|
US$989.00 · In stock
Delivery: <= 7 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 31507-2015: Information security technology -- General testing guide for security of smart card
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 31507-2015 | English | 989 |
Add to Cart
|
7 days [Need to translate]
|
Information security technology -- General testing guide for security of smart card
| Valid |
GB/T 31507-2015
|
PDF similar to GB/T 31507-2015
Basic data | Standard ID | GB/T 31507-2015 (GB/T31507-2015) | | Description (Translated English) | Information security technology -- General testing guide for security of smart card | | Sector / Industry | National Standard (Recommended) | | Classification of Chinese Standard | L80 | | Classification of International Standard | 305.40 | | Word Count Estimation | 47,453 | | Date of Issue | 2015-05-15 | | Date of Implementation | 2016-01-01 | | Quoted Standard | GB/T 20276-2006; GB/T 22186-2008; CCDB-2008-04-001 | | Regulation (derived from) | National Standard Announcement 2015 No. 15 | | Issuing agency(ies) | General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China | | Summary | This Standard specifies the general processes and methods of smart card products for safety testing. This Standard applies to the smart card security test and evaluation and certification. | GB/T 31507-2015: Information security technology -- General testing guide for security of smart card
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology. General testing guide for security of smart card
ICS 305.40
L80
National Standards of People's Republic of China
Information Security Technology
Cartoon Smart Safety Inspection Guide
Issued on. 2015-05-15
2016-01-01 implementation
Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China
Standardization Administration of China released
Table of Contents
Introduction Ⅲ
1 Scope 1
2 Normative references 1
3 Terms, Definitions and Abbreviations 1
4 3 General safety testing smart cards
4.1 General model under test piece 3
4.2 Subject and Object Detection 4
4.3 detection purposes 4
4.4 Test basis 5
5 4.5 test content
4.6 detection element 5
4.7 detection process 6
5 security features verification 6
5.1 Overview 6
5.2 implementation instructions 8
5.3 implementation of the content 8
6 permeability detector 11
6.1 Overview 11
6.2 Preparation for testing permeability 12
6.3 permeability detection embodiment 13
6.4 permeability detection Example 14
6.5 Permeability Test Report 15
7 15 test reports
7.1 Overview 15
The main contents of the report 15 7.2
7.3 attack scenario described scale 15
Appendix A (informative) smart card security feature set 16
Annex B (informative) smartcard attack method 20
Annex C (informative) smart card security detection frame 23
Annex D (informative) Program for testing the theme file structure Example 26
Annex E (informative) detection scheme template customization services 30
Annex F (informative) Laboratory and ready to start 32
Annex G (normative) Classification of safety testing smart card 38
References 42
Figure 1 enclosed structure of smart card products 3
2 open structure Figure 3 smart card products
The basic structure of the smart card chip 3 of 4
Figure 4 detects elements 5
5 detection process 6
6 security features verification. input, process and output 7
7 security features to verify the main content of 8
Figure 8 Documentation review. input, output 9
Figure 9 source code checking. input, output 9
10 independent security function tests. input, process and output 10
11 permeability detection. input, methods, tools, techniques and output 12
12 permeability detection process 14
Figure C.1 permeable layer chip detection frame example of FIG. 25
Three sub-phases Figure F.1 preparation and start-up phase 32
Figure F.2 laboratory preparation. input, output and preparation 33
Figure F.3 project preparation. input, output 34
Figure F.4 test content and the border 35
Table C.1 detecting 24 cases template
Table D.1 MCC01-1 semi-invasive - chip ready -128
Foreword
This standard was drafted in accordance with GB/T 1.1-2009 given rules.
This standard by the National Information Security Standardization Committee (SAC/TC260) and focal points.
This standard was drafted. National Information Technology Security Research Center, China Electronics Standardization Institute, the National Technology Company Limited
Division, the China Information Security Evaluation Center, China Financial Computerization Corporation Standardization Center.
The main drafters of this standard. Frantz Club, Palace Yafeng, Sui Xin, Jia Jia, Xiongke Qi, justice, Wang Huan, Du Nan, Chen Xing, Gao Jian, Mu Ningbo,
Zhang Chong Bin, Yang Yongsheng, Li Guojun, Han Jianguo, Tian rain, Zhao Xiaorong.
Information Security Technology
Cartoon Smart Safety Inspection Guide
1 Scope
This standard specifies the general process and methods of smart card products for safety testing.
This standard applies to smart card security testing assessment and certification.
2 Normative references
The following documents for the application of this document is essential. For dated references, only the dated version suitable for use herein
Member. For undated references, the latest edition (including any amendments) applies to this document.
GB/T 20276-2006 Information security technology security technology smart card embedded software requirements (EAL4 enhanced level)
Integrated circuits GB/T 22186-2008 Information security technology has a central processor (IC) card chip security technology requirements (assessment
Ensure enhanced level 4)
CCDB-2008-04-001 attack potential applications of smart cards (ApplicationofAttackPotentialtoSmartcardsV.2.5)
3 Terms, definitions and abbreviations
3.1 Terms and Definitions
The following terms and definitions apply to this document.
3.1.1
Smart card smartcard
An integrated circuit having a central processing unit (CPU) (IC) card, is a central processor having an integrated circuit chip embedded in a plastic
Substrate, and packaged into card form.
Note. From the data transmission can be divided into contactless smart card and contactless smart cards.
3.1.2
Smart card products smartcardproduction
An integrated circuit chip having a CPU and chip operating system, smart card, and includes a non-standard form, but also an integrated circuit having a CPU
Chip and chip operating system products.
NOTE. The standard form of smart card products and technical specifications are GB/T 14916-2006 and GB/T 16649 national standards and ISO /IEC 7816,
ISO /IEC 14443 international standards required; smart card products as a whole as measured by a composite of pieces.
3.1.3
Independent security function tests independentsecurityfunctionaltesting
It is carried out independently by the evaluator (or delegate specialized laboratories qualified) but according to the developer's reference and text function tests
Files and (or) the use of the developer's testing resources, a subset of smart card security feature set and the detected document (see Appendix A) sampling performed
Safety function tests.
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 31507-2015_English be delivered?Answer: Upon your order, we will start to translate GB/T 31507-2015_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 7 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GB/T 31507-2015_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 31507-2015_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.
|