|
US$359.00 ยท In stock
Delivery: <= 4 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 33134-2023: Information security technology - Security requirement of public domain name service system
Status: Valid GB/T 33134: Evolution and historical versions
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 33134-2023 | English | 359 |
Add to Cart
|
4 days [Need to translate]
|
Information security technology - Security requirement of public domain name service system
| Valid |
GB/T 33134-2023
|
| GB/T 33134-2016 | English | 559 |
Add to Cart
|
3 days [Need to translate]
|
Information security technology -- Security requirement of public DNS service system
| Obsolete |
GB/T 33134-2016
|
PDF similar to GB/T 33134-2023
Basic data | Standard ID | GB/T 33134-2023 (GB/T33134-2023) | | Description (Translated English) | Information security technology - Security requirement of public domain name service system | | Sector / Industry | National Standard (Recommended) | | Classification of Chinese Standard | L80 | | Classification of International Standard | 35.030 | | Word Count Estimation | 18,190 | | Date of Issue | 2023-03-17 | | Date of Implementation | 2023-10-01 | | Older Standard (superseded by this standard) | GB/T 33134-2016 | | Issuing agency(ies) | State Administration for Market Regulation, China National Standardization Administration | GB/T 33134-2023: Information security technology - Security requirement of public domain name service system
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
ICS35:030
CCSL80
National Standards of People's Republic of China
Replacing GB/T 33134-2016
Information Security Technology
Public Domain Name Service System Security Requirements
Released on 2023-03-17
2023-10-01 implementation
State Administration for Market Regulation
Released by the National Standardization Management Committee
table of contents
Preface I
1 Scope 1
2 Normative references 1
3 Terms and Definitions 1
4 Abbreviations 3
5 Overview 3
6 Public Domain Name Service System Security Technical Requirements 4
6:1 Technical requirements for authoritative domain name service system 4
6:2 Technical Requirements for Recursive Domain Name Service System 6
6:3 Authorization Security Requirements 7
6:4 DNS data backup requirements 7
7 Public Domain Name Service System Security Management Requirements 8
7:1 Asset management requirements 8
7:2 Personnel management requirements 8
7:3 Operation management requirements 8
7:4 Physical and Environmental Management Requirements 8
7:5 Equipment management requirements 9
7:6 Operational management requirements 9
7:7 Access control management requirements 11
7:8 Continuity management requirements 11
7:9 Network Security Incident Management Requirements 12
Appendix A (Normative) Security Requirements for Important DNS Infrastructure and Public Domain Name Service System of Important Government Websites 13
foreword
This document is in accordance with the provisions of GB/T 1:1-2020 "Guidelines for Standardization Work Part 1: Structure and Drafting Rules for Standardization Documents"
drafting:
This document replaces GB/T 33134-2016 "Information Security Technology Public Domain Name Service System Security Requirements", and GB/T 33134-
Compared with:2016, in addition to structural adjustments and editorial changes, the main technical changes are as follows:
a) Added the terms "namespace" and "public domain name service system" (see 3:1, 3:11);
b) Deleted the explanatory content of Figure 1 (see Chapter 5, 4:1 of the:2016 edition);
c) The security requirements for the deployment of important DNS infrastructure and the public domain name service system of important government websites have been added (see Section 5
Chapter, 4:2 of the:2016 edition);
d) The protocol requirements have been changed (see 6:1:1, 6:2:1, 5:1:1, 5:2:1 of the:2016 edition);
e) Added system security requirements and analysis security requirements for authoritative servers (see 6:1:3);
f) Added security requirements for recursive server and client connections (see 6:2:3);
g) Added system security requirements and parsing security requirements for recursive servers (see 6:2:4);
h) Changed the regulations on access control of external services (see 7:7:1, 6:7:1 of the:2016 edition);
i) Added security requirements for important DNS infrastructure deployment (see A:1 in Appendix A);
j) The security requirements for the public domain name service system of important government websites have been added (see A:2 in Appendix A):
Please note that some contents of this document may refer to patents: The issuing agency of this document assumes no responsibility for identifying patents:
This document is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260):
This document was drafted by: China Internet Network Information Center, National Computer Network Emergency Response Technology Coordination Center, Tsinghua University, Huawei
Technology Co:, Ltd:, Alibaba Cloud Computing Co:, Ltd:, Guangdong Yingshi Computer Technology Co:, Ltd:, China United Network Communications Co:, Ltd:, National Defense
University of Science and Technology, Computer Network Information Center of Chinese Academy of Sciences, Beijing Mi'an Network Technology Co:, Ltd:, Beijing Qihoo Technology Co:, Ltd:,
Venustech Information Technology Group Co:, Ltd:
The main drafters of this document: Li Hongtao, Yao Jiankang, Zhou Linlin, Zeng Yu, Dong Kejun, Yan Zhiwei, Zhang Man, Shu Min, Duan Haixin, Chen Yue,
Fan Dongyang, Song Linjian, Wu Xiucheng, Kong Lingfei, Cai Zhiping, Wu Shuangli, Han Yongfei, Zhang Yi, Deng Yi:
The release status of previous versions of this document and the documents it replaces are as follows:
---First published as GB/T 33134-2016 in:2016;
--- This is the first revision:
Information Security Technology
Public Domain Name Service System Security Requirements
1 Scope
This document specifies the security technical requirements and security management requirements of the public domain name service system:
This document is applicable to the operation and management of public domain name service systems at all levels:
2 Normative references
The contents of the following documents constitute the essential provisions of this document through normative references in the text: Among them, dated references
For documents, only the version corresponding to the date is applicable to this document; for undated reference documents, the latest version (including all amendments) is applicable to
this document:
YD/T 2052-2015 Domain Name System Security Protection Requirements
YD/T 2137 Domain Name System Recursive Server Operation Technical Requirements
YD/T 2138 Domain Name System Authoritative Server Operation Technical Requirements
YD/T 2142 General Technical Requirements for Chinese Domain Names Based on International Multilingual Domain Name System
YD/T 2143 Technical Requirements for Coding and Processing of Chinese Domain Names Based on the International Multilingual Domain Name System
YD/T 2438 Requirements for Chinese domain name registration word list based on international multilingual domain name system
sions)
(TLS))
IETFRFC8310 Usage of TLS-based DNS and DTLS-based DNS (Usageprofilesfor
3 Terms and Definitions
The following terms and definitions apply to this document:
3:1
namespace namespace
The hierarchy is named after the hierarchical representation of the tree structure:
Note: The name space is a tree structure, each node corresponds to the corresponding resource collection (this resource collection may be empty), DNS does not distinguish between nodes in the tree and
Leaf nodes are collectively referred to as nodes: Each node has a label, and the length of this label does not exceed 63 bytes: Nodes with different parent nodes can use the same
|