HOME   Cart(0)   Quotation   About-Us Policy PDFs Standard-List
www.ChineseStandard.net Database: 189759 (19 Oct 2025)

GB/T 29828-2013 English PDF

Standard IDContents [version]USDSTEP2[PDF] delivered inStandard Title (Description)StatusPDF
GB/T 29828-2013EnglishRFQ ASK 3 days [Need to translate] Information security technology -- Trusted computing specification -- Trusted connect architecture Valid GB/T 29828-2013

PDF similar to GB/T 29828-2013


Standard similar to GB/T 29828-2013

GB/T 29246   GB/T 30279   GB/T 30276   GB/T 29829   GB/Z 29830.2   GB/Z 29830.1   

Basic data

Standard ID GB/T 29828-2013 (GB/T29828-2013)
Description (Translated English) Information security technology -- Trusted computing specification -- Trusted connect architecture
Sector / Industry National Standard (Recommended)
Classification of Chinese Standard L80
Classification of International Standard 35.040
Word Count Estimation 146,148
Quoted Standard GB 15629.11-2003; GB 15629.14-2003; GB/T 28455-2012; ISO/IEC 9798-3-1998; ISO/IEC 18028-5-2006; IETF RFC 2138; IETF RFC 2216; IETF RFC 2547; IETF RFC 2675; IETF RFC 2865; IETF RFC 2866; IETF RFC 3280; IETF RFC 3539; IETF RFC 3588; IETF RFC 3589; IETF RFC
Regulation (derived from) National Standards Bulletin No. 22 of 2013
Issuing agency(ies) General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China
Summary This standard specifies the level trusted connection architecture, entities, components, interfaces, implementation process, evaluation, isolation, and repair and concrete realization of each interface to solve terminal connected to the network user ident

GB/T 29828-2013: Information security technology -- Trusted computing specification -- Trusted connect architecture


---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology. Trusted computing specification. Trusted connect architecture ICS 35.040 L80 National Standards of People's Republic of China Information security technology trusted computing specifications Trusted Connection Architecture Issued on. 2013-11-12 2014-02-01 implementation Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China Standardization Administration of China released

Table of Contents

Introduction Ⅴ Introduction Ⅵ 1 Scope 1 2 Normative references 1 3 Terms and definitions 2 4 Abbreviations 3 5 general description 5 5.1 OVERVIEW 5 5.2 entity 6 5.3 level 6 6 5.4 Components 7 5.5 Interface Implementation 8 5.6 5.7 Assessment, isolation and repair 9 6 network access control layer 11 6.1 Overview 11 6.2 network transport mechanism 11 6.3 access control mechanism 51 7 Trusted Platform assessments layer 52 7.1 Overview 52 7.2 Identification of internet infrastructure 53 8 integrity measurement layer 115 8.1 Overview 115 8.2 IF-IM messaging protocol 115 9 IF-IMC and IF-IMV 120 9.1 Overview 120 9.2 IF-IMC 120 9.3 IF-IMV 129 Appendix A (informative) integrity management framework 134 Annex B (informative) Security Policy Management Framework 136 Annex C (informative) digital envelope 138 Figure 1 trusted connection architecture (TCA) 5 Figure 2 TCA implementation process 8 Figure 3 trusted connections architecture 10 having a barrier layer of repair FIG. 4 TCA sequence TAEP discrimination to achieve a hierarchical model 12 Figure 5 sequence to achieve a discriminating TAEP of TAEP interaction 14 Figure 6 TCA sequence identification TAEP achieve two hierarchical model 15 7 identification sequence TAEP II TAEP achieve a 18 interactions TAEP identification 8 sequence diagram II TAEP achieve interaction 2.19 Figure 9 FLAG 21 Figure 10 EWAI certificate authentication protocols 21 11 1 message data field 22 format 12 2 message data field 22 format 13 3 message data field 23 format 14 4 message data field 24 format 15 message format 5 data field 27 Figure 6 16 message data field 30 format 17 7 message format of the data field 33 18 message format 8 data field 36 19 messages 9 format of the data field 36 FIG. 20 TCA tunnel TAEP discriminating way hierarchical model 38 TAEP interaction tunnel 21 to achieve a discriminating TAEP 41 TAEP interaction 22 tunnel TAEP discrimination implemented 2.42 Figure 23 ETLS protocol handshake protocol packet format 43 Figure 24 ETLS handshake agreement 44 Figure 1 25 message data field 44 format Figure 26 FLAG 45 27 2 message data field 46 format Figure 28 Message 3 data field 48 format 29 4 message data field 49 format Port control system structure 30 full implementation of port control under 52 Figure 31 PAI agreement basic flow 54 Figure 32 PAI protocol packet format 56 33 The FLAG format 57 Figure 34 Component Type-class platform integrity measurement request parameter 58 Figure 35 Component Properties class platform integrity measurement request parameter entry 58 Figure 36 Component Type-class platform integrity assessment policy entry 59 37 level platform component product integrity assessment policy entry 59 38 Component Properties entry-level platform integrity evaluation strategy 60 Figure 39 Component Type-class platform integrity metric of 60 entries Figure 40 IF-IM entry-level platform integrity metric 61 Figure 41 Component Type 61 entry-level data values \u200b\u200bQuote Figure 42 IF-IM data value entry-level Quote 61 Figure 43 Component Type Configuration Protection policy entry-level platform 62 Figure 44 assembly production-level platform Configuration Protection policy entry 62 Figure 45 Component Properties entry-level platform configuration protection policies 63 46 level platform component type patch information entry 63 Figure 47 IF-IM entry-level platform repair information 63 Figure 48 Component Type 64 entry-level error cause Figure 49 Component Product information entry level error Cause 64 Attribute-level cause of the error information entry 65 Figure 50 Components Figure 51 Type - Length - Value (TLV) format 65 52 66 Signature Properties 53 platform integrity measurement request parameter 67 54 platform integrity evaluation strategy 67 55 platform integrity metric 68 Figure 56 Quote data value 68 Figure 57 platform configuration protection policy 69 Figure 58 PIK certificate authentication and platform integrity assessment results 69 59 platform repair information 71 Figure 60 Cause of error message 71 61 convergence platform integrity evaluation strategy 71 Figure 1 62 message data field 72 format 63 message data field format 2 76 Figure 3 64 message data field 79 format The specific process Figure 65 PAI-1 protocol IMV generation component product-level platform integrity assessment results and other parameters 82 The specific process Figure 66 PAI-1 protocol EPS generation component type-class platform integrity assessment results and other parameters 84 The specific process Figure 67 PAI-1 protocol EPS generate AR platform integrity assessment results and other parameters 85 68 message data field format of 864 Figure 5 69 message data field 90 format Figure 6 70 message data field 93 format 71 1 message data field 94 format 72 2 message data field 98 format Message 3 of 73 field format data 101 Figure 74 PAI-2 protocol IMV generation component product-level platform integrity assessment results and other specific process parameters 104 The specific process Figure 75 PAI-2 protocol EPS generation component type-class platform integrity assessment results and other parameters 106 The specific process Figure 76 PAI-2 protocol EPS generate AR platform integrity assessment results and other parameters 107 77 message data field format 4 108 Message data field format 78 5 111 79 6 message format data field 114 Figure 80 IF-IM format messages 116 Figure 81 IF-IM format attribute 116 IF-IM property value 82 117 Products 83 digital version of IF-IM attribute values \u200b\u200b118 84 string version of the IF-IM attribute values \u200b\u200b118 IF-IM attribute values \u200b\u200bFigure 85 operating state 118 86 Platform Patch information IF-IM attribute values \u200b\u200b119 87 119 URI-based repair instructions Figure 88 IF-IM 120 error message Figure 89 AR in the IF-IMC interactive schematic 125 Figure 90 AC of the IF-IMC interactive schematic 129 Figure 91 IF-IMV interactive schematic 133 Figure A.1 Integrity Management Framework 134 Figure B.1 Security Policy Management Framework 136 Figure C.1 digital envelope generation and unlock 138 Table 1 platform integrity evaluation results or arithmetic rule 86 Table 2 platform integrity evaluation results and operational rules 86 Table 3 standard definition component type 115 Table 4 standard definition of IF-IM attribute type 117 Table 5 IF-IMC performance function result status code 120 Table 6 network connection status value 121 Table 7 the next cause value platform authentication process 121 Table 8 IF-IMV function function result status code 130

