GB/T 34080.3-2021 English PDFUS$189.00 · In stock
Delivery: <= 3 days. True-PDF full-copy in English will be manually translated and delivered via email. GB/T 34080.3-2021: Security specification of electronic government common platform based on cloud computing - Part 3: Service security Status: Valid
Basic dataStandard ID: GB/T 34080.3-2021 (GB/T34080.3-2021)Description (Translated English): Security specification of electronic government common platform based on cloud computing - Part 3: Service security Sector / Industry: National Standard (Recommended) Classification of Chinese Standard: L67 Word Count Estimation: 10,186 Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration GB/T 34080.3-2021: Security specification of electronic government common platform based on cloud computing - Part 3: Service security---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. Security specification of electronic government common platform based on cloud computing - Part 3.Service security ICS 35.240.01 L67 National Standards of People's Republic of China Public platform for e-government affairs based on cloud computing Security Specification Part 3.Service Security Released on 2021-03-09 2021-10-01 implementation State Administration of Market Supervision and Administration Issued by the National Standardization Management Committee Table of contentsForeword Ⅲ Introduction Ⅳ 1 Scope 1 2 Normative references 1 3 Terms and definitions 1 4 Classification of service security levels 1 5 Service safety requirements 2 5.1 Service Access Control 2 5.1.1 Basic service security requirements 2 5.1.2 Enhanced service security requirements 2 5.1.3 High-level service safety requirements 2 5.2 Service Delivery Protection 2 5.2.1 Basic service security requirements 2 5.2.2 Enhanced service security requirements 2 5.2.3 High-level service safety requirements 3 5.3 Service Monitoring 3 5.3.1 Basic service security requirements 3 5.3.2 Enhanced service security requirements 3 5.3.3 High-level service safety requirements 3 5.4 Service Audit 3 5.4.1 Basic service security requirements 3 5.4.2 Enhanced service security requirements 3 5.4.3 High-level service safety requirements 3 5.5 Service changes 4 5.5.1 Basic safety requirements 4 5.5.2 Enhanced service security requirements 4 5.5.3 High-level service safety requirements 4 5.6 Service evaluation 4 5.6.1 Basic service security requirements 4 5.6.2 Enhanced service security requirements 4 5.6.3 High-level service safety requirements 4 Reference 5ForewordGB/T 34080 ``Security Specifications for Public Platforms of E-Government Based on Cloud Computing'' is divided into the following 4 parts. ---Part 1.General requirements; ---Part 2.Information Resource Security; ---Part 3.Service Security; ---Part 4.Application Security. This part is Part 3 of GB/T 34080. This section was drafted in accordance with the rules given in GB/T 1.1-2009. Please note that some of the contents of this document may involve patents. The issuing agency of this document is not responsible for identifying these patents. This part is proposed and managed by the Ministry of Industry and Information Technology (Communications) of the People's Republic of China. Drafting organizations of this section. Shaanxi Provincial Information Engineering Research Institute, Huawei Technologies Co., Ltd., Tianjin Dahaiyun Technology Co., Ltd., China Power The 28th Research Institute of Subsidiary Technology Group Corporation, Zhejiang Huatong Cloud Data Technology Co., Ltd., China Academy of Information and Communications Technology, Bokang Intelligent Information Technology Co., Ltd., Xi’an University of Posts and Telecommunications, the Fifth Institute of Electronics of the Ministry of Industry and Information Technology, Xi’an Future International Information Co., Ltd., Beijing Kingsoft Network Technology Co., Ltd., Beijing Yuanhe Kunyun Technology Co., Ltd., Nanjing Zhongguan Technology Service Co., Ltd. The main drafters of this section. Ge Xuefeng, Zhu Zhixiang, Xiao Yuelei, Wang Dun, Cui Hao, Zhang Chunhui, Ma Hongjun, He Jiangmin, Xu Ming, Zhang Lei, Liu Shu, Liu Xudong, Song Zhijun, Dai Xiangdong, Yan Changrui.IntroductionThe development of e-government is in a critical transition period of changing the development mode, deepening the application and highlighting the results. Government function transformation and service-oriented Government construction puts forward newer and higher requirements for the development of e-government affairs. Emerging information technologies, industries, and applications represented by cloud computing continue to The emergence has profoundly changed the technological environment and conditions for the development of e-government. Building a public platform for e-government based on cloud computing can give full play to The role of existing resources and the potential of emerging information technology, accelerate the development and innovation of e-government, improve application support service capabilities, and enhance security assurance Ability, reduce duplication of construction, avoid self-government and information islands. In order to enable service users to obtain safe, usable and sustainable services from the public platform of e-government based on cloud computing This part of GB/T 34080 specifies the service security requirements for cloud computing-based e-government public platforms in the process of providing services. To ensure the management and control of service users' data and business. Public platform for e-government affairs based on cloud computing Security Specification Part 3.Service Security1 ScopeThis part of GB/T 34080 specifies the service security level and service security elements of the public platform of e-government based on cloud computing. This section applies to the identification and evaluation of the security level of services provided by the public platform of e-government based on cloud computing. Note. Unless otherwise specified, "e-government public platform" in the following chapters refers to "cloud-based e-government public platform".2 Normative referencesThe following documents are indispensable for the application of this document. For dated reference documents, only the dated version applies to this article Pieces. For undated reference documents, the latest version (including all modifications) applies to this document. GB/T 31167-2014 Information Security Technology Cloud Computing Service Security Guidelines GB/T 34078.1-2017 Cloud Computing-based E-government Public Platform General Specification Part 1.Terms and Definitions GB/T 34080.1-2017 Cloud Computing-based E-government Public Platform Security Specification Part 1.General Requirements GB/T 34080.2-2017 Cloud Computing-based E-government Public Platform Security Specification Part 2.Information Resource Security3 Terms and definitionsGB/T 34078.1-2017, GB/T 34080.1-2017 and GB/T 34080.2-2017 and the following terms and definitions Applies to this document. 3.1 Servicechange Changes including service upgrades, migrations, and exits. 3.2 Servicesecurity The security features of the services provided by the e-government public cloud platform. 3.3 Multi-factor authentication A mechanism to identify users through a combination of multiple factors. Note. Multiple factors include but are not limited to the following factors. password, pass card, USB shield, fingerprint, iris, SMS verification code, etc.4 Classification of service security levelsAccording to the definition of government business classification in GB/T 31167-2014 6.4, the service security level of e-government public cloud platform can be classified Divided into the following three levels. a) Basic service security. The services provided by the e-government public cloud platform should be able to meet the requirements for carrying out general government affairs. Safety capability; b) Enhanced service security. The services provided by the e-government public cloud platform should meet basic service security requirements. ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 34080.3-2021_English be delivered?Answer: Upon your order, we will start to translate GB/T 34080.3-2021_English as soon as possible, and keep you informed of the progress. The lead time is typically 1 ~ 3 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GB/T 34080.3-2021_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 34080.3-2021_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
