Powered by Google www.ChineseStandard.net Database: 189759 (14 Apr 2024)

GB/T 25070-2010 (GBT25070-2010)

GB/T 25070-2010_English: PDF (GBT 25070-2010, GBT25070-2010)
Standard IDContents [version]USDSTEP2[PDF] delivered inStandard Title (Description)StatusPDF
GB/T 25070-2010EnglishRFQ ASK 6 days [Need to translate] Information security technology -- Technical requirements of security design for information system classified protection Obsolete GB/T 25070-2010

BASIC DATA
Standard ID GB/T 25070-2010 (GB/T25070-2010)
Description (Translated English) Information security technology. Technical requirements of security design for information system classified protection
Sector / Industry National Standard (Recommended)
Classification of Chinese Standard L80
Classification of International Standard 35.240.40
Word Count Estimation 29,219
Date of Issue 2010-09-02
Date of Implementation 2011-02-01
Quoted Standard GB 17859-1999
Drafting Organization First Research Institute of Ministry of Public Security
Administrative Organization Standardization Technical Committee of the National Information Security
Regulation (derived from) Announcement of Newly Approved National Standards No. 4 of 2010 (total 159)
Proposing organization National Safety Standardization Technical Committee (SAC/TC 260)
Issuing agency(ies) Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China; Standardization Administration of China
Summary This standard specifies the protection of safety information system level design requirements, This standard applies to the use of units guidance system operators, enterprise information security, information security services of information security technology system-level protection scheme design and implementation, but also functions as an information security supervision, inspection and guidance is based,

