Home Cart Quotation About-Us
www.ChineseStandard.net
SEARCH

GB/T 33565-2024 English PDF

Q: How long will the true-PDF of English version of GB/T 33565-2024 be delivered?

Upon your order, we will start to translate GB/T 33565-2024_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 7 working days. The lengthier the document the longer the lead time.

Q: Can I share the purchased PDF of GB/T 33565-2024_English with my colleagues?

Yes. The purchased PDF of GB/T 33565-2024_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Q: Does the price include tax/VAT?

Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries). Avoidance of Double Taxation Agreements (DTAs) between Singapore and 100+ Countries: https://www.iras.gov.sg/taxes/international-tax

Q: Do you accept my currency other than USD?

Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.

Q: Should I purchase the latest version GB/T 33565-2024?

Yes. Unless special scenarios such as technical constraints or academic study, you should always prioritize to purchase the latest version GB/T 33565-2024 even if the enforcement date is in future. Complying with the latest version means that, by default, it also complies with all the earlier versions, technically.

US$999.00 · In stock
Delivery: <= 7 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 33565-2024: Cybersecurity technology - Security technology requirements for wireless local area network access system
Status: Valid

GB/T 33565: Historical versions

Standard ID	USD	BUY PDF	Lead-Days	Standard Title (Description)	Status
GB/T 33565-2024	999	Add to Cart	7 days	Cybersecurity technology - Security technology requirements for wireless local area network access system	Valid
GB/T 33565-2017	1879	Add to Cart	7 days	Information security technology -- Security technology requirements for wireless local area network (wlan) access system (EAL2+)	Obsolete

Similar standards

GB/T 32918.5 GB/T 33561 GB/T 32921 GB/T 33563 GB/T 33560

Basic data

Standard ID: GB/T 33565-2024 (GB/T33565-2024)
Description (Translated English): Cybersecurity technology - Security technology requirements for wireless local area network access system
Sector / Industry: National Standard (Recommended)
Classification of Chinese Standard: L80
Classification of International Standard: 35.030
Word Count Estimation: 50,580
Date of Issue: 2024-04-25
Date of Implementation: 2024-11-01
Older Standard (superseded by this standard): GB/T 33565-2017
Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration

GB/T 33565-2024: Cybersecurity technology - Security technology requirements for wireless local area network access system

---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
ICS 35:030 CCSL80 National Standards of People's Republic of China Replaces GB/T 33565-2017 Network Security Technology Wireless LAN Access System Safety technical requirements Released on 2024-04-25 2024-11-01 Implementation State Administration for Market Regulation The National Standardization Administration issued

