|
US$929.00 ยท In stock
Delivery: <= 7 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 35290-2023: Information security technology - Security technical specification for radio frequency identification(RFID) systems
Status: Valid GB/T 35290: Evolution and historical versions
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 35290-2023 | English | 929 |
Add to Cart
|
7 days [Need to translate]
|
Information security technology - Security technical specification for radio frequency identification(RFID) systems
| Valid |
GB/T 35290-2023
|
| GB/T 35290-2017 | English | 559 |
Add to Cart
|
3 days [Need to translate]
|
Information security technology -- General requirement of security for radio frequency identification systems
| Obsolete |
GB/T 35290-2017
|
PDF similar to GB/T 35290-2023
Basic data | Standard ID | GB/T 35290-2023 (GB/T35290-2023) | | Description (Translated English) | Information security technology - Security technical specification for radio frequency identification(RFID) systems | | Sector / Industry | National Standard (Recommended) | | Classification of Chinese Standard | L80 | | Classification of International Standard | 35.030 | | Word Count Estimation | 46,417 | | Date of Issue | 2023-12-28 | | Date of Implementation | 2024-07-01 | | Older Standard (superseded by this standard) | GB/T 35290-2017 | | Issuing agency(ies) | State Administration for Market Regulation, China National Standardization Administration | GB/T 35290-2023: Information security technology - Security technical specification for radio frequency identification(RFID) systems
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
ICS 35:030
CCSL80
National Standards of People's Republic of China
Replace GB/T 35290-2017
Information Security Technology Radio Frequency Identification (RFID) System
Safety technical specifications
Published on 2023-12-28
2024-07-01 Implementation
State Administration for Market Regulation
Released by the National Standardization Administration Committee
Table of contents
Preface III
1 Scope 1
2 Normative references 1
3 Terms and Definitions 1
4 Symbols and abbreviations 3
5 Overview 3
5:1 System composition 3
5:2 System security risks 4
6 System Security Classification 5
7 Safety technical requirements 5
7:1 Electronic tag security 5
7:2 Reader/Reader Security 7
7:3 Air interface communication link security 9
7:4 Network transmission communication link security 10
7:5 Snap-in Security 10
8 Test conditions 13
8:1 General requirements13
8:2 Test environmental conditions 14
8:3 General test equipment 14
9 Testing and evaluation methods 15
9:1 Electronic tag safety test and evaluation 15
9:2 Reader/Reader/Writer Security Test Evaluation 20
9:3 Air interface communication link security test evaluation 26
9:4 Network transmission communication link security test and evaluation 30
9:5 Management unit security test evaluation 32
Reference 40
Figure 1 Schematic diagram of radio frequency identification system 3
Table 1 Security risks of radio frequency identification systems 4
Foreword
This document complies with the provisions of GB/T 1:1-2020 "Standardization Work Guidelines Part 1: Structure and Drafting Rules of Standardization Documents"
Drafting:
This document replaces GB/T 35290-2017 "General Security Technical Requirements for Radio Frequency Identification (RFID) Systems in Information Security Technology" and is consistent with
Compared with GB/T 35290-2017, in addition to structural adjustments and editorial changes, the main technical changes are as follows:
---Changed the scope (see Chapter 1, Chapter 1 of the:2017 edition);
---Added and changed terms and definitions (see Chapter 3, 3:1 of the:2017 edition);
---Changed symbols and abbreviations (see Chapter 4, 3:2 of the:2017 edition);
---Changed the system composition (see 5:1, 4:1 of the:2017 version);
---Increased system security risks (see 5:2);
---Changed the system security classification (see Chapter 6,:2017 version 4:2);
---Changed the data verification requirements for electronic label security requirements (see 7:1:2:6, 5:1:2:6 of the:2017 version);
--- Added identification uniqueness, security audit and security audit confidentiality protection requirements for reader/reader writer security technology requirements (see
7:2:1:1, 7:2:1:9, 7:2:2:4);
---Added data integrity requirements for air interface communication link security technical requirements (see 7:3:2:1);
---Deleted the integrity recovery mechanism requirements for network transmission communication link security technical requirements (see 5:4:2:3 of the:2017 version);
---Added management unit security related to authorized program loading and updating, malicious code prevention, trusted verification, data backup and recovery,
Basic level requirements for security audits (see 7:5:1:3, 7:5:1:7, 7:5:1:8, 7:5:1:9, 7:5:1:10), as well as information on access control, data
Enhanced requirements for data integrity, data confidentiality, trusted verification, intrusion prevention, malicious code prevention, recoverability, and security auditing
(See 7:5:2:1, 7:5:2:2, 7:5:2:3, 7:5:2:4, 7:5:2:9, 7:5:2:10, 7:5:2:11, 7:5:2:12), understandable format removed
Enhanced level requirements (see 5:5:2:1:3 of the:2017 version);
---Added test environment requirements (see Chapter 8);
---Added test evaluation method (see Chapter 9):
Please note that some content in this document may be subject to patents: The publisher of this document assumes no responsibility for identifying patents:
