YD/T 2407-2021 English PDFUS$509.00 ยท In stock
Delivery: <= 4 days. True-PDF full-copy in English will be manually translated and delivered via email. YD/T 2407-2021: Gasoline engine powered portable collecting and pulverizing cleaners Status: Valid YD/T 2407: Historical versions
Basic dataStandard ID: YD/T 2407-2021 (YD/T2407-2021)Description (Translated English): Gasoline engine powered portable collecting and pulverizing cleaners Sector / Industry: Telecommunication Industry Standard (Recommended) Classification of Chinese Standard: B91 Classification of International Standard: 33.060 Word Count Estimation: 22,221 Date of Issue: 2021-12-02 Date of Implementation: 2022-04-01 Older Standard (superseded by this standard): YD/T 2407-2013 Regulation (derived from): Ministry of Industry and Information Technology Announcement No. 33 of 2021 Issuing agency(ies): Ministry of Industry and Information Technology Summary: This standard specifies the technical requirements for the security capabilities of mobile smart terminals, including the hardware security capabilities, operating system security capabilities, peripheral interface security capabilities, application layer security requirements, and user data protection security capabilities of mobile smart terminals. Grading. This standard is applicable to mobile smart terminals of various standards. Individual clauses are not applicable to special industries and professional applications. Other terminals can also be used for reference. YD/T 2407-2013: Technical requirements for security capability of smart mobile terminal---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.Technical requirements for security capability of smart mobile terminal People 's Republic of China Communication Industry Standard Technical Requirements for Security Capability of Mobile Intelligent Terminals Technical requirements for security capability of Smart mobile terminal (ITU-T X.msec-6..2012, Security side of smartphones, NEQ) 2013-04-25 release 2013-11-01 implementation Issued by the Ministry of Industry and Information Technology of the People 's Republic of China ICS 33.060 M 36 Directory Preface II Introduction III 1 Scope 1 2 normative reference document 1 3 terms, definitions and abbreviations 1 3.1 Terms and definitions 1 3.2 Abbreviations 2 4 Mobile intelligent terminal security capability framework and target 2 4.1 Mobile intelligent terminal security capability framework 2 4.2 mobile intelligent terminal security goals 2 Technical Requirements for Security Capability of Mobile Intelligent Terminals Basic Requirements 3 5.2 Mobile intelligent terminal hardware security requirements 3 5.3 Mobile intelligent terminal operating system security capability requirements 4 5.4 Mobile intelligent terminal peripheral interface security capability requirements 5 5.5 Mobile intelligent terminal application layer security requirements 6 5.6 Mobile intelligent terminal user data security protection requirements 7 6 Mobile intelligent terminal function Restriction requirements 8 7 Mobile intelligent terminal security ability classification 8 7.1 Overview 8 7.2 Security Capability Classification 8 Appendix A (informative) Safety Capability Level 10 Reference 11 ForewordThis standard is drafted in accordance with the rules given in GB/T 1.1-2009. This standard uses the re-drafting method Reference to the International Telecommunication Union (ITU-T) Recommendations ITU-T X.msec-6..2012 "Mobile Security Overview" And the degree of agreement with ITU-T X.msec-6 is non-equivalent. This standard is one of the standards for mobile intelligent terminal security, and the names and structures of this series of standards are expected to be as follows. A) Design Guidelines for Safety Capability of Mobile Intelligent Terminals; C) YD/T 2408-2013 "Mobile intelligent terminal safety capability test method"; D) YD/T 1886-2009 "Technical requirements and test methods for mobile terminal chip safety". This standard is proposed and centralized by China Communications Standardization Association. The drafting of this standard. Ministry of Industry and Information Technology Telecommunications Research Institute, Beijing Spreadtrum Transtech Services Communication Technology Co., Ltd., Datang Telecom Technology Industry group. The main drafters of this standard. Pan Juan, Kuang Xiao Xuan, Hong Hongwei, Wang Kun, Li Yunfan, Yu Lu, Yuan Guangxiang, He Guili, Li Wei, Yu Huawei, Li Jianwei, Li Qian.IntroductionWith the wide range of mobile intelligent terminal applications and the continuous expansion of the use of the process of security issues are more and more users attention. In recent years, malicious charges, eavesdropping, theft, location information leakage and other security incidents frequently, so that users of mobile intelligent terminal security Sexual concerns, and thus affect the mobile smart terminals and mobile Internet applications. The development of this standard is aimed at improving mobile intelligence Can be the terminal's own security capabilities, to prevent mobile intelligent terminal on a variety of security threats, to avoid the interests of users are damaged, while To prevent mobile intelligent terminal on the mobile communication network security adversely affected. The basic principles of this standard are. mobile intelligent terminal on the behavior and application to meet the user's wishes. This standard does not specify