HOME Cart(0) Quotation About-Us Policy PDFs Standard-List
www.ChineseStandard.net Database: 189759 (19 Oct 2025)

GB/T 35101-2017 English PDF

US$719.00 · In stock
Delivery: <= 7 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 35101-2017: Information security technology -- Smart card reader security technology requirements (EAL4+)
Status: Valid

Standard ID	Contents [version]	USD	STEP2	[PDF] delivered in	Standard Title (Description)	Status	PDF
GB/T 35101-2017	English	719	Add to Cart	7 days [Need to translate]	Information security technology -- Smart card reader security technology requirements (EAL4+)	Valid	GB/T 35101-2017

PDF similar to GB/T 35101-2017

Standard similar to GB/T 35101-2017

GB/T 35273 GB/T 34953.4 GB/T 34953.2 GB/T 37027 GB/T 19713

Basic data

Standard ID	GB/T 35101-2017 (GB/T35101-2017)
Description (Translated English)	Information security technology -- Smart card reader security technology requirements (EAL4+)
Sector / Industry	National Standard (Recommended)
Classification of Chinese Standard	L80
Classification of International Standard	35.040
Word Count Estimation	36,363
Date of Issue	2017-11-01
Date of Implementation	2018-05-01
Regulation (derived from)	National Standard Announcement 2017 No. 29
Issuing agency(ies)	General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China

GB/T 35101-2017: Information security technology -- Smart card reader security technology requirements (EAL4+)

---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology-Smart card reader security technology requirements (EAL4) ICS 35.040 L80 National Standards of People's Republic of China Information Security Technology Smart card reader equipment safety Technical Requirements (EAL4 Enhanced) requirements (EAL4) Posted.2017-11-01 2018-05-01 implementation General Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China China National Standardization Administration released Directory Foreword V. 1 Scope 1 2 Normative references 1 3 Terms and definitions 1 4 symbols and abbreviations 2 5 machine description 2 5.1 Overview 2 5.2 TOE composition 2 5.3 Machine Service 4 5.4 Machine life cycle 4 5.5 TOE general function 4 6 safety environment 5 6.1 Assets 6.1.1 Internal TOE Assets 5 6.1.2 External TOE Assets 5 Assumptions 5 6.2.1 Development Environment Assumptions 5 6.2.2 Production Environment Assumptions 5 6.2.3 User Environment Assumptions 5 6.3 threats 6 6.3.1 Threat Body 6 6.3.2 Threat Description 6 6.3.2.1 General 6 6.3.2.2 Threats to Internal TOE Assets 6.3.2.3 Threats of External TOE Assets 6.4 Organizational Security Strategy 7 7 safety purpose 7 7.1 Overview 7 7.2 TOE safety purpose 7 7.3 Environmental Safety Purpose 8 8 Safety Requirements 8 8.1 Safety Function Components 8 8.1.1 General 8 8.1.2 FCS category. Password support 9 8.1.2.1 FCS decomposition 9 8.1.2.2 Key Management (FCS_CKM) 9 8.1.2.3 Cryptographic Operation (FCS_COP) 9 8.1.3 FDP class. User data protection 10 8.1.3.1 FDP decomposition 10 8.1.3.2 Data Authentication (FDP_DAU) 10 8.1.4 FIA categories. Identification and identification 10 8.1.4.1 FIA decomposition 10 8.1.4.2 Authentication Failure (FIA_AFL) 10 8.1.4.3 User Authentication (FIA_UAU) 11 8.1.4.4 User Identification (FIA_UID) 11 8.1.5 FMT category. Safety Management 11 8.1.5.1 FMT decomposition 11 8.1.5.2 FMT management activities 11 8.1.5.3 Function Management in TSF (FMT_MOF) 12 8.1.5.4 TSF Data Management (FMT_MTD) 12 8.1.5.5 Safety Management Role (FMT_SMR) 12 8.1.6 FPT class .TSF protection 13 8.1.6.1 FPT Decomposition 13 8.1.6.2 Failure Protection (FPT_FLS) 13 8.1.6.3 Transfer of TSF data within TOE (FPT_ITT) 13 8.1.6.4 TSF Physical Protection (FPT_PHP) 13 8.1.6.5 Trusted Recovery (FPT_RCV) 13 8.1.6.6 TSF Self Test (FPT_TST) 14 8.2 TOE Security Components 14 8.2.1 General 14 8.2.2 Security Architecture Description (ADV_ARC.1) 15 8.2.3 Complete Functional Specification (ADV_FSP.4) 15 8.2.4 TSF Security Function Implementation Representation Subset (ADV_IMP.1) 15 8.2.5 Basic Module Design (ADV_TDS.3) 16 8.2.6 Well-structured TSF internal subsets (ADV_INT.1) 17 8.2.7 Operation User Guide (AGD_OPE.1) 17 8.2.8 Preparation Procedure (AGD_PRE.1) 17 8.2.9 Production Support and Acceptance Procedures and Their Automation (ALC_CMC.4) 18 8.2.10 Issue Tracking CM Overlay (ALC_CMS.4) 18 8.2.11 Delivery procedure (ALC_DEL.1) 18 8.2.12 Identification of safety precautions (ALC_DVS.1) 18 8.2.13 Developer-Defined Life Cycle Model (ALC_LCD.1) 19 8.2.14 Well-defined development tools (ALC_TAT.1) 19 8.2.15 Declaration of Conformity (ASE_CCL.1) 19 8.2.16 Extension Component Definition (ASE_ECD.1) 20 8.2.17 ST Introduction (ASE_INT.1) 20 8.2.18 Security Aims (ASE_OBJ.2) 21 8.2.19 Derived safety requirements (ASE_REQ.2) 21 8.2.20 Security Definition (ASE_SPD.1) 21 8.2.21 TOE Profile Specification (ASE_TSS.1) 22 8.2.22 Coverage Analysis (ATE_COV.2) 22 8.2.23 Security Execution Module (ATE_DPT.2) 22 8.2.24 Function Test (ATE_FUN.1) 22 8.2.25 Independent Testing - Sampling (ATE_IND.2) 23 8.2.26 System Vulnerability Analysis (AVA_VAN.4) 23 9 Fundamentals 23 9.1 Fundamental Principles of Security 23 9.2 Safety Requirements Fundamentals 27 9.3 Security Functional Components Dependencies 30 References 31

