Home Cart Quotation About-Us
www.ChineseStandard.net
SEARCH

GBZ30286-2013 English PDF

Q: How long will the true-PDF of English version of GBZ30286-2013 be delivered?

Upon your order, we will start to translate GBZ30286-2013_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 7 working days. The lengthier the document the longer the lead time.

Q: Can I share the purchased PDF of GBZ30286-2013_English with my colleagues?

Yes. The purchased PDF of GBZ30286-2013_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Q: Does the price include tax/VAT?

Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries). Avoidance of Double Taxation Agreements (DTAs) between Singapore and 100+ Countries: https://www.iras.gov.sg/taxes/international-tax

Q: Do you accept my currency other than USD?

Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.

US$949.00 · In stock
Delivery: <= 7 days. True-PDF full-copy in English will be manually translated and delivered via email.
GBZ30286-2013: Information security technology -- Guide for the production of information system protect profile and information system security target
Status: Valid

Standard ID	USD	BUY PDF	Lead-Days	Standard Title (Description)	Status
GB/Z 30286-2013	949	Add to Cart	7 days	Information security technology -- Guide for the production of information system protect profile and information system security target	Valid

Similar standards

GB/T 30276 GB/T 30279 GB/T 31168 GB/T 30278 GB/T 30282 GB/T 30283

Basic data

Standard ID: GB/Z 30286-2013 (GB/Z30286-2013)
Description (Translated English): Information security technology -- Guide for the production of information system protect profile and information system security target
Sector / Industry: National Standard
Classification of Chinese Standard: L80
Classification of International Standard: 35.040
Word Count Estimation: 43,419
Quoted Standard: GB/T 20274.1-2006; GB/T 20274.2-2008; GB/T 20274.3-2008; GB/T 20274.4-2008; GB/T 20984-2007
Regulation (derived from): National Standards Bulletin 2013 No. 27
Issuing agency(ies): Ministry of Health of the People's Republic of China
Summary: This standard specifies the process of developing information systems Protection Profile (ISPP) and Information Systems Security Target (ISST), in order to provide guidance on the preparation of ISPP and ISST. This standard applies to applications GB/T 20

GBZ30286-2013: Information security technology -- Guide for the production of information system protect profile and information system security target

---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology. Guide for the production of information system protect profile and information system security target ICS 35.040 L80 People's Republic of China national standardization of technical guidance documents Information Security Technology Information system protection profile and information system security objectives Create a guide 2013-12-31 released 2014-07-15 Implementation General Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China China National Standardization Administration released Directory Foreword Ⅲ Introduction IV 1 Scope 1 2 Normative references 1 3 Terms and definitions 1 4 ISPP and ISST overview 1 4.1 ISPP and ISST use 1 4.2 ISPP and ISST content 1 4.3 ISPP and ISST target audience 4 5 ISPP and ISST generation process 4 6 ISPP and ISST description section 5 6.1 Overview 5 6.2 ISPP and ISST logo 5 6.3 ISPP and ISST Overview 5 6.4 ISPP Application Notes 6 7 Information System Description 6 7.1 Overview 6 7.2 Information System Mission Description 6 7.3 Information System Overview Description 6 7.4 Information System Detailed Description 6 8 security needs 7 8.1 Overview 7 8.2 Identify and explain assumptions 7 8.3 Identify and explain threats 8 8.4 Identify and identify organizational security policies 11 8.5 clear security requirements definition 12 9 Safety and Security Purposes 12 9.1 Overview 12 9.2 Threats, Assumptions, and List of Organizational Security Policies 13 9.3 Information System Environmental Protection Purposes 13 9.4 Information System Security Assurance Purposes 13 10 Security Requirements 13 10.1 Overview 13 10.2 Safety Technical Support Requirements 15 10.3 Security Management Support Requirements 19 10.4 Security Engineering Assurance Requirements in ISPP or ISST 20 11 Information Systems Overview Specification 11.1 Overview 22 11.2 Information Systems Overview Specifications Overview 22 11.3 Choice of Safeguards 23 12 ISPP Statement 24 12.1 Overview 24 12.2 ISPP Reference 24 12.3 ISPP Cut 24 12.4 ISPP Addendums 24 13 Declaration of Conformity 25 13.1 Overview 25 13.2 Declaration of Conformity for Security 25 13.3 Declaration of Conformity for Safety and Security Requirements 27 Appendix A (informative) STRs 29 from GB/T 20274.2-2008 Appendix B (Informative) Select SMRs from GB/T 20274.3-2008 33 Appendix C (informative) from the GB/T 20274.4-2008 selected SERs 36 References 37

