs 7 8 9 Security assurance requirements 9.1 Configuration Management 8 9.2 Delivery and Operation 9 9.3 Development 9 9.4 guidance document 10 11 9.5 Life Cycle Support 9.6 Test 11 9.7 Vulnerability assessment 12 10 basic principles of technical requirements 13 10.1 13 basic principles of security functional requirements 10.2 13 basic principles of security assurance requirements 11 classification requirements 13 11.1 Overview 13 11.2 Classification of security functional requirements 14 11.3 Classification of security assurance requirements 15ForewordThis standard was drafted in accordance with GB/T 1.1-2009 given rules. Instead of the standard GA/T 698-2007 "information security technology filtration products information security functional requirements." And GA/T 698- Compared to 2007, the main technical changes are as follows. --- Standard name changed to "information security technology information filtering products technical requirements" (see cover, the cover of the 2007 edition); --- Increased abbreviations (see Chapter 4); --- Increasing the information filtering product description (see Chapter 5); --- Increase the security environment, including the assumptions, threats and organizational security policies (see Chapter 6); --- Increased security purposes, including the purpose of product safety and environmental safety purposes (see Chapter 7); --- Added "Policy Applications" requirements (see 8.3); --- Increase the "identification and authentication" requirements (see 8.4); --- Added "Remote Management security" requirements (see 8.9); --- Increased security assurance requirements (see Chapter 9); --- Increase the technical requirements of the basic principles, including the basic principles of security functional requirements and security assurance requirements for the basic principles (see paragraph 10 chapter); --- Deleted "links Information filtering" requirements (see the 2007 version 4.1.5); --- Delete the words "search engine filtering" requirements (see the 2007 version 4.1.6); --- Remove the "black list, white list" of requirements (see the 2007 version 4.1.8); --- Deleted "TELNET information filtering", "instant message filtering" and "chat filtering" requirements (see the 2007 edition The 4.4.2,4.4.4,4.4.5). Please note that some of the content of this document may involve patents. Release mechanism of the present document does not assume responsibility for the identification of these patents. This standard was proposed by the Ministry of Public Security Network Security Protection Agency. This standard is under the jurisdiction of the Ministry of Public Security Information System Standardization Technical Committee. This standard was drafted. Ministry of Public Security of Computer Information System Security Product Quality Supervision and Inspection Center, Ministry of Public Security Network Security Protection Agency, square N Information Industry Holdings Co., Ltd. Blue Shield Information Security Technology, Third Institute of Ministry of Public Security. The main drafters of this standard. Gu Jianxin, Gu Jian, Lu Lei, Gu Wei, Yu excellent, Zhang Yi, Wu Xinli, Yang Yubin. This standard replaces the standards previously issued as follows. --- GA/T 698-2007.IntroductionThis standard is described in detail and product safety information filtering environment-related assumptions, threats and organizational security policies defined filtering capacity Security purposes product and its supporting environment, demonstrated by the basic principles of security functional requirements and be able to trace the products covered by security purposes, security purposes It can be traced back cover and secure environment-related assumptions, threats and organizational security policies. The standard base-level reference to GB/T 18336.3-2008 prescribed level EAL2 security assurance requirements, and enhance the level at EAL4 level Security assurance requirements based on the vulnerability analysis requires upgrade to an attacker can withstand moderate attack potential attack. This standard only gives the information filtering products should meet the technical requirements of security, but filtration products for information specific technical implementation, party Method is not required. Information security technology information filtering technical requirements1 ScopeThis standard specifies the information filtering product security functional requirements, security assurance requirements and grading requirements. This standard applies to information filtering product design, development, and testing.2 Normative referencesThe following documents for the application of this document is essential. For dated references, only the dated version suitable for use herein Member. For undated references, the latest edition (including any amendments) applies to this document. GB 17859-1999 computer information system security protection classification criterion GB/T 18336-2008 (all parts), Information technology - Security techniques - Information Technology Security Evaluation Guidelines GB/T 25069-2010 Information security technology terms3 Terms and DefinitionsGB 17859-1999, terms and definitions GB/T 18336-2008 (all parts) and GB/T 25069-2010 defined apply This document.4 AbbreviationsThe following abbreviations apply to this document. FTP. File Transfer Protocol (FileTransferProtocol) HTTP. Hypertext Transfer Protocol (HypertextTransferProtocol) IM. Instant Messaging (InstantMessenger) IP. Internet Protocol (InternetProtocol) MAC. MAC (MediaAccessControl) POP3. Post Office Protocol Third Edition (PostOfficeProtocol3) SMTP. Simple Mail Transfer Protocol (SimpleMailTransferProtocol) TELNET. Telnet (TelecommunicationNetwork) URL. Uniform Resource Locator (UniversalResourceLocator)5 Information Filtering Product DescriptionThis standard defines the information filtering products is through the analysis of network data communications, focusing on the network for HTTP, FTP and mail And other application-layer protocols one or more real-time analysis, according to pre-defined rules to filter its content and interception. Information filtering products are generally located between the access client and the target server, the inflow or outflow of information filtering policies were defined Control and protect critical data and information filtering product itself inside. The product is typically deployed in bypass mode or tandem guest access The client lies at the outlet of the network. ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GA/T 698-2014_English be delivered?Answer: Upon your order, we will start to translate GA/T 698-2014_English as soon as possible, and keep you informed of the progress. The lead time is typically 2 ~ 4 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GA/T 698-2014_English with my colleagues?Answer: Yes. The purchased PDF of GA/T 698-2014_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.Question 5: Should I purchase the latest version GA/T 698-2014?Answer: Yes. Unless special scenarios such as technical constraints or academic study, you should always prioritize to purchase the latest version GA/T 698-2014 even if the enforcement date is in future. Complying with the latest version means that, by default, it also complies with all the earlier versions, technically. |
