HOME   Cart(0)   Quotation   About-Us Policy PDFs Standard-List
www.ChineseStandard.net Database: 189759 (19 Oct 2025)

GB/T 36960-2018 English PDF

US$839.00 ยท In stock
Delivery: <= 6 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 36960-2018: Information security technology -- Authentication and authorization -- Access control middleware framework and interface
Status: Valid
Standard IDContents [version]USDSTEP2[PDF] delivered inStandard Title (Description)StatusPDF
GB/T 36960-2018English839 Add to Cart 6 days [Need to translate] Information security technology -- Authentication and authorization -- Access control middleware framework and interface Valid GB/T 36960-2018

PDF similar to GB/T 36960-2018


Standard similar to GB/T 36960-2018

GB/T 37092   GB/T 36651   GB/T 36958   GB/T 36951   GB/T 36950   

Basic data

Standard ID GB/T 36960-2018 (GB/T36960-2018)
Description (Translated English) Information security technology -- Authentication and authorization -- Access control middleware framework and interface
Sector / Industry National Standard (Recommended)
Classification of Chinese Standard L80
Classification of International Standard 35.040
Word Count Estimation 42,424
Date of Issue 2018-12-28
Date of Implementation 2019-07-01
Issuing agency(ies) State Administration for Market Regulation, China National Standardization Administration

GB/T 36960-2018: Information security technology -- Authentication and authorization -- Access control middleware framework and interface


---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology--Authentication and authorization--Access control middleware framework and interface ICS 35.040 L80 National Standards of People's Republic of China Information Security Technology Authentication and Authorization Access control middleware framework and interface Published on.2018-12-28 2019-07-01 implementation State market supervision and administration China National Standardization Administration issued

Content

Foreword I 1 Scope 1 2 Normative references 1 3 Terms and Definitions 1 4 Abbreviations 2 5 Access Control Middleware System Framework 3 5.1 Overview 3 5.2 Component Definition 4 5.3 Interface between components 7 5.4 Working Process between Interfaces 8 6 Access Control Middleware Interface 9 6.1 Overview 9 6.2 Constant Definition 9 6.3 Policy Decision Interface (IF-PD) 9 6.4 Decision Management Interface (IF-DM) 9 6.5 Policy Query Interface (IF-PQ) 16 6.6 Attribute Query Interface (IF-AQ) 22 6.7 Cross-Domain Attribute Query Interface (IF-CDAQ) 26 Appendix A (informative) Application Scenario 30 Appendix B (informative) Interface message example 32 Reference 39

Foreword

This standard was drafted in accordance with the rules given in GB/T 1.1-2009. Please note that some of the contents of this document may involve patents. The issuing organization of this document is not responsible for identifying these patents. This standard is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260). This standard was drafted. Software Research Institute of Chinese Academy of Sciences, Data and Communication Protection Research and Education Center of Chinese Academy of Sciences, Beijing Digital Recognition Certification Co., Ltd., China Electronics Technology Standardization Institute. The main drafters of this standard. Zhang Yan, Zhang Liwu, Gao Zhigang, Wang Pengqi, Feng Dengguo, Jing Jiwu, Wu Pen, Li Qiang, Lin Xueyan, Chen Xing, Gao Neng, Confidence. Information Security Technology Authentication and Authorization Access control middleware framework and interface

1 Scope

This standard establishes the relationship between the framework structure and internal components of the access control middleware in the authentication and authorization system, and specifies the access control. The function, operation flow and interface requirements of each component in the component. This standard applies to the design and implementation of access control middleware and its internal components, and can guide the detection of such middleware systems and For the development of related applications, the procurement of such middleware products can also be referred to.

2 Normative references

The following documents are indispensable for the application of this document. For dated references, only dated versions apply to this article. Pieces. For undated references, the latest edition (including all amendments) applies to this document. GB/T 13000 Information Technology General Multi-Bit Coded Character Set (UCS) GB/T 18793-2002 Information Technology Extensible Markup Language (XML) 1.0 GB/T 18794.3-2003 Information technology - Open systems interconnection - Open system security framework - Part 3. Access control framework GB/T 25069-2010 Information Security Technology Terminology GB/T 31501-2015 Information Security Technology Authentication and Authorization Authorization Application Decision Interface Specification

3 Terms and definitions

The following terms and definitions as defined in GB/T 25069-2010 and GB/T 18794.3-2003 apply to this document. 3.1 Access control middleware accesscontrolmiddleware A system that evaluates the applicable access control information to determine whether the initiator can make a specific type of access to the access target. A collection of columns and interfaces between components. 3.2 Action action The access controls some action performed by the initiator of the behavior. Note. For example, reading, modifying, deleting, etc. 3.3 Attribute attribute A feature of a subject, resource, action, and environment that can be referenced in a policy. 3.4 Decision decision The result of the decision based on the access control policy. Note. For example, allowing or denying users access to specific resources.

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 36960-2018_English be delivered?

Answer: Upon your order, we will start to translate GB/T 36960-2018_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 6 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 36960-2018_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 36960-2018_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.