Foreword

This standard was drafted in accordance with the rules given in GB/T 1.1-2009. Please note that some of this document may be patentable. The issuing agencies of this document do not bear the responsibility of identifying these patents. This standard by the National Information Security Standardization Technical Committee (SAC/TC260) and focal point. This standard was drafted by China Information Security Evaluation Center, Ministry of Industry and Information Technology Institute of Electronics Industry Standardization, Beijing University of Posts and Telecommunications, Beijing Institute of Technology, Zhejiang University, Wuhan University, Henan University of Science and Technology. The main drafters of this standard.Isheng Wei, Peng Yong, Gao Yang, Xie Feng, Zhang Pu containing, Ma Yang, Dai Zhonghua, Zhang Shu, Yang Yongsheng, Zhang Bin, Lu Xiaofeng, Huang Yonggang, Chen Tieming, Zhao Bo, Sun Shibao, Xiong Qi, Di Liqing, Xu Yuna, Chen Dongqing, Gao Haihui, Huo apricot, Wang Ting, Zhang Liang, Looking forward, Han Xuefeng. Information Security Technology Smart card reader equipment safety Technical Requirements (EAL4 Enhanced)

1 Scope

This standard specifies the EAL4 enhanced smart card reader device (hereinafter referred to as machine) description of the machine, the safety environment, security purposes, security Full requirements and basic principles. The safety functional components in this standard will meet the universal safety function requirements of EAL4 enhanced machinery, safety Barrier components will meet the universal safety assurance requirements of EAL4-enhanced machines. This standard applies to touch-type smart card reader test and evaluation equipment can also be used to guide the development of equipment, development and product procurement.

2 Normative references

The following documents for the application of this document is essential. For dated references, only the dated version applies to this article Pieces. For undated references, the latest edition (including all amendments) applies to this document. GB/T 18336.1-2015 Information technology - Security technology - Guidelines for the evaluation of information technology security - Part 1. Introduction and general model GB/T 18336.2-2015 Information technology - Security technology Information technology - Security Assessment Guidelines Part 2. Security Function Components GB/T 18336.3-2015 Information Technology Security Technology Information Technology Security Assessment Guidelines Part 3. Security components Information technology - Security terminology

3 Terms and definitions

GB/T 18336.1-2015 and GB/T 25069-2010 defined by the following terms and definitions apply to this document. 3.1 Smartcard smartcard An integrated circuit card having a central processing unit (CPU), that is, a CPU card, mounts an integrated circuit chip having a central processing unit In plastic substrates, and packaged into a card form. Note. From the data transmission mode, the smart card can be divided into contact and non-contact. 3.2 Read and write machine cardreader A smart card with interactive reading and writing equipment, it can effectively obtain authentication information and user data, and pass it to the application of soft Pieces, generate a reliable user activity. 3.3 Application software applicationsoftware Part of the implement software to realize the implement function of the implement. 3.4 System software software Direct operation of the hardware and hardware embedded in the hardware and the software can interact with the application software, which is in addition to the application software External software (including the proprietary software in the password module).

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 35101-2017_English be delivered?

Answer: Upon your order, we will start to translate GB/T 35101-2017_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 7 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 35101-2017_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 35101-2017_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.