Home Cart Quotation About-Us
www.ChineseStandard.net
SEARCH

GB/T 42884-2023 English PDF

Q: How long will the true-PDF of English version of GB/T 42884-2023 be delivered?

Upon your order, we will start to translate GB/T 42884-2023_English as soon as possible, and keep you informed of the progress. The lead time is typically 3 ~ 5 working days. The lengthier the document the longer the lead time.

Q: Can I share the purchased PDF of GB/T 42884-2023_English with my colleagues?

Yes. The purchased PDF of GB/T 42884-2023_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Q: Does the price include tax/VAT?

Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries). Avoidance of Double Taxation Agreements (DTAs) between Singapore and 100+ Countries: https://www.iras.gov.sg/taxes/international-tax

Q: Do you accept my currency other than USD?

Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.

US$499.00 · In stock
Delivery: <= 5 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 42884-2023: Information security technology - Guidelines for life cycle security management of mobile Internet applications(App)
Status: Valid

Standard ID	USD	BUY PDF	Lead-Days	Standard Title (Description)	Status
GB/T 42884-2023	499	Add to Cart	5 days	Information security technology - Guidelines for life cycle security management of mobile Internet applications(App)	Valid

Similar standards

GB/T 42453 GB/T 42447 GB/T 42460 GB/Z 42885 GB/T 42888

Basic data

Standard ID: GB/T 42884-2023 (GB/T42884-2023)
Description (Translated English): Information security technology - Guidelines for life cycle security management of mobile Internet applications(App)
Sector / Industry: National Standard (Recommended)
Classification of Chinese Standard: L80
Classification of International Standard: 35.030
Word Count Estimation: 26,243
Date of Issue: 2023-08-06
Date of Implementation: 2024-03-01
Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration

GB/T 42884-2023: Information security technology - Guidelines for life cycle security management of mobile Internet applications(App)

---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
ICS 35.030 CCSL80 National Standards of People's Republic of China Information Security Technology Mobile Internet Application (App) Lifecycle Security Management Guide Published on 2023-08-06 2024-03-01 Implementation State Administration for Market Regulation Released by the National Standardization Administration Committee

Preface III 1 Scope 1 2 Normative reference documents 1 3 Terms and Definitions 1 4 Abbreviations 2 5 Overview 2 5.1 Security issues in App 2 5.2 App life cycle security management 2 6 Life cycle stage management process 3 6.1 Requirements Analysis Phase 3 6.2 Development and design stage 4 6.3 Test verification phase 5 6.4 Shelf release stage 6 6.5 Installation and operation phase 7 6.6 Update Maintenance Phase 7 6.7 Termination of Operations Phase 8 6.8 Other security support processes 8 7 Risk Monitoring and Management Process 9 7.1 Risk data management9 7.2 Security vulnerability management 10 Appendix A (informative) Classification and description of security issues in App 13 A.1 Classification and description of malicious programs13 A.2 Classification and description of personal information risks13 A.3 Classification and description of application behavior risks14 A.4 Classification and description of security vulnerabilities15 Appendix B (informative) The relationship between the security issues existing in the App and the response to security management activities 16 Appendix C (Informative) Security Development 17 C.1 Program safety17 C.2 Security 20 Reference 21