specific The realization of methods and measures to facilitate innovation and development. This standard from the hardware security requirements, operating system security requirements, external access Security requirements, application software security requirements, user data security protection requirements 5 levels of mobile intelligent terminal security capabilities to mention Out of the requirements, and from the basic security, to achieve difficulty, special safety capabilities and other aspects of the security capacity of the classification, in order to facilitate the product With a specific quality, to facilitate consumer choice. Through this standard on the one hand to guide the mobile intelligent terminal in the pre-application software more standardized, Security; on the other hand can also guide the mobile intelligent terminal to improve their own security capabilities, can be downloaded after the third-party application security tube Control; also can prevent mobile smart terminal preset malicious code on the network security impact. Technical Requirements for Security Capability of Mobile Intelligent Terminals1 ScopeThis standard specifies the technical requirements of the mobile intelligent terminal security capability, including the mobile intelligent terminal hardware security capability, mobile intelligent terminal Operating system security capabilities, mobile intelligent terminal peripheral interface security capabilities, mobile intelligent terminal application layer security requirements, mobile smart terminal Household data protection and security capabilities, and security capabilities were graded. This standard applies to a variety of standard mobile intelligent terminal, individual terms do not apply to special industries, professional applications, other terminals can also participate Test use.2 normative reference documentsThe following documents are indispensable for the application of this document. For dated references, only the dated edition applies to this article Pieces. For undated references, the latest edition (including all modifications) applies to this document. Technical Requirements for Information Security of Mobile Terminals YD/T 1699-2007 Technical Requirements for Data Interchange for Peripheral Interface of Digital Mobile Terminals YD/T 1760-2012 3 terms, definitions and abbreviations 3.1 Terms and definitions The following terms and definitions apply to this document. 3.1.1 Mobile Smart Terminal Smart Mobile Terminal Can access the mobile communication network, has an open operating system that can provide the application development interface, and can install and run the third party Application software for mobile terminals. 3.1.2 Security Capability In the mobile intelligent terminal can be achieved, to prevent security threats of technical means. 3.1.3 User User An object that uses mobile smart terminal resources, including human or third-party applications. 3.1.4 User Data User Data The personal information stored on the mobile smart terminal includes the data generated locally by the user, the data generated locally for the user, Data that enters the user data area from the outside after the user's permission. 3.1.5 Authorization Authorization After the user identity is authenticated, according to the pre-set security policy, the process of granting the user the appropriate authority. 3.1.6 Digital Signature Digital Signature Data attached to the data unit, or data obtained by cryptographic transformation of the data unit. Allow the recipient of the data to validate the data Source and integrity, protect the data from being tampered with, forged, and guaranteed data to be undeniable. 3.1.7 Code Signature A mechanism that uses a digital signature mechanism to sign all or part of a code by an entity with signed privileges. 3.1.8 Mobile Intelligent Terminal Operating System Operator System of Smart Mobile Terminal Mobile intelligent terminal The most basic system software, it controls and manages various hardware and software resources of mobile intelligent terminal, and provides application Development interface. 3.1.9 Malicious Charge In the case of the user without the knowledge or unauthorized by the application software on the terminal caused by the user economic losses. 3.2 Abbreviations The following abbreviations apply to this document. LAWMO Lock and Wipe Management Object Lock/Erase the managed object WLAN Wireless Local Area Network4 mobile intelligent terminal security capabilities framework and objectives4.1 Mobile intelligent terminal security capability framework Figure 1 for the mobile intelligent terminal security capability framework, including five parts. the bottom is the mobile intelligent terminal hardware security capabilities, the above For the operating system security capabilities, the top layer for the application layer security requirements, the external interface security capabilities related to the operating system level and hardware security level, User data protection security capabilities related to hardware, operating systems and application software three levels. Application layer security requirements User Data Protection Security Capability Operating System Security Capability Peripheral interface security Hardware security capabilities Figure 1 Mobile Intelligent Terminal Security Capability Framework 4.2 mobile intelligent terminal security goals 4.2.1 Hardware security objectives Mobile intelligent terminal hardware security goal is to ensure that the chip-level mobile communication terminals within the flash memory and baseband security, to ensure that the chip system Program, terminal parameters, security data, user data are not tampered with or illegally obtained. 