Preface V 1 Scope 1 2 Normative references 1 3 Terms and Definitions 1 4 Abbreviations 2 5 Wireless LAN Access System 2 5:1 Overview 2 5:2 TOE Boundary 3 6 Security Issues 3 6:1 Threat 3 6:1:1 Unauthorized management (T:UNAUTHORIZED_MANAGEMENT) 3 6:1:2 Unauthorized access (T:UNAUTHORIZED_ACCESS) 3 6:1:3 Cryptographic Decryption (T:CRYPTOGRAPHY_COMPROMISE) 4 6:1:4 Administration Password Cracking (T:ADMINISTRATOR_PASSWORD_CRACKING) 4 6:1:5 Weak terminal authentication (T:WEAK_AUTHENTICATION_ENDPOINTS) 4 6:1:6 Security credentials compromised (T:SECURITY_CREDENTIAL_COMPROMISE) 4 6:1:7 Update Compromised (T:UPDATE_COMPROMISE) 4 6:1:8 Network Exposure (T:NETWORK_DISCLOSURE) 4 6:1:9 Security function failure (T:SECURITY_FUNCTIONALITY_FAILURE) 4 6:1:10 Untrusted channels (T:UNTRUSTED_COMMUNICATION_CHANNELS) 4 6:1:11 Replay Attack (T:REPLAY_ATTACK) 4 6:1:12 Unknown activity (T:UNDETECTED_ACTIVITY) 4 6:1:13 Residual Information Utilization (T:RESIDUAL_DATA_EXPLOIT) 5 6:1:14 Resource consumption (T:RESOURCE_EXHAUSTION) 5 6:1:15 Network hijacking (T:HIJACK_ATTACK) 5 6:2 Organizational Security Strategy 5 6:2:1 Access Announcement (P:ACCESS_BANNER) 5 6:2:2 Password Management (P:CRYPTOGRAPHY_MANAGEMENT) 5 6:2:3 Authentication Application (P:AUTHENTICATION_USAGE) 5 6:3 Assumption 5 6:3:1 Physical protection (A:PHYSICAL_PROTECTION) 5 6:3:2 Limited functionality (A:LIMITED_FUNCTIONALITY) 5 6:3:3 Connection (A:CONNECTION) 5 6:3:4 Trusted Administrator (A:TRUSTED_ADMINISTRATOR) 5 6:3:5 Regular Updates (A:REGULAR_UPDATES) 5 6:3:6 Administrator Credentials Security (A:ADMINISTRATOR_CREDENTIALS_SECURE) 6:3:7 Components running normally (A:COMPONENTS_RUNNING) 6 6:3:8 No remaining information (A:NO_REMAINING_INFORMATION) 7 Security Purpose 6 7:1 TOE security objectives 6 7:1:1 Cryptographic functions (O:CRYPTOGRAPHIC_FUNCTIONS) 6 7:1:2 Authentication (O:AUTHENTICATION) 6 7:1:3 Self-test (O:SELF_TEST) 6 7:1:4 System Monitoring (O:SYSTEM_MONITORING) 6 7:1:5 TOE Administrator (O:TOE_ADMINISTRATOR) 6 7:1:6 Trusted Channel (O:TRUSTED_CHANNEL) 6 7:1:7 Resource Management (O:RESOURCE_MANAGEMENT) 6 7:1:8 Residual Information Clearance (OE:RESIDUAL_INFORMATION_ERASE) 7 7:1:9 Trusted Update (O:TRUSTED_UPDATE) 7 7:1:10 Distributed Management (O:DISTRIBUTED_MANAGEMENT) 7 7:1:11 Access Control (O:ACCESS_CONTROL) 7 7:2 Environmental safety objectives 7 7:2:1 Physics (OE:PHYSICAL) 7 7:2:2 Non-generic functionality (OE:NO_GENERAL_PURPOSE) 7 7:2:3 Administrator Trusted (OE:ADMINISTRATOR_TRUSTED) 7 7:2:4 Update Mechanism (OE:UPDATE_MECHANISM) 7 7:2:5 Administrator Credentials Security (OE:ADMINISTRATOR_CREDENTIALS_SECURE) 7 7:2:6 Component Availability (OE:COMPONENTS_SERVICEABILITY) 7 7:2:7 Remaining Information Clearance (OE:REMAINING_INFORMATION_ERASE) 8 7:2:8 Connections (OE:CONNECTIONS) 8 7:2:9 Trusted Time (OE:TIME) 8 8 Safety requirements 8 8:1 Security Function Requirements 8 8:1:1 Classification of safety function requirements 8 8:1:2 Safety Audit (FAU) 11 8:1:3 Password Support (FCS) 13 8:1:4 User Data Protection (FDP) 15 8:1:5 Marking and Identification (FIA) 16 8:1:6 Safety Management (FMT) 18 8:1:7 TSF protection (FPT) 20 8:1:8 TOE Access (FTA) 22 8:1:9 Trusted Path/Channel (FTP) 23 8:1:10 Resource Utilization (FRU) and Communication (FCO) 25 8:2 Security requirements 25 9 Basic Principles 25 9:1 Basic principles of safety objectives 25 9:2 Basic principles of safety requirements 26 9:3 Basic principles of component dependencies 29 Appendix A (Normative) Security function requirements allocation relationship of distributed wireless LAN access system components 33 Appendix B (Normative) Auditable events corresponding to the security function requirements of wireless LAN access systems 36 Reference 38

