Home Cart Quotation About-Us
www.ChineseStandard.net
SEARCH

GB/T 34080.4-2021 English PDF

US$259.00 · In stock
Delivery: <= 3 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 34080.4-2021: Security specification of electronic government common platform based on cloud computing - Part 4: Application security
Status: Valid
Standard IDUSDBUY PDFLead-DaysStandard Title (Description)Status
GB/T 34080.4-2021259 Add to Cart 3 days Security specification of electronic government common platform based on cloud computing - Part 4: Application security Valid

Similar standards

GB/T 38633   GB/T 38666   GB/T 38672   GB/T 34077.2   GB/T 34080.3   GB/T 34080.2   

Basic data

Standard ID: GB/T 34080.4-2021 (GB/T34080.4-2021)
Description (Translated English): Security specification of electronic government common platform based on cloud computing - Part 4: Application security
Sector / Industry: National Standard (Recommended)
Classification of Chinese Standard: L67
Word Count Estimation: 14,144
Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration

GB/T 34080.4-2021: Security specification of electronic government common platform based on cloud computing - Part 4: Application security


---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Security specification of electronic government common platform based on cloud computing - Part 4.Application security ICS 35.240.01 L67 National Standards of People's Republic of China Public platform for e-government affairs based on cloud computing Safety Specification Part 4.Application Safety Released on 2021-03-09 2021-10-01 implementation State Administration of Market Supervision and Administration Issued by the National Standardization Management Committee

Table of contents

Foreword Ⅰ Introduction Ⅱ 1 Scope 1 2 Normative references 1 3 Terms and definitions 1 4 Abbreviations 1 5 Application Security Threat Analysis of Public Platform 1 5.1 Application vulnerability analysis 1 5.2 Application threat analysis 2 6 Public platform application security implementation 2 6.1 Overview 2 6.2 Preparation for implementation 2 6.3 Application Development 3 6.4 Application Migration and Deployment 3 6.5 Application Trial Run 4 6.6 Application Delivery 4 6.7 Application offline 4 7 Public platform application security operation and maintenance 4 7.1 Basic requirements 4 7.2 Cooperation platform/website connection security 5 7.3 Emergency plan 6 7.4 Safety assessment 6 8 Public platform application security management 6 8.1 Overview 6 8.2 Application basic data management 6 8.3 Application dynamic resource management 6 8.4 Application business status management 7 8.5 Application Access Log Management 8 8.6 Application system function management 8 8.7 Penalty mechanism 9 9 Public platform application security test 10 Reference 11

Foreword

GB/T 34080 ``Security Specifications for Public Platforms of E-Government Based on Cloud Computing'' is divided into the following 4 parts. ---Part 1.General requirements; ---Part 2.Information Resource Security; ---Part 3.Service Security; ---Part 4.Application Security. This part is Part 4 of GB/T 34080. This section was drafted in accordance with the rules given in GB/T 1.1-2009. This part is proposed and managed by the Ministry of Industry and Information Technology (Communications) of the People's Republic of China. Drafting organizations of this section. Xi'an Future International Information Co., Ltd., China Academy of Information and Communications Technology, China United Network Communications Group Co., Ltd., Sugon Cloud Computing Group Co., Ltd., Guoyun Technology Co., Ltd. The main drafters of this section. Bai Feng, Shi Youkang, Liu Shu, Zhang Lei, Zhang Hui, Shi Hui, Liu Di, Kou Jinfeng, Jia Yudong, Xiong Meng.

Introduction

The development of e-government is in a critical transition period of changing the development mode, deepening the application and highlighting the results. Government function transformation and service-oriented Government construction puts forward newer and higher requirements for the development of e-government affairs. Emerging information technologies, industries, and applications represented by cloud computing continue to The emergence has profoundly changed the technological environment and conditions for the development of e-government application services. Building a public platform for e-government based on cloud computing can Give full play to the role of existing resources and the potential of emerging information technology, accelerate the development and innovation of e-government, improve application support service capabilities, and enhance Security assurance capabilities, reduce duplication of construction, and avoid self-governance and information islands. Application service refers to the direct use of various application service software provided on the e-government public platform by government affairs departments to quickly realize business applications. Used service. The e-government public platform shall plan, design, develop and deploy government website systems, mail systems, instant messaging, electronic General application service software such as official document transmission system, electronic signature system, office system, etc., can be called by various government affairs departments on demand. E-government public Platform service providers must fully consider the application security risks brought by the application of cloud computing technology, and address possible data loss and leakage, Share technical vulnerabilities, insecure application program interfaces and other issues, and design corresponding application security protection measures. Public platform for e-government affairs based on cloud computing Safety Specification Part 4.Application Safety

1 Scope

This part of GB/T 34080 specifies the application security implementation, application security operation and maintenance, application security of the public e-government platform based on cloud computing. Use security management and application security testing. This part is applicable to the security construction, implementation and management process of applications provided on the public platform of e-government based on cloud computing. Note. Unless otherwise specified, "e-government public platform" and "public platform" in the following chapters refer to "cloud computing-based e-government public platform".

2 Normative references

The following documents are indispensable for the application of this document. For dated reference documents, only the dated version applies to this article Pieces. For undated reference documents, the latest version (including all amendments) is applicable to this document. GB/T 34078.1-2017 Cloud Computing-based E-government Public Platform General Specification Part 1.Terms and Definitions GB/T 34080.1-2017 Cloud Computing-based E-government Public Platform Security Specification Part 1.General Requirements

3 Terms and definitions

The following terms and definitions defined in GB/T 34078.1-2017 and GB/T 34080.1-2017 apply to this document. 3.1 Applicationsecurity The security of all application software and related components that complete the e-government application functions provided on the e-government public platform.

4 Abbreviations

The following abbreviations apply to this document. FTP. File Transfer Protocol (FileTransferProtocol) SSH. Secure Shell (SecureShel) WWW. World Wide Web (WorldWideWeb)

5 Analysis of application security threats on public platforms

5.1 Application vulnerability analysis Application vulnerability includes technical vulnerability and management vulnerability. The applied vulnerability analysis should include but not limited to those listed in Table 1. range. ......
Image     

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 34080.4-2021_English be delivered?

Answer: Upon your order, we will start to translate GB/T 34080.4-2021_English as soon as possible, and keep you informed of the progress. The lead time is typically 1 ~ 3 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 34080.4-2021_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 34080.4-2021_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.