HOME Cart(0) Quotation About-Us Policy PDFs Standard-List
www.ChineseStandard.net Database: 189759 (19 Oct 2025)

GB/T 39786-2021 English PDF

US$409.00 · In stock
Delivery: <= 4 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 39786-2021: Information security technology - Baseline for information system cryptography application
Status: Valid

Standard ID	Contents [version]	USD	STEP2	[PDF] delivered in	Standard Title (Description)	Status	PDF
GB/T 39786-2021	English	409	Add to Cart	4 days [Need to translate]	Information security technology - Baseline for information system cryptography application	Valid	GB/T 39786-2021

PDF similar to GB/T 39786-2021

Standard similar to GB/T 39786-2021

GB/T 40660 GB 40050 GB/T 39205 GB/T 37027 GB/T 19713

Basic data

Standard ID	GB/T 39786-2021 (GB/T39786-2021)
Description (Translated English)	Information security technology - Baseline for information system cryptography application
Sector / Industry	National Standard (Recommended)
Classification of Chinese Standard	L80
Word Count Estimation	22,229
Issuing agency(ies)	State Administration for Market Regulation, China National Standardization Administration

GB/T 39786-2021: Information security technology - Baseline for information system cryptography application

---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology - Baseline for information system cryptography application ICS 35.040 L80 National Standards of People's Republic of China Information Security Technology Basic requirements for information system password application Released on 2021-03-09 2021-10-01 implementation State Administration of Market Supervision and Administration Issued by the National Standardization Management Committee

Foreword Ⅲ 1 Scope 1 2 Normative references 1 3 Terms and definitions 1 4 Overview 2 4.1 Information system password application technology framework 2 4.2 Description of basic requirements for password application 3 5 General requirements 4 6 Basic requirements for the first-level password application 4 6.1 Physical and environmental safety 4 6.2 Network and communication security 4 6.3 Equipment and computing security 4 6.4 Application and data security 4 6.5 Management System 5 6.6 Personnel Management 5 6.7 Construction and operation 5 6.8 Emergency response 5 7 Basic requirements for the second-level password application 5 7.1 Physical and environmental safety 5 7.2 Network and communication security 5 7.3 Equipment and computing security 6 7.4 Application and data security 6 7.5 Management System 6 7.6 Personnel Management 6 7.7 Construction and operation 6 7.8 Emergency response 7 8 Basic requirements for third-level password applications 7 8.1 Physical and environmental safety 7 8.2 Network and communication security 7 8.3 Equipment and computing security 7 8.4 Application and data security 7 8.5 Management System 8 8.6 Personnel Management 8 8.7 Construction and operation 8 8.8 Emergency response 9 9 Basic requirements for the fourth level of password application 9 9.1 Physical and environmental safety 9 9.2 Network and communication security 9 9.3 Equipment and computing security 9 9.4 Application and data security 10 9.5 Management System 10 9.6 Personnel management 10 9.7 Construction and operation 11 9.8 Emergency response 11 10 Basic requirements for level 5 password application 11 Appendix A (informative appendix) Summary list of basic requirements for different levels of password applications 12 Appendix B (Informative Appendix) Key Life Cycle Management 14 Reference 16

Foreword

This standard was drafted in accordance with the rules given in GB/T 1.1-2009. Please note that some of the contents of this document may involve patents. The issuing agency of this document is not responsible for identifying these patents. This standard was proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260). Drafting organizations of this standard. Beijing Digital Certification Co., Ltd., Commercial Password Testing Center of the State Cryptography Administration, Chinese Academy of Sciences According to the Communication Protection Research and Education Center, the Third Research Institute of the Ministry of Public Security, Shanghai Jiaotong University, Beijing Information Security Evaluation Center, Chengdu Weishi Communication Information Industry Co., Ltd., China Financial Electronics Corporation, Feitian Chengxin Technology Co., Ltd., Anhui Kece Information Technology Co., Ltd., Shenzhen Netan Computer Security Testing Technology Co., Ltd., Shandong Computing Center (National Supercomputing Jinan Center), China Electronics Technology Collection The 15th Research Institute of the Group Company (Information Industry Information Security Evaluation Center), Beijing Electronic Science and Technology Institute, Beijing Sanwei Xinan Technology Development Co., Ltd. Division, Xingtang Communication Technology Co., Ltd. The main drafters of this standard. Zhan Banghua, Song Lingdi, Luo Peng, Deng Kaiyong, Xia Luning, Huo Wei, Liu Jian, Xu Changwei, Tian Minqiu, Fu Dapeng, Ma Yuan, Zheng Fangyu, Chen Guangyong, Li Shuilin, Yinying, Liu Fang, Xiao Qiulin, Zhang Zhong, Li Chenyang, Zhang Xiaoxi, Yang Hongzhi, Zhu Pengfei, Ni Youming, Cheng Suqin, Liu Jian, Yan Yalong, Gao Zhiquan, Zhong Bo, Zhang Wenke, Liu Shangyan. Information Security Technology Basic requirements for information system password application

1 Scope

This standard specifies the basic requirements for the first to fourth levels of cryptographic applications in information systems, from the physical and environmental security of the information system, the network The four technical levels of network and communication security, equipment and computing security, and application and data security propose the first to fourth levels of cryptographic application technologies. Requirements, and put forward the first to fourth levels of password application management from four aspects. management system, personnel management, construction and operation, and emergency response. Claim. Note. The fifth-level password application only describes the general requirements in this standard, and the fifth-level password application technical requirements and management requirements are not described in this standard. This standard is applicable to guide and standardize the planning, construction, operation and evaluation of cryptographic applications of information systems. On the basis of this standard, Domains and industries can combine the cryptographic application requirements of the field and industry to guide and standardize the cryptographic applications of information systems.

2 Normative references

The following documents are indispensable for the application of this document. For dated reference documents, only the dated version applies to this article Pieces. For undated reference documents, the latest version (including all amendments) is applicable to this document. GB/T 37092 Information Security Technology Password Module Security Requirements

3 Terms and definitions

The following terms and definitions apply to this document. 3.1 Confidentiality The nature of ensuring that information is not leaked to unauthorized entities. 3.2 Dataintegrity The data is not subject to the nature of unauthorized changes. 3.3 Authenticity An entity is this characteristic of the entity it claims. Authenticity applies to entities such as users, processes, systems, and information. 3.4 Non-repudiation Prove the undeniable nature of an operation that has occurred. 3.5 Encryption The process of cryptographically transforming data to generate ciphertext. 3.6 Key The key information or parameters that control the operation of a cryptographic algorithm.