Foreword

This document is in accordance with the provisions of GB/T 1:1-2020 "Guidelines for standardization work Part 1: Structure and drafting rules for standardization documents" Drafting: This document replaces GB/T 33565-2017 "Information Security Technology Wireless LAN Access System Security Technical Requirements (Assessment Level Compared with GB/T 33565-2017, in addition to structural adjustments and editorial changes, the main technical changes are as follows: a) The scope of TOE has been changed (see Chapter 5 and Chapter 6 of the:2017 edition); b) Modified the threats faced by wireless LAN access systems, including 15 types of threats, 3 organizational security policies and 8 assumptions (see Chapter 6 of the:2017 edition, Chapter 7 of the:2017 edition); c) Changed "TOE security objectives" and "Environmental security objectives", including 11 TOE security objectives and 9 environmental security objectives (See Chapter 7, Chapter 8 of the:2017 edition); d) Changed the security function requirements for wireless LAN access systems, including 81 security function requirements in 10 categories (see 8:1,:2017 edition) Chapters 9 and 10 of the ); e) According to the development of wireless LAN access system technology, the latest security requirements have been changed (see 8:2, 9:2 of the:2017 edition); f) Added “Basic Principles”, including the correspondence between security issues and security objectives, security objectives and security requirements, and between components: Dependencies (see Chapter 9): Please note that some of the contents of this document may involve patents: The issuing organization of this document does not assume the responsibility for identifying patents: This document was proposed and coordinated by the National Cybersecurity Standardization Technical Committee (SAC/TC260): This document was drafted by: China Information Security Evaluation Center, Information Engineering Institute of the Chinese Academy of Sciences, CRRC Industrial Research Institute Co:, Ltd:, Beijing Jiaotong University, Huawei Technologies Co:, Ltd:, Xi'an Xidian Jietong Wireless Network Communications Co:, Ltd:, the First Research Institute of the Ministry of Public Security, China Electronic Technology Standardization Institute, Beijing Topsec Network Security Technology Co:, Ltd:, Sangfor Technologies Co:, Ltd:, Zhengzhou Xindajiean Information Technology Co:, Ltd:, Changyang Technology (Beijing) Co:, Ltd:, Shenzhen Xinrui Network Technology Co:, Ltd:, Beijing Luyuntian Network Network Security Technology Research Institute Co:, Ltd:, Xi'an Jiaotong University Jabil Network Technology Co:, Ltd:, Zhongfu Information Co:, Ltd:, State Grid Blockchain Technology Co:, Ltd: Technology (Beijing) Co:, Ltd:, China Cyber Security Review Technology and Certification Center, H3C Technologies Co:, Ltd:, China Electric Power Research Institute Limited company: The main drafters of this document are: Wu Runpu, Li Meicong, Long Gang, Guo Tao, Chen Dongqing, Shao Shuai, Fan Yuming, Liu Qi, Liu Jiqiang, Wang Wei, Tian Yin, Wang Jian, Wang Junyong, Ji Chenhe, Zhang Bianling, Zhu Zhenrong, Zhang Dongju, Kou Zengjie, An Gaofeng, Bao Xuhua, Ye Runguo, Ma Hongli, Han Xiude, Zhao Hua, Lai Guoqiang, He Jianfeng, Fan Wei, Mi Baoxin, Zhu Dali, Zhang Liang, Han Jideng, Gao Jinping, Sun Pengke, Hou Mengyun, Yang Ke, Shen Yongbo, Wan Xiaolan, Wang Haixiang: The previous versions of this document and the documents it replaces are as follows: ---First published in:2017 as GB/T 33565-2017; ---This is the first revision: Network Security Technology Wireless LAN Access System Safety technical requirements

1 Scope

This document specifies the security function requirements and security assurance requirements of wireless LAN access systems, and gives the Description of security issues faced: This document is applicable to the testing, evaluation and procurement of wireless LAN access systems, as well as guiding the research and development of such products:

2 Normative references

The contents of the following documents constitute the essential clauses of this document through normative references in this document: For referenced documents without a date, only the version corresponding to that date applies to this document; for referenced documents without a date, the latest version (including all amendments) applies to This document: GB 15629:11 Information technology systems - Telecommunications and information exchange - Specific requirements for local area networks and metropolitan area networks - Part 11 Division: Wireless LAN Media Access Control and Physical Layer Specifications GB/T 18336:1-2024 Cybersecurity technology Information technology security assessment criteria Part 1: Introduction and general model GB/T 18336:2-2024 Cybersecurity technology Information technology security assessment criteria Part 2: Security function requirements GB/T 18336:3-2024 Cybersecurity technology Information technology security assessment criteria Part 3: Security assurance requirements GB/T 25069-2022 Information Security Technical Terminology GB/T 32213-2015 Information security technology Public key infrastructure Remote password authentication and key establishment specification GB/T 32915-2016 Information security technology Binary sequence randomness detection method GB/T 32918:3-2016 Information Security Technology SM2 Elliptic Curve Public Key Cryptography Algorithm Part 3: Key Exchange Protocol GB/T 35276-2017 Information security technology SM2 cryptographic algorithm usage specification GB/T 39786-2021 Information security technology Basic requirements for the application of cryptography in information systems

3 Terms and definitions

The terms and definitions defined in GB/T 25069-2022 and GB/T 18336:1-2024 and the following apply to this document: 3:1 A device or system consisting of software and hardware that enables wireless LAN clients to access a wireless LAN: 3:2 Access Controller accesscontroler A control device that enables wireless LAN clients to access the wireless LAN: 3:3 access point A network access device that provides access between wireless LAN clients and wired networks and forwards frames between wireless networks and wired networks: ......

Image

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 33565-2024_English be delivered?

Answer: Upon your order, we will start to translate GB/T 33565-2024_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 7 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 33565-2024_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 33565-2024_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.

Question 5: Should I purchase the latest version GB/T 33565-2024?

Answer: Yes. Unless special scenarios such as technical constraints or academic study, you should always prioritize to purchase the latest version GB/T 33565-2024 even if the enforcement date is in future. Complying with the latest version means that, by default, it also complies with all the earlier versions, technically.