Home Cart Quotation About-Us
www.ChineseStandard.net
SEARCH

GB/T 21053-2023 English PDF

Q: How long will the true-PDF of English version of GB/T 21053-2023 be delivered?

Upon your order, we will start to translate GB/T 21053-2023_English as soon as possible, and keep you informed of the progress. The lead time is typically 2 ~ 4 working days. The lengthier the document the longer the lead time.

Q: Can I share the purchased PDF of GB/T 21053-2023_English with my colleagues?

Yes. The purchased PDF of GB/T 21053-2023_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Q: Does the price include tax/VAT?

Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries). Avoidance of Double Taxation Agreements (DTAs) between Singapore and 100+ Countries: https://www.iras.gov.sg/taxes/international-tax

Q: Do you accept my currency other than USD?

Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.

Q: Should I purchase the latest version GB/T 21053-2023?

Yes. Unless special scenarios such as technical constraints or academic study, you should always prioritize to purchase the latest version GB/T 21053-2023 even if the enforcement date is in future. Complying with the latest version means that, by default, it also complies with all the earlier versions, technically.

US$439.00 · In stock
Delivery: <= 4 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 21053-2023: Information security techniques - Public key infrastructure - Security technology requirement for PKI system
Status: Valid

GB/T 21053: Historical versions

Standard ID	USD	BUY PDF	Lead-Days	Standard Title (Description)	Status
GB/T 21053-2023	439	Add to Cart	4 days	Information security techniques - Public key infrastructure - Security technology requirement for PKI system	Valid
GB/T 21053-2007	RFQ	ASK	10 days	Information security techniques -- Public key infrastructure -- Technology requirement for security classification protection of PKI system	Obsolete

Similar standards

GB/T 20984 GB/T 20988 GB/T 21028 GB/T 21054 GB/T 21050

Basic data

Standard ID: GB/T 21053-2023 (GB/T21053-2023)
Description (Translated English): Information security techniques - Public key infrastructure - Security technology requirement for PKI system
Sector / Industry: National Standard (Recommended)
Classification of Chinese Standard: L80
Classification of International Standard: 35.030
Word Count Estimation: 22,256
Date of Issue: 2023-03-17
Date of Implementation: 2023-10-01
Older Standard (superseded by this standard): GB/T 21053-2007
Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration

GB/T 21053-2023: Information security techniques - Public key infrastructure - Security technology requirement for PKI system

---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
ICS 35.030 CCSL80 National Standards of People's Republic of China Replacing GB/T 21053-2007 Information Security Technology Public Key Infrastructure PKI System Security Technical Requirements Released on 2023-03-17 2023-10-01 implementation State Administration for Market Regulation Released by the National Standardization Management Committee

Preface I 1 Scope 1 2 Normative references 1 3 Terms and Definitions 1 4 Abbreviations 2 5 PKI system framework and security level 2 5.1 Typical framework 2 5.2 Safety function 3 5.3 Security level division 4 6 Safety function requirements 4 6.1 General requirements for key management 4 6.2 System key management 4 6.3 Subscriber Key Management 7 6.4 Template Management 9 6.5 Certificate Management 10 6.6 Identification 11 6.7 Access Control 12 6.8 Security Audit 13 6.9 Origin non-repudiation 15 6.10 Backup and restore 15 6.11 Startup and running test 15 6.12 Inter-component communication security 16 7 Security requirements 16 7.1 Development 16 7.2 Guidance Documents 16 7.3 Life cycle support 17 7.4 Developer testing 18 7.5 Vulnerability assessment 18 Reference 19

