|
US$599.00 ยท In stock
Delivery: <= 5 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 21054-2023: Information security techniques - Public key infrastructure - Security testing assessment approaches for PKI system
Status: Valid GB/T 21054: Evolution and historical versions
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 21054-2023 | English | 599 |
Add to Cart
|
5 days [Need to translate]
|
Information security techniques - Public key infrastructure - Security testing assessment approaches for PKI system
| Valid |
GB/T 21054-2023
|
| GB/T 21054-2007 | English | 1159 |
Add to Cart
|
5 days [Need to translate]
|
Information security techniques -- Public key infrastructure -- Evaluation criteria for security classification protection of PKI system
| Obsolete |
GB/T 21054-2007
|
PDF similar to GB/T 21054-2023
Basic data | Standard ID | GB/T 21054-2023 (GB/T21054-2023) | | Description (Translated English) | Information security techniques - Public key infrastructure - Security testing assessment approaches for PKI system | | Sector / Industry | National Standard (Recommended) | | Classification of Chinese Standard | L80 | | Classification of International Standard | 35.030 | | Word Count Estimation | 30,341 | | Date of Issue | 2023-03-17 | | Date of Implementation | 2023-10-01 | | Older Standard (superseded by this standard) | GB/T 21054-2007 | | Issuing agency(ies) | State Administration for Market Regulation, China National Standardization Administration | GB/T 21054-2023: Information security techniques - Public key infrastructure - Security testing assessment approaches for PKI system
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
ICS 35.030
CCSL80
National Standards of People's Republic of China
Replacing GB/T 21054-2007
Information Security Technology Public Key Infrastructure
PKI System Security Evaluation Method
Released on 2023-03-17
2023-10-01 implementation
State Administration for Market Regulation
Released by the National Standardization Management Committee
table of contents
Preface III
1 Scope 1
2 Normative references 1
3 Terms and Definitions 1
4 Abbreviations 1
5 Overview 1
6 Safety function evaluation method 1
6.1 Key management general requirements evaluation method 1
6.2 System Key Management 2
6.3 Subscriber Key Management 6
6.4 Template Management 10
6.5 Certificate Management 11
6.6 Identification 13
6.7 Access Control 15
6.8 Security Audit 16
6.9 Origin non-repudiation 17
6.10 Backup and restore 18
6.11 Startup and running test 18
6.12 Inter-component communication security 19
7 Safety Assurance Requirement Evaluation Method 19
7.1 Development 19
7.2 Guidance documents 20
7.3 Life cycle support 21
7.4 Developer testing 23
7.5 Vulnerability assessment 24
Reference 25
foreword
This document is in accordance with the provisions of GB/T 1.1-2020 "Guidelines for Standardization Work Part 1.Structure and Drafting Rules for Standardization Documents"
drafting.
This document replaces GB/T 21054-2007 "Information Security Technology Public Key Infrastructure PKI System Security Level Protection Assessment Criteria"
but". Compared with GB/T 21054-2007, except for structural adjustment and editorial changes, the main technical changes are as follows.
a) Change the name to "Information Security Technology Public Key Infrastructure PKI System Security Evaluation Method";
b) The content of the scope has been revised (see Chapter 1, Chapter 1 of the.2007 edition);
c) Adjusted and modified the normative references (see Chapter 2, Chapter 2 of the.2007 edition);
d) The chapter "Overview" has been added to describe the general evaluation methods of PKI systems (see Chapter 5);
e) Adjust the evaluation content of Chapter 5 in the.2007 edition to the newly added Chapter 6 Safety Function Evaluation Method and Chapter 7 Safety Assurance Evaluation
Evaluation method (see Chapter 6 and Chapter 7, Chapter 5 of the.2007 edition);
f) Delete the evaluation method on physical security in the.2007 edition, and replace the original non-repudiation test in "Data Input and Output"
The assessment method was adjusted to 6.9 "Non-repudiation of origin" (see 6.9, 5.1.2, 5.3.2, 5.1.6 and 5.3.7 of the.2007 edition).
Please note that some contents of this document may refer to patents. The issuing agency of this document assumes no responsibility for identifying patents.
This document is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260).