Standards related to: GB/T 25070-2010

GB/T 25070-2010
Information security technology.Technical requirements of security design for information system classified protection
ICS 35.240.40
L80
National Standards of People's Republic of China
Information Security Technology
Information system security design level of protection
skills requirement
Issued on. 2010-09-02
2011-02-01 implementation
Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China
Standardization Administration of China released
Table of Contents
Introduction Ⅲ
Introduction Ⅳ
1 Scope 1
2 Normative references 1
3 Terms and definitions
4 information system level security technology designed to protect Overview 2
5 first level of system security design to protect the environment 3
5.1 Design Goal 3
5.2 Design Strategy 3
5.3 3 design requirements
6 second level of system security design to protect the environment 3
6.1 Design Goal 3
6.2 Design Strategy 4
6.3 4 design requirements
7 The third level system design security to protect the environment 5
7.1 Design Goal 5
7.2 Design Strategy 5
7.3 design requirements 5
8 Fourth level security system to protect the environment design 7
8.1 Design Goal 7
8.2 Design Strategy 7
8.3 design requirements 7
9 Fifth level security system to protect the environment design 9
9.1 Design Goal 9
9.2 Design Strategy 10
9.3 10 design requirements
Grading system interconnect design 10 10
10.1 design goals 10
10.2 Design Strategy 10
10.3 design requirements 10
Appendix A (informative) Design of the access control mechanism 11
A.1 discretionary access control mechanism design 11
A.2 Mandatory Access Control Mechanism Design 11
Annex B (informative) third-level security system designed to protect the environment Example 13
B.1 functions and processes 13
Room B.2 subsystem interface 15
B.3 important data structure 18
References 24
Foreword
This standard Annex A, Annex B is informative appendix.
This standard by the National Safety Standardization Technical Committee (SAC/TC260) and focal points.
This standard is mainly drafted by. First Research Institute of Ministry of Public Security.
The main drafters of this standard. Li Jian, Fan Hong, Hu Ang, Ji Zengrui, Zhang Hongbin, Zhao Yong, Jin Lina, Han Yu, Zhao Huimin, Zhang Hongqi,
DU Xue-hui, Gong Min, Ma Yongqing, Han Yong bridge, Wang Chao, even a peak, Zhang Haixia, Huang Tao, Xu love, Jin Shu Yuan, Tian Zhihong, Jiang Wei, Liu Xin, Su Zhirui,
Li Li, Liu Weiguo, Li Na.
introduction
Clear that China's "Information" People's Republic of China Regulations on Protection of Computer Information System Security "(State Council Decree No. 147)
System implementation of security protection. "According to the State Council Order No. 147 calls for mandatory national standard GB 17859-1999 published" Count
Computer information system security protection classification criteria "for the computer information system security protection level division laid the technical foundation. "country
Home Informatization Leading Group on strengthening information security Work "(in Ban Fa [2003] No. 27) made clear that the implementation of information security
Level protection "should focus on the protection of critical information systems based information networks and national security, economic lifeline, social stability, and pay close attention to construction
Legislative Information security level protection system. "" Opinions on information security protection work, "(through public word [2004] No. 66) and" Information
Level of security protection and management measures "(public through [2007] No. 43) establishes the principle of implementation of information security level protection system, designated responsibilities
Points, implementation requirements and implementation plans with clear information about the level of security protection to carry out the basic content, workflow, working methods.
The above information security protection regulations, policy documents, national standards and public safety industry standard introduction to information security
To carry out work to provide a level of protection laws, policies, standards based.
In July 2007 a nationwide information system-level protection important job grading, marking the information security level of protection in a comprehensive
Expand. On the level of protection of Information Security Classification and filing work basis, all units and departments are in accordance with the level of information security protection have
Off policies and technical standards, to carry out construction and information systems security reinforcement work, establish and improve the information security management system, implement security
Full technical protection measures to fully implement the information security level protection system. In order to meet construction and information systems security reinforcement work, a special
The final version of the standard.
The standard specification of the information system level design techniques to protect the safety requirements, including a first stage to fifth-grade security system security to protect the environment
Whole computing environment, border security zone, secure communications network and security management center and other aspects of the design requirements, as well as grading system interconnection
The design requirements. Requirements related to physical security, safety management, safe operation and maintenance aspects of each see reference [9], [2], [7],
[10] and so on. When security technology design, according to the information system of classification, to determine the appropriate security policy, to take the appropriate level of security protection
Protection measures.
In Chapter 5 to Chapter 9, each level of system security design environment relatively lower level of system security to protect the environment and increase design
Enhanced section for "blackbody" said.
Information Security Technology
Information system security design level of protection
skills requirement
1 Scope
This standard is based on national information security level protection requirements, provides system-level information security protection design requirements.
This standard applies to operators using guidance information systems unit, carry out system-level information security enterprise information security, information security services
Design and implementation of security protection technology solutions, but also functions as an information security supervision, inspection and guidance basis.
2 Normative references
The following documents contain provisions which, through reference in this standard and become the standard terms. For dated references, subsequent
Amendments (not including errata content) or revisions do not apply to this standard, however, encourage the parties to the agreement are based on research
Whether the latest versions of these documents. For undated reference documents, the latest versions apply to this standard.
GB 17859-1999 computer information system security protection classification criterion
3 Terms and Definitions
GB 17859-1999 established and the following terms and definitions apply to this standard.
3.1
Grading System classifiedsystem
According to the reference [11] has determined that the security level of information systems. Grading system is divided into a first stage, second stage, third grade, fourth
And fifth grade level information systems.
3.2
Grading system security environment securityenvironmentofclassifiedsystem
By a secure computing environment, border security zone, secure communication network and (or) Security Management Center configuration system for grading security guarantee
Protected environment.
Grading system security environment, including a first-class security system to protect the environment, the second-level security system to protect the environment, and the third-level system security
Protection of the environment, security, network security system to protect the environment fourth grade, fifth grade security system to protect the environment and the rating system.
3.3
A secure computing environment securecomputingenvironment
Information classification system for storage, processing and implementation of the relevant parts of the security policy.
A secure computing environment in accordance with the first level of protection is divided into a secure computing environment, the second stage a secure computing environment, the third stage ring Secure Computing
Habitat, fourth and fifth-grade class a secure computing environment secure computing environment.
3.4
Security zone boundary secureareaboundary
The realization of the connection between a secure computing environment rating system boundary, and secure computing environment and safety communications network and enforce security policy
Related components abbreviated.
Border security zone in accordance with the first level of protection into the security zone boundary, border security zone second stage, the third stage safe area side
Border, fourth-level security zone boundary and the fifth-level security zone boundaries.
...