foreword

This document is in accordance with the provisions of GB/T 1.1-2020 "Guidelines for Standardization Work Part 1.Structure and Drafting Rules for Standardization Documents" drafting. This document replaces GB/T 21053-2007 "Information Security Technology Public Key Infrastructure PKI System Security Level Protection Technical Requirements beg". Compared with GB/T 21053-2007, except for structural adjustment and editorial changes, the main technical changes are as follows. a) Change the name to "Information Security Technology Public Key Infrastructure PKI System Security Technical Requirements"; b) The content of the scope has been revised (see Chapter 1, Chapter 1 of the.2007 edition); c) Adjusted and modified the normative references (see Chapter 2, Chapter 2 of the.2007 edition); d) The chapter "PKI System Framework and Security Level" has been added to describe the basic framework of the PKI system, the functions of each component and the specifications of this document. The security level of the given PKI system is described (see Chapter 5); e) Change the security level division from five levels in the.2007 edition to two levels. basic level and enhanced level (see 5.3,.2007 edition 5.1.1, 5.2.1, 5.3.1, 5.4.1, 5.5.1); f) Adjust the content of 5.1~5.5 of the.2007 edition to the newly added 6 safety function requirements and 7 safety assurance requirements (see Chapter 6 and Chapter 6 Chapter 7, 5.1~5.5 of the.2007 edition); g) Deleted the content related to actual deployment in the.2007 edition (physical security, data input and output); The requirements on non-repudiation of origin in "Exit" are adjusted to 6.9 "Non-repudiation of origin" (see 6.9, 5.1.2, 5.3.2, 5.1.6 of the.2007 edition and 5.3.7). Please note that some contents of this document may refer to patents. The issuing agency of this document assumes no responsibility for identifying patents. This document is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260). This document was drafted by. Institute of Software, Chinese Academy of Sciences, University of Chinese Academy of Sciences, Third Research Institute of Ministry of Public Security, First Research Institute of Ministry of Public Security Institute, Chengdu Westone Information Industry Co., Ltd., Beijing Principal Century Technology Co., Ltd., Beijing Digital Certification Co., Ltd., Changchun Jida Zhengyuan Information Technology Co., Ltd., Geer Software Co., Ltd., China Academy of Information and Communications Technology, Data Security Times Technology Shares Co., Ltd., Beijing Chuangyuan Tiandi Technology Co., Ltd., Beijing Qihoo Technology Co., Ltd., China Electronics Technology Group Corporation Fifteenth Research Institute, Beijing Zhongdian Huada Electronic Design Co., Ltd., State Grid Blockchain Technology (Beijing) Co., Ltd., Huawei Technologies Co., Ltd., Zhengzhou Letter Great Jiean Information Technology Co., Ltd., Xi'an Xidian Jietong Wireless Network Communication Co., Ltd., Tianjin Nanda General Data Technology Co., Ltd. Co., Ltd., Beijing Software Product Quality Inspection and Inspection Center, Tongzhi Weiye Software Co., Ltd., Beijing Baidu Netcom Technology Co., Ltd., Yashu Information Technology (Shanghai) Co., Ltd., Guangzhou Baiguoyuan Information Technology Co., Ltd., Guangzhou Netstar Information Technology Co., Ltd., CICC Financial Certification Authority Ltd. The main drafters of this document. Zhang Liwu, Zhang Yan, Wang Rui, Chen Yan, Feng Dengguo, Gu Jian, Qiu Zihua, Li Jinghua, Kang Yang, Li Qian, Liu Limin, Zhang Yan, Liu Yuling, Zheng Qiang, Zhang Liting, Fu Dapeng, Wang Zongbin, Zhang Baoxin, Kou Chunjing, Liu Jinhua, Li Jian, Ding Zhaowei, Wang Xianfang, Wang Rong, Zhou Weilin, Xiao Qinghai, Zhang Yi, Liu Jian, Huang Yu, Li Da, Chu Chao, Zhou Jixiang, Du Zhiqiang, Mao Juhui, Meng Xiangzhen, Jiao Zhengkun, Han Changqing, Wei Yicai, Zhu Xiaoyu, Zhong Qinghua, Li Da. The release status of previous versions of this document and the documents it replaces are as follows. ---It was first published as GB/T 21053-2007 in.2007; --- This is the first revision. Information Security Technology Public Key Infrastructure PKI system security technical requirements

1 Scope

This document divides the security level of the PKI system into basic level and enhanced level, and specifies the security function requirements and security requirements of the corresponding security level. full security requirements. This document is applicable to the research and development of PKI system, the evaluation and procurement of PKI system products for reference.

2 Normative references

The contents of the following documents constitute the essential provisions of this document through normative references in the text. Among them, dated references For documents, only the version corresponding to the date is applicable to this document; for undated reference documents, the latest version (including all amendments) is applicable to this document. GB/T 20518-2018 Information Security Technology Public Key Infrastructure Digital Certificate Format GB/T 25056-2018 Information Security Technology Certificate Authentication System Password and Related Security Technical Specifications GB/T 25069 Information Security Technical Terms GM/T 0014-2012 Cryptography protocol specification for digital certificate authentication system

3 Terms and Definitions

The following terms and definitions defined in GB/T 25069 apply to this document. 3.1 PKI systemPKIsystem In the public key infrastructure, based on the public key cryptography system, functions such as issuance, revocation and management of digital certificates are realized, and subscribers (3.4) are provided with Information system that provides corresponding services. 3.2 split knowledge splitknowledge The process of splitting a cryptographic key into multiple key components. the individual components do not share knowledge of the original key, but can be determined by separate The entity then inputs it to or outputs it from the cryptographic module, which is combined to recreate the original cryptographic key. NOTE. All or a subset of components can be requested to accomplish this combination. [Source. GB/T 25069-2022, 3.120] 3.3 System user systemuser In the PKI system, the user who performs specific operations through the system operation interface realizes the control of the specific functions of the system. Example. Administrators, auditors, and operators of a PKI system. [Source. GB/T 25069-2022, 3.652, modified] ......

Image

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 21053-2023_English be delivered?

Answer: Upon your order, we will start to translate GB/T 21053-2023_English as soon as possible, and keep you informed of the progress. The lead time is typically 2 ~ 4 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 21053-2023_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 21053-2023_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.

Question 5: Should I purchase the latest version GB/T 21053-2023?

Answer: Yes. Unless special scenarios such as technical constraints or academic study, you should always prioritize to purchase the latest version GB/T 21053-2023 even if the enforcement date is in future. Complying with the latest version means that, by default, it also complies with all the earlier versions, technically.