This document was drafted by. Institute of Software, Chinese Academy of Sciences, University of Chinese Academy of Sciences, Third Research Institute of Ministry of Public Security, First Research Institute of Ministry of Public Security
Institute, Chengdu Westone Information Industry Co., Ltd., Beijing Principal Century Technology Co., Ltd., Beijing Digital Certification Co., Ltd.,
Changchun Jida Zhengyuan Information Technology Co., Ltd., Geer Software Co., Ltd., Beijing Baidu Netcom Technology Co., Ltd., Tongzhi Weiye
Software Co., Ltd., Beijing Software Product Quality Inspection and Inspection Center, Tianjin Nanda General Data Technology Co., Ltd., Xi'an Xidian
Jietong Wireless Network Communication Co., Ltd., Zhengzhou Xinda Jiean Information Technology Co., Ltd., Huawei Technologies Co., Ltd., State Grid Block
Chain Technology (Beijing) Co., Ltd., Beijing Zhongdian Huada Electronic Design Co., Ltd., the 15th Research Institute of China Electronics Technology Group Corporation,
Beijing Qihoo Technology Co., Ltd., Beijing Chuangyuan Tiandi Technology Co., Ltd., Shuan Times Technology Co., Ltd., China Information and Communication Research
Institute, Yashu Information Technology (Shanghai) Co., Ltd., Guangzhou Baiguoyuan Information Technology Co., Ltd., Guangzhou Netstar Information Technology Co., Ltd.,
CICC Financial Certification Center Co., Ltd.
The main drafters of this document. Zhang Yan, Zhang Liwu, Wang Rui, Chen Yan, Feng Dengguo, Gu Jian, Qiu Zihua, Li Jinghua, Kang Yang, Li Qian, Liu Limin,
Zhang Yan, Liu Yuling, Zhang Liting, Fu Dapeng, Zheng Qiang, Zhang Baoxin, Wang Zongbin, Kou Chunjing, Liu Jinhua, Li Jian, Ding Zhaowei, Wang Xianfang, Han Changqing,
Jin Jian, Meng Xiangzhen, Mao Juhui, Li Qin, Han Xiude, Chu Chao, Shi Zhuyu, Huang Yu, Dong Jingjing, Tang Zhanguo, Xiao Qinghai, Zhou Weilin, Wang Rong, Wei Yicai,
Zhu Xiaoyu, Zhong Qinghua, Li Da, Liu Weihua.
The release status of previous versions of this document and the documents it replaces are as follows.
---It was first published as GB/T 21054-2007 in.2007;
--- This is the first revision.
Information Security Technology Public Key Infrastructure
PKI System Security Evaluation Method
1 Scope
This document specifies the security evaluation method of the PKI system based on GB/T 21053-2023, including the security function evaluation method and security
Assurance requirements assessment methods.
This document is applicable to the security evaluation of PKI system.
2 Normative references
The contents of the following documents constitute the essential provisions of this document through normative references in the text. Among them, dated references
For documents, only the version corresponding to the date is applicable to this document; for undated reference documents, the latest version (including all amendments) is applicable to
this document.
GB/T 20518-2018 Information Security Technology Public Key Infrastructure Digital Certificate Format
GB/T 21053-2023 Information Security Technology Public Key Infrastructure PKI System Security Technical Requirements
GB/T 25069 Information Security Technical Terms
GM/T 0014-2012 Cryptography protocol specification for digital certificate authentication system
3 Terms and Definitions
The terms and definitions defined in GB/T 21053-2023 and GB/T 25069 apply to this document.
4 Abbreviations
The abbreviations defined in GB/T 21053-2023 apply to this document.
5 Overview
This document is based on the security level of the PKI system specified in GB/T 21053-2023 and the security technical requirements of the corresponding level, and gives the
Appropriate security assessment methods.
For the typical framework, security functions and security level division of the PKI system, see Chapter 5 of GB/T 21053-2023.for basic level
The PKI system shall be evaluated according to the evaluation methods corresponding to the basic level security requirements in Chapters 6 and 7 of this document; for the enhanced level
The PKI system shall be evaluated according to the evaluation methods corresponding to the enhanced security requirements in Chapters 6 and 7 of this document. Complete all security requirements
After the basic evaluation, all the evaluation conclusions are "conforming", and the evaluation conclusion that the evaluated PKI system "conforms to the corresponding security level" can be given. other things
In other cases, the evaluation conclusion should be recorded as "does not meet the corresponding safety level".
Appropriate assessment methods.
6 Safety function evaluation method
6.1 Evaluation method for general requirements of key management
The test methods, expected results and result judgments of the general requirements for key management are as follows.
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 21054-2023_English be delivered?Answer: Upon your order, we will start to translate GB/T 21054-2023_English as soon as possible, and keep you informed of the progress. The lead time is typically 3 ~ 5 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GB/T 21054-2023_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 21054-2023_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. Question 5: Should I purchase the latest version GB/T 21054-2023?Answer: Yes. Unless special scenarios such as technical constraints or academic study, you should always prioritize to purchase the latest version GB/T 21054-2023 even if the enforcement date is in future. Complying with the latest version means that, by default, it also complies with all the earlier versions, technically.
|