This document is proposed and coordinated by the National Information Security Standardization Technical Committee (SAC/TC260):
This document was drafted by: The Third Research Institute of the Ministry of Public Security, China Electronics Technology Standardization Institute, Beijing Zhongke Guoji Information System Co:, Ltd:
Company, Shanghai Yishi Intelligent Technology Co:, Ltd:, Shanghai Lingang Power Electronics Research Co:, Ltd:, Tencent Cloud Computing (Beijing) Co:, Ltd:, Zhuhai
Haifudan Innovation Research Institute, Zhengzhou Xinda Ji'an Information Technology Co:, Ltd:, Shanghai Institute of Chemical Industry Testing Co:, Ltd:, Changyang Technology (Beijing)
Co:, Ltd:, Xi'an Jiaotong University Jabil Network Technology Co:, Ltd:, China Automotive Engineering Research Institute Co:, Ltd:, China Network Security Review Technology
Technology and Certification Center, Guangdong Ji'an Technology Co:, Ltd:, Zhejiang University of Technology:
The main drafters of this document: Liu Caixia, Gu Jian, Xie Fangyi, Zhang Yan, Liu Dandan, Jiao Zhihao, Li Lin, Li Zhe, Dai Jie, Liu Hong, Zhang Dongju,
Liu Yucheng, Li Jianhui, Liu Haitao, Wang Junyu, Liu Weihua, Wang Siyi, Zhao Hua, He Jianfeng, Liu Chong, Shen Yongbo, He Hongliang, Gu Guomin:
The previous versions of this document and the documents it replaces are as follows:
---First published as GB/T 35290-2017 in:2017;
---This is the first revision:
Information Security Technology Radio Frequency Identification (RFID) System
Safety technical specifications
1 Scope
This document specifies the security technical requirements for radio frequency identification (RFID) systems, including electronic tags, readers/readers, and air interface communications
The security requirements for links, network transmission communication link management units, etc: are given, and test conditions and test evaluation methods are given:
This document applies to the design, development, use, testing and evaluation of security functions of radio frequency identification (RFID) systems:
This document does not apply to radio frequency identification (RFID) systems in the 5:8GHz band:
Note: This document does not involve security functional requirements or security performance requirements for physical attack security risks:
2 Normative reference documents
The contents of the following documents constitute essential provisions of this document through normative references in the text: Among them, the dated quotations
For undated referenced documents, only the version corresponding to that date applies to this document; for undated referenced documents, the latest version (including all amendments) applies to
this document:
GB/T 20271 Information security technology general security technical requirements for information systems
GB/T 28925 Information technology radio frequency identification 2:45GHz air interface protocol
GB/T 29261:3 Information technology automatic identification and data collection technical vocabulary Part 3: Radio frequency identification
GB/T 29768 Information technology radio frequency identification 800/900MHz air interface protocol
GB/T 32915 Information security technology binary sequence randomness detection method
GB/T 33848:3 Information technology radio frequency identification Part 3: 13:56MHz air interface communication parameters
GB/T 37033:1-2018 Information security technology radio frequency identification system password application technical requirements Part 1: Password security
Protective frame and security level
GB/T 37033:2-2018 Information security technology radio frequency identification system password application technical requirements Part 2: Electronic tags and
Reader-writer and its communication password application technical requirements
GB/T 37033:3-2018 Information security technology radio frequency identification system password application technical requirements Part 3: Key management technology
technical requirements
3 Terms and definitions
GB/T 20271, GB/T 29261:3, GB/T 28925, GB/T 29768, GB/T 37033:1-2018, GB/T 37033:2-
2018, GB/T 37033:3-2018 and the following terms and definitions apply to this document:
3:1
In the radio frequency part of the spectrum, electromagnetic coupling or inductive coupling is used to interactively communicate with electronic tags through various modulation and coding schemes:
A technology that obtains the unique identity of electronic tags:
[Source: GB/T 29261:3-2012,05:01:01]
3:2
Using radio frequency identification technology, including one or more readers/readers, one or more electronic tags, readers/readers and
The air interface communication link between electronic tags, the network transmission communication link between the reader/reader and the management unit, and the management unit
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 35290-2023_English be delivered?Answer: Upon your order, we will start to translate GB/T 35290-2023_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 7 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GB/T 35290-2023_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 35290-2023_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. Question 5: Should I purchase the latest version GB/T 35290-2023?Answer: Yes. Unless special scenarios such as technical constraints or academic study, you should always prioritize to purchase the latest version GB/T 35290-2023 even if the enforcement date is in future. Complying with the latest version means that, by default, it also complies with all the earlier versions, technically.
|