Foreword

This instructional document has been drafted in accordance with the rules given in GB/T 1.1-2009. Please note that some of this document may be patentable. The issuing agencies of this document do not bear the responsibility of identifying these patents. This Guidance Document is proposed and managed by the National Technical Committee for Information Security Standardization (SAC/TC260). The main drafting of the technical guidance of this document. China Information Security Assessment Center, China Information Security Assessment Center Huazhong Assessment Center, North China Institute of Computing Technology. The main drafters of this technical paper are Jiang Changqing, Zhang Li, Yao Yi, Tong Xin, Peng Yong, Luli, Hu Weihua, Fu Min and Zhou Jin.

Introduction

This guidance document is a complete set of GB/T 20274 "Information Security Technology Information System Security Assessment Framework" series of standards Guidance document for Information System Protection Profile (ISPP) and Information Systems Security Objective (InformationSystemSecurityTarget, ISST) to provide guidance. Users of this guidance document should be familiar with GB/T 20274 series of standards. Information Security Technology Information system protection profile and information system security objectives Create a guide

1 Scope

This guidance document gives the process of preparing an Information Systems Protection Profile (ISPP) and Information Systems Security Objective (ISST) Write ISPP and ISST to provide guidance. This guideline is applicable to assessors applying the GB/T 20274 series of standards for information system security assurance assessment Certified evaluators who act as authenticators, system developers and so on.

2 Normative references

The following documents for the application of this document is essential. For dated references, only the dated version applies to this article Pieces. For undated references, the latest edition (including all amendments) applies to this document. GB/T 20274.1-2006 Information Security Technology Information System Security Assessment Framework Part 1. Introduction and general model GB/T 20274.2-2008 Information Security Technology Information System Security Assessment Framework Part 2. Technical Support GB/T 20274.3-2008 Information Security Technology Information System Security Assessment Framework Part 3. Management assurance GB/T 20274.4-2008 Information Security Technology Information System Security Assessment Framework Part 4. Engineering Assurance Information security technology Information security risk assessment code

3 Terms and definitions

GB/T 20274.1-2006, GB/T 20274.2-2008, GB/T 20274.3-2008, GB/T 20274.4-2008 defined Terms and definitions apply to this document.

4 ISPP and ISST overview

4.1 ISPP and ISST purposes The main purpose of GB/T 20274 series of standards is to express the requirements of security assurance of information system. There are many different kinds of information systems Each information system operates in a specific real-world environment, subject to constraints from the internal and external environment of the organization. So for different Information systems usually have different security requirements. GB/T 20274.1-2006 in ISPP and ISST to express a certain type of information systems and a specific information system security Barrier requirements. The owners of information systems use ISPP to describe the standardization, structuring and standardization of the security of a certain type of information system begging. Information system developers based on ISPP for the preparation of a specific information system corresponding ISST, describes the security of its specific user system Support requirements and fulfillment of ISPPs. 4.2 ISPP and ISST content Figure A.1 of GB/T 20274.1-2006 describes the content items required in ISPP. Table 1 is the recommended ISPP sample ......

Image

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GBZ30286-2013_English be delivered?

Answer: Upon your order, we will start to translate GBZ30286-2013_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 7 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GBZ30286-2013_English with my colleagues?

Answer: Yes. The purchased PDF of GBZ30286-2013_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.