Powered by Google www.ChineseStandard.net Database: 189759 (21 Apr 2024)

GB/T 20273-2006 (GBT20273-2006)

GB/T 20273-2006_English: PDF (GBT 20273-2006, GBT20273-2006)
Standard IDContents [version]USDSTEP2[PDF] delivered inStandard Title (Description)StatusPDF
GB/T 20273-2006English150 Add to Cart 0--9 seconds. Auto-delivery Information security technology -- Security techniques requirement for database management system Obsolete GB/T 20273-2006

BASIC DATA
Standard ID GB/T 20273-2006 (GB/T20273-2006)
Description (Translated English) Information security technology - Security techniques requirement for database management system
Sector / Industry National Standard (Recommended)
Classification of Chinese Standard L80
Classification of International Standard 35.040
Word Count Estimation 76,784
Date of Issue 2006-05-31
Date of Implementation 2006-12-01
Quoted Standard GB 17859-1999; GB/T 20271-2006
Drafting Organization Beijing Siyuan newly created Information Security Information Co., Ltd.
Administrative Organization Standardization Technical Committee of the National Information Security
Regulation (derived from) China Announcement of Newly Approved National Standards No. 7, 2006 (No. 94 overall)
Proposing organization National Safety Standardization Technical Committee
Issuing agency(ies) Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China; Standardization Administration of China
Summary This standard specifies the various security levels required for database management system safety requirements. This standard applies to the requirements according to the security level of the database management system for the design and realization of the requirements according to hierarchical database management system security testing and management may refer to use.

Standards related to: GB/T 20273-2006

GB/T 20273-2006
GB
NATIONAL STANDARD OF THE
PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
Information Security Technology –
Security Techniques Requirement for Database
Management System
ISSUED ON. MAY 31, 2006
IMPLEMENTED ON. DECEMBER 1, 2006
Issued by. General Administration of Quality Supervision, Inspection
and Quarantine of the People’s Republic of China;
Standardization Administration of the People's Republic of
China.
Table of Contents
Foreword ... 4 
Introduction ... 5 
1 Scope ... 7 
2 Normative References ... 7 
3 Terms, Definitions and Abbreviations ... 7 
3.1 Terms and Definitions ... 7 
3.2 Abbreviations ... 10 
4 Basic Requirements for Security Function of Database Management System ... 10 
4.1 Identity Authentication ... 10 
4.1.1 User Identification ... 10 
4.1.2 User Authentication ... 10 
4.2 Discretionary Access Control ... 11 
4.2.1 Access Operation ... 11 
4.2.2 Access Rule ... 12 
4.2.3 Authorization Propagation Restriction ... 12 
4.3 Label ... 12 
4.3.1 Subject Label ... 12 
4.3.2 Object Label ... 12 
4.4 Mandatory Access Control ... 12 
4.4.1 Security Policy of Access Control ... 12 
4.4.2 Granularity and Characteristic of Access Control ... 13 
4.5 Data Flow Control ... 14 
4.6 Security Audit ... 14 
4.7 User Data Integrity ... 14 
4.7.1 Body Integrity and Reference Integrity ... 14 
4.7.2 User Defined Integrity ... 14 
4.7.3 Integrity of Data Manipulation ... 15 
4.8 User Data Confidentiality ... 15 
4.8.1 Stored Data Confidentiality ... 15 
4.8.2 Transported Data Confidentiality ... 15 
4.8.3 Object Reuse ... 15 
4.9 Trusted Path ... 16 
4.10 Inference Control ... 16 
5 Graded Requirements for Security Technology of Database Management System ... 16 
5.1 Grade 1. the User's Discretionary Protection Grade ... 16 
5.1.1 Security Function ... 16 
5.1.2 SSODB Self-security Protection ... 18 
5.1.3 SSODB Design and Realization ... 19 
5.1.4 SSODB Security Management ... 21 
5.2 Grade 2. System Audit Protection Grade ... 22 
5.2.1 Security Function ... 22 
5.2.2 SSODB Self-security Protection ... 24 
5.2.3 SSODB Design and Realization ... 26 
5.2.4 SSODB Security Management ... 30 
5.3 Grade 3. Security Label Protection Grade ... 31 
5.3.1 Security function ... 31 
5.3.2 SSODB Self-security Protection ... 34 
5.3.3 SSODB Design and Realization ... 37 
5.3.4 SSODB Security Management ... 43 
5.4 Grade 4. Structured Protection Grade ... 43 
5.4.1 Security Function ... 43 
5.4.2 SSODB Self-security Protection ... 47 
5.4.3 SSODB Design and Realization ... 50 
5.4.4 SSODB Security Management Requirements ... 56 
5.5 Grade 5. Access Verification Protection Grade ... 56 
5.5.1 Security Function ... 56 
5.5.2 SSODB Self-security Protection ... 60 
5.5.3 SSODB Design and Realization ... 63 
5.5.4 SSODB Security Management ... 69 
Appendix A (Informative) Explanation of Standard Concept ... 70 
A.1 Composition and Inter-relationship ... 70 
A.2 Special Requirements for Security of Database Management System ... 71 
A.3 User Management of Database Management System ... 71 
A.4 Security of Database Management System ... 72 
A.5 Classification of Security Protection Grade of Database Management System
 ... 72 
A.6 About the Subject and Object of Database Management System ... 72 
A.7 About SSODB, SSF, SSP, SFP and their Inter-relationship ... 73 
A.8 About Inference Control ... 73 
A.9 About Encryption Technology and Database Encryption ... 75 
Bibliography ... 76 
Foreword
Appendix A of this Standard is informative.
This Standard was proposed by and shall be under the jurisdiction of the National
Technical Committee on Information Security of Standardization Administration of
China.
Drafting organizations of this Standard. Beijing Siyuan Xinchuang Information Security
Information Co. Ltd. AND Technical Service Center of Jiangnan Computing
Technology Institute.
Chief drafting staffs of this Standard. Ji Zengrui, Wang Zhiqiang, Chen Guanzhi, Lu Ye,
Sun Wei, Jing Qianyuan and Song Jianping.
Introduction
This Standard is used to guide designer how to design and realize database
management system with required security protection grade. It mainly explains the
security technique measures which shall be taken for the database management
system to realize the security requirements for each protection grade in GB
17859-1999, and the specific realization differences of each security technique
requirement at different security protection grades.
Database management system is an important part of information system and is
especially essential for data server storin...
...