4.2.2 Operating system security objectives Operating system security goal is to achieve the operating system on the system resource calls to monitor, protect and remind, to ensure that the security involved in system behavior Always in the controlled state, does not appear in the user without any knowledge of the implementation of the behavior, or the user can not control the implementation of the act. another In addition, the operating system should ensure that its own upgrade is controlled. 4.2.3 Peripheral interface security objectives Peripheral interfaces include wireless peripheral interfaces, wired peripheral interfaces. The security objective of the peripheral interface is to ensure that the user is connected to the peripheral interface Data transmission is known and controllable. 4.2.4 Application layer security objectives Application layer security goal is to ensure that the mobile intelligent terminal to be installed on the application software can be the source of identification, has been installed The application software on it can be controlled by sensitive behavior. Also, make sure that the applications that are preset in the mobile smart terminal are not compromised User interests and acts that endanger network security, such as malicious charges, unauthorized modification, deletion, and transmission of user data. 4.2.5 User Data Protection Security objectives User data protection security goal is to ensure the safe storage of user data to ensure that user data is not illegal access, not illegal access, Not being illegally tampered with, while the backup can ensure reliable recovery of user data.5 mobile intelligent terminal security capabilities technical requirements5.1 Basic requirements Mobile intelligent terminal should be through the user-related tips and allow users to confirm the way to prevent security threats, when the third-party application call related Function, the operating system should have the user-related tips and allow users to confirm the ability. The prompts to the user can be icon prompts, text hints, or other obvious hints. During the execution of the operation, the prompt should be sufficient From the user's attention. The user confirms that the user should have the right to choose, that is, the user should be able to confirm can also be canceled. The user confirms that, unless otherwise stated, the following three types of confirmation are considered. - The application software confirms each time a call is made; - the application of the first call to confirm the occurrence of the action, the confirmation in a certain period of time to confirm, should be confirmed for each call behavior alone confirm; - the application software first time to install or call the behavior of the confirmation, the confirmation of the software long-term effective, confirmed that each call line should be To be confirmed separately. This chapter refers to the user prompt and user confirmation, refers to the third-party applications by calling related functions, the operating system should have the ability force. The operation performed by the third-party application by calling the human-machine interface provided by the operating system is considered to be executed with the user's knowledge Of the operation, has been prompted to the user and the user's confirmation. For operations that are set to allow access in the application security configuration, they are also considered to be operations that are known to the user Get the user's confirmation. For mobile communication network connection, wireless local area network connection, wireless peripheral interface to open the operation in any case should be given to the user And confirmed by the user. 5.3 and 5.4, applies only if the third party application invokes the corresponding functionality provided by the operating system. 5.5.1, 5.5.2 and 5.5.3 refer to the application software is non-preset application software. 5.2 Mobile intelligent terminal hardware security requirements If the mobile intelligent terminal hardware provides a remote operation means, the mobile intelligent terminal should protect its remote operation means to prevent Avither Us Results Avg. Avigma3232 calling hearts nights Avg. 5.3 Mobile intelligent terminal operating system security capability requirements Decision nss.s.ithert composition user views Points to calling roundtherpsas 5.3.1.1 Communication class function Control mechanism 5.3.1.1.1 Make a call Application Software Calls When a call operation is performed, a dial operation should be performed with the user confirming. 5.3.1.1.2 Three-way call Application of the software call to perform three-way call operation, the user should be confirmed in the case of three-party call operation can be carried out. 5.3.1.1.3 Send SMS Application software call to send SMS operation, the user should be confirmed in the case, send SMS operation to perform. 5.3.1.1.4 Send MMS Application software call to send MMS operation, the user should confirm the case, send MMS operation to be implemented. 