GB/T 36630.3-2018 English PDFUS$279.00 ยท In stock
Delivery: <= 3 days. True-PDF full-copy in English will be manually translated and delivered via email. GB/T 36630.3-2018: Information security technology -- Controllability evaluation index for security of information technology products -- Part 3: Operating system Status: Valid
Basic dataStandard ID: GB/T 36630.3-2018 (GB/T36630.3-2018)Description (Translated English): Information security technology -- Controllability evaluation index for security of information technology products -- Part 3: Operating system Sector / Industry: National Standard (Recommended) Classification of Chinese Standard: L80 Classification of International Standard: 35.040 Word Count Estimation: 14,110 Date of Issue: 2018-09-17 Date of Implementation: 2019-04-01 Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration GB/T 36630.3-2018: Information security technology -- Controllability evaluation index for security of information technology products -- Part 3: Operating system---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. (Information security technology - Information technology products - Safety - controllable evaluation index - Part 3) ICS 35.040 L80 National Standards of People's Republic of China Information security technology Information technology product safety and controllable evaluation indicators Part 3. Operating system informationtechnologyproducts-Part 3.Operatingsystem Published on.2018-09-17 Implementation of.2019-04-01 State market supervision and administration China National Standardization Administration issued ContentForeword III Introduction IV 1 Scope 1 2 Normative references 1 3 Terms and Definitions 1 4 Evaluation indicator item 1 5 Evaluation method 2 5.1 Evaluation Material Requirements 2 5.2 Indicator evaluation method 2 5.3 Scoring Method 7 Reference 8ForewordGB/T 36630 "Information Security Technology Information Technology Product Safety and Controllable Evaluation Index" includes the following parts. --- Part 1. General; --- Part 2. Central Processing Unit; --- Part 3. Operating system; --- Part 4. Office suites; --- Part 5. General purpose computer. This part is the third part of GB/T 36630. This part is drafted in accordance with the rules given in GB/T 1.1-2009. This part is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260). This section drafted by. China Electronic Information Industry Development Research Institute, China Electronics Technology Standardization Research Institute, the First Institute of the Ministry of Public Security, Software and Integrated Circuit Promotion Center of the Ministry of Industry and Information Technology, China Information Security Research Institute Co., Ltd., China Software Testing Center, China Letter Information Security Evaluation Center, Winning Software Co., Ltd., Puhua Basic Software Co., Ltd., Beijing Ningsi Technology Co., Ltd., etc. The main drafters of this section. Li Zhenning, Wang Wei, Ye Runguo, Li Haitao, Han Wei, Zuo Xiaodong, Wu Xiaotian, Guo Tongbin, Yan Yanfen, Jia Wei, Liu Quan, Liu Longgeng, Feng Wei, Wang Chao, Zhang Meng, Ma Shimin, Rong Zhigang, Dong Junping, Deng Hui, Wei Anlei.IntroductionIn accordance with the requirements of the "Network Security Law of the People's Republic of China", "Network Product and Service Security Review Measures (Trial)", etc. Control the level of product safety and control, prevent network security risks, maintain national and public security, and then meet the security requirements of operating system products. Control the demand, enhance the application side confidence, and promote the healthy and rapid development of the operating system industry. This part of GB/T 36630 is specially formulated. This part of the evaluation object is the operating system product, the evaluation content is the security and controllability of the operating system products, covering the operating system products. R & D, testing, service support and other aspects. The safety and controllable evaluation indicators described in this section are mainly used to evaluate the safety and controllability of operating system products, and do not include the product itself. Evaluation of full functionality and safety performance. Security and control are just one of the attributes of operating system products, such as the need to evaluate security features and security features. For other attributes, refer to the relevant national standards. Information security technology Information technology product safety and controllable evaluation indicators Part 3. Operating system1 ScopeThis part of GB/T 36630 specifies the relevant concepts of operating system products, and gives the indicators of safety and controllable evaluation and corresponding Evaluation method. This section is applicable to the evaluation implementer to evaluate the security controllability of the operating system products, and also to the information technology product supplier. And the application side can guarantee the safety and control of the product during the product supply and application process.2 Normative referencesThe following documents are indispensable for the application of this document. For dated references, only dated versions apply to this article. Pieces. For undated references, the latest edition (including all amendments) applies to this document. GB/T 25069-2010 Information Security Technology Terminology GB/T 36630.1-2018 Information security technology - Information technology products - Safety controllable evaluation index - Part 1. General3 Terms and definitionsThe following terms and definitions as defined in GB/T 25069-2010 apply to this document. 3.1 Operating system operatingsystem A system software product used to manage hardware resources, control program execution, provide human-machine interfaces, and support application software. Note. Includes, but is not limited to, operating system products used by servers, personal computers, mobile tablets, network devices, and storage devices. 3.2 Operating system kernel operatingsystemkernel A computer program in the operating system that is responsible for core functions such as system processes, memory, device drivers, files, and network systems.4 Evaluation indicator itemsAccording to the evaluation index system framework of 5.2.1 in GB/T 36630.1-2018, the evaluation index is set according to the characteristics of the operating system. item. In this section, no priority evaluation items are set for the OS security-controlled evaluation. In the general evaluation item, the product design was selected. Achieve transparency, product reproducibility, product key technology research and development capabilities, product safety and ecological adaptability, product continuous supply capacity, product supply There are eight indicators such as chain support capability, product service support capability and data processing normativeness, as shown in Table 1. ...... |