Foreword

This document complies with the provisions of GB/T 1.1-2020 "Standardization Work Guidelines Part 1.Structure and Drafting Rules of Standardization Documents" Drafting. Please note that some content in this document may be subject to patents. The publisher of this document assumes no responsibility for identifying patents. This document is proposed and coordinated by the National Information Security Standardization Technical Committee (SAC/TC260). This document was drafted by. Wuhan Antiy Information Technology Co., Ltd., Beijing Saixi Technology Development Co., Ltd., China Information Communications Information Research Institute, Huawei Technologies Co., Ltd., Vivo Mobile Communications Co., Ltd., 360 Technology Group Co., Ltd., OPPO Guangdong Mobile Communications Xin Co., Ltd., Beijing Xiaomi Mobile Software Co., Ltd., Third Research Institute of the Ministry of Public Security, National Computer Virus Emergency Response Center, China Software Evaluation Center, National Computer Network Emergency Technology Coordination Center, Institute of Information Engineering, Chinese Academy of Sciences, Venus Information Technology Center Tuan Group Co., Ltd., Lenovo (Beijing) Co., Ltd., Midea Group Co., Ltd., Hisense Group Holdings Co., Ltd., Ant Technology Group Co., Ltd., China Southern Power Grid Digital Grid Research Institute Co., Ltd., Beijing Zhiyou Network Security Technology Co., Ltd., Hangzhou Anheng Information Technology Technology Co., Ltd., Beijing Zhizhangyi Technology Co., Ltd., Beijing Baidu Netcom Technology Co., Ltd., Beijing Edition Information and Communication Technology Co., Ltd., Beijing Jingkuaishou Technology Co., Ltd., Shaanxi Information Engineering Research Institute, Beijing Bangbang Security Technology Co., Ltd. The main drafters of this document. Pan Xuanchen, Xu Yuna, Chen Cheng, Wang Songhe, Yuan Zhongju, Cheng Mingjiang, Yao Yinan, Li Teng, Lu Wei, Chen Jialin, Zhang Yan, Tian Yuan, Liu Yan, Cai Yiming, Qin Xiaolei, He Nengqiang, Lu Zhigang, Yu Lina, Sun Haiyan, Shi Jing, Li Ruxin, Yang Kun, Zhang Jueyi, Wang Xin, Bai Xiaoyuan, Mu Tianshi, Han Yun, Li Xianzhen, Li Biao, Tang Jiawei, Dong Hong, Pan Zhengtai, Fang Ning, Yi Qiang, Du Dan, Jia Ke, Luo Hongwei, Yang Minghui, Xu Xiangzhi, Bi Kaifeng. Information Security Technology Mobile Internet Application (App) Lifecycle Security Management Guide

1 Scope

This document provides security management of the mobile Internet application (App) life cycle stage management process and risk monitoring management process. guide. This document is applicable to life cycle security management of App development and operation by App providers, App distribution platform managers and mobile Intelligent terminal manufacturers and other reference use.

2 Normative reference documents

The contents of the following documents constitute essential provisions of this document through normative references in the text. Among them, the dated quotations For undated referenced documents, only the version corresponding to that date applies to this document; for undated referenced documents, the latest version (including all amendments) applies to this document. GB/T 25069-2022 Information security technical terms GB/T 28458-2020 Information security technology network security vulnerability identification and description specifications GB/T 38674-2020 Information Security Technology Application Software Security Programming Guide GB/T 39720-2020 Information security technology mobile intelligent terminal security technical requirements and test evaluation methods GB/T 41391-2022 Information Security Technology Basic Requirements for Mobile Internet Applications (Apps) to Collect Personal Information

3 Terms and definitions

GB/T 25069-2022, GB/T 38674-2020, GB/T 39720-2020 and GB/T 41391-2022 and The following terms and definitions apply to this document. 3.1 smart mobile terminal smart mobile terminal A mobile terminal that has an open system that can provide application development interfaces and can install and run third-party application software. [Source. GB/T 39720-2020,3.1] 3.2 Application software that runs on mobile smart terminals to provide information services to users. Note. Including downloaded, installed and run applications and small programs, referred to as App. [Source. GB/T 41391-2022, 3.1, with modifications] 3.3 The process of app evolution over time from demand analysis to termination of operation. 3.4 An organization or individual who designs, develops or operates an App. ......

Image

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 42884-2023_English be delivered?

Answer: Upon your order, we will start to translate GB/T 42884-2023_English as soon as possible, and keep you informed of the progress. The lead time is typically 3 ~ 5 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 42884-2023_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 42884-2023_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.