5.3.1.1.5 Send mail When a software call is used to perform a send mail operation, the mail sending operation should be performed if the user confirms it. 5.3.1.1.6 Mobile communication network data connection Mobile intelligent terminal communication network data connection, should meet the following safety requirements. A) The mobile intelligent terminal shall provide a switch to enable/disable the mobile communication network data connection; B) application software call to open the mobile communication network data connection function, the user should be prompted accordingly, when the user can confirm after the connection Open C) Mobile communication network When the data connection of the mobile communication network is in the connected state, the mobile intelligent terminal shall be used on the user main interface Corresponding state prompts; D) When the mobile communication network is transmitting data, the mobile intelligent terminal should prompt the user to the corresponding status on the user's main interface. The two states of c) and d) above should be different. 5.3.1.1.7 WLAN network connection Mobile intelligent terminal WLAN network connection should meet the following safety requirements. A) The mobile intelligent terminal shall provide a switch to enable/disable the WLAN network connection; B) application software call to open the WLAN network connection function, the user should be the corresponding prompt, when the user can confirm after the connection can be opened; C) When the WLAN network connection is connected, the mobile intelligent terminal shall prompt the user to the corresponding status on the user's main interface. D) When the WLAN network is transmitting data, the mobile intelligent terminal should prompt the user to the corresponding status on the user's main interface. The two states of c) and d) above should be different. 5.3.1.2 Local Sensitive Function Managed Mechanisms 5.3.1.2.1 positioning function When the application software invokes the positioning function, the mobile intelligent terminal should be invoked if the user confirms it. After calling, move the smart terminal Should be in the user's main interface to the user the corresponding state prompt. 5.3.1.2.2 Call recording function Call recording is in the call state to pick up both sides of the line voice. When the application software calls the start of the call recording, the user should be sure In the case of permission to open. 5.3.1.2.3 Local recording function Application software call When the local recording function is activated, the recording operation should be initiated only when the user confirms. 5.3.1.2.4 camera/camera function For a mobile intelligent terminal with a camera, when the application software starts camera or camera function, the mobile intelligent terminal should give the user a corresponding (Image preview, indicator, sound or icon, etc.), in the case of user confirmation to take pictures or camera operation. 5.3.1.2.5 Operation of user data Mobile intelligent terminal operating system should provide user data protection function, to the phone book data, call records, SMS data, MMS data protection. Specific requirements are as follows. A) When the application software calls to write the user data, the mobile intelligent terminal should be executed if the user confirms; B) When the application software needs to call the user data read operation, the application software in the download, installation or the first run should prompt the user The application will read these user data. 5.3.2 Update of operating system Mobile intelligent terminals usually perform authorized operating system updates, when the operating system can not guarantee the safety update, should be in the manual Show the user may bring the security risks. 5.4 Mobile intelligent terminal peripheral interface security capability requirements 5.4.1 Wireless Peripheral Interface Security Capability Requirements 5.4.1.1 Wireless Peripheral Interface On/Off Controlled Mechanism For mobile phones with Bluetooth, NFC function should have a switch, you can turn on/off Bluetooth, NFC and other terminals supported by the wireless Connection method. When the application software calls to open the wireless peripheral interface, the mobile intelligent terminal should give the user the corresponding prompt, when the user can confirm after the connection Open. 5.4.1.2 Confirmation mechanism established by wireless peripheral interface connection When the first connection is made with a different device through a wireless peripheral interface (Bluetooth only), the mobile intelligent terminal can discover And then give th......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of YD/T 2407-2021_English be delivered?Answer: Upon your order, we will start to translate YD/T 2407-2021_English as soon as possible, and keep you informed of the progress. The lead time is typically 2 ~ 4 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of YD/T 2407-2021_English with my colleagues?Answer: Yes. The purchased PDF of YD/T 2407-2021_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.Question 5: Should I purchase the latest version YD/T 2407-2021?Answer: Yes. Unless special scenarios such as technical constraints or academic study, you should always prioritize to purchase the latest version YD/T 2407-2021 even if the enforcement date is in future. Complying with the latest version means that, by default, it also complies with all the earlier versions, technically. |