Foreword

This standard was drafted in accordance with GB/T 1.1-2009 rules. This standard by the National Safety Standardization Technical Committee (SAC/TC260) and focal points. connection. This standard applies to the trusted network having a trusted platform control module terminal and the network connection.

2 Normative references

The following documents for the application of this document is essential. For dated references, only the dated version suitable for use herein Member. For undated references, the latest edition (including any amendments) applies to this document. GB 15629.11-2003 between information technology systems to exchange specific requirements - Local and metropolitan area networks 11 Telecommunications and Information . Wireless LAN Medium Access Control and Physical Layer Specifications GB 15629.11-2003/XG1-2006 Information technology - Telecommunications and information exchange between systems - Local and metropolitan area networks Laid Statutory requirements - Part 11. Wireless LAN Medium Access Control and Physical Layer Specifications No. 1 amendments GB/T 28455-2012 Information security technology into a trusted third party entity authentication and access architecture specification ISO /IEC 9798-3.1998/Amd.1.2010 Information technology - Security techniques - Entity Identification - Part 3. Digital Signature Mechanism technical amendments No. 1. the introduction of online trusted third party mechanism (Informationtechnology-Securitytech- niques-Entityauthentication-Part 3. Mechanismsusingdigitalsignaturetechniques-Amendment 1. Mechanismsinvolvinganon-linetrustedthirdparty) ISO /IEC 18028-5.2006 Information technology - Security techniques - IT network security - Part 5. Using a cross-virtual private network Communications Security (Informationtechnology-Securitytechniques-ITnetworksecurity-Part 5. Securing communicationsacrossnetworksusingvirtualprivatenetworks) IETFRFC2138 Remote Authentication Dial-In User Service (RemoteAuthenticationDialInUserService) IETFRFC2246 TLS Protocol Version 1.0 (TheTLSProtocolVersion1.0) IETFRFC2547 Border Gateway Protocol/Multiprotocol Label Switching Virtual Private Network (BGP/MPLSVPNs) IETFRFC2675 Ipv6 giant package (IPv6Jumbograms) IETFRFC2865 Remote Authentication Dial-In User Service (RemoteAuthenticationDialInUserService) IETFRFC2866 Remote Authentication Dial In User Service billing (RADIUSAccounting) IETFRFC3280 X.509 Public Key Infrastructure Certificate and Certificate Revocation List contour (InternetX.509PublicKeyIn- frastructureCertificateandCertificateRevocationListProfile) IETFRFC3539 authentication, authorization, and accounting transport contour (AuthenticationAuthorizationandAccounting TransportProfile) IETFRFC3588 Diameter base protocol (DiameterBaseProtocol) IETFRFC3589 3GPP Diameter of command code (DiameterCommandCodesforThirdGeneration PartnershipProjectRelease5) IETFRFC4346 TLS protocol version 1.1 (TheTLSProtocolVersion1.1)