|
US$269.00 ยท In stock
Delivery: <= 3 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 42971-2023: Third-party service platform for electronic contract information security technical requirement
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 42971-2023 | English | 269 |
Add to Cart
|
3 days [Need to translate]
|
Third-party service platform for electronic contract information security technical requirement
| Valid |
GB/T 42971-2023
|
PDF similar to GB/T 42971-2023
Basic data | Standard ID | GB/T 42971-2023 (GB/T42971-2023) | | Description (Translated English) | Third-party service platform for electronic contract information security technical requirement | | Sector / Industry | National Standard (Recommended) | | Classification of Chinese Standard | A10 | | Classification of International Standard | 35.240.60 | | Word Count Estimation | 14,159 | | Date of Issue | 2023-09-07 | | Date of Implementation | 2024-04-01 | | Issuing agency(ies) | State Administration for Market Regulation, China National Standardization Administration | GB/T 42971-2023: Third-party service platform for electronic contract information security technical requirement
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
ICS 35.240.60
CCSA10
National Standards of People's Republic of China
Information security of third-party electronic contract service platform
skills requirement
2024-04-01 Implementation
State Administration for Market Regulation
Released by the National Standardization Administration Committee
Table of contents
Preface III
1 Scope 1
2 Normative reference documents 1
3 Terms and Definitions 1
4 Basic requirements 2
4.1 Qualification requirements 2
4.2 True identity 2
4.3 Business Continuity Guarantee 2
4.4 Communication security 2
4.5 Safety Assessment and Supervision3
4.6 Data Security 3
4.7 Electronic signature 3
4.8 Record retention3
5 Establish process safety3
5.1 Basic requirements 3
5.2 Real-name verification 4
5.3 Digital certificate application 4
5.4 Cryptozoological algorithms and cryptographic products5
5.5 Timestamp 5
5.6 Reliability of evidence 5
5.7 Data security technology 5
6 Storage and Application Security 5
6.1 Storage Security 5
6.2 Privacy Protection Security 6
6.3 Judicial Evidence 6
7 Security Operation and Maintenance 7
7.1 Log Management 7
7.2 Vulnerability Management7
7.3 Backup management7
7.4 Security incident management7
Reference 9
Foreword
This document complies with the provisions of GB/T 1.1-2020 "Standardization Work Guidelines Part 1.Structure and Drafting Rules of Standardization Documents"
Drafting.
Please note that some content in this document may be subject to patents. The publisher of this document assumes no responsibility for identifying patents.
This document is proposed and coordinated by the National Electronic Business Standardization Technical Committee (SAC/TC83).
This document was drafted by. Hangzhou Tiangu Information Technology Co., Ltd., Shenzhen Huinong Zhiguang Technology Co., Ltd., Guangzhou Zhiyou Information Technology Co., Ltd.
Co., Ltd., Fuzhou Yijia Technology Co., Ltd., Xianju Haoniu Network Technology Co., Ltd., Jiangxi Zeshan Intelligent Technology Co., Ltd., Shenzhen Fada
Network Technology Co., Ltd., Beijing Anzhengtong Information Technology Co., Ltd., China Institute of Standardization, Beijing Shengzhi Technology Co., Ltd., Jiang
Xijinhu Insurance Equipment Group Co., Ltd., China Mobile System Integration Co., Ltd., Hangzhou Consumer Rights Protection Committee Secretariat (Hangzhou National
E-commerce Product Quality Monitoring and Disposal Center), Hangzhou Shangshangsha Network Technology Co., Ltd., China Information Security Research Institute Co., Ltd., Nan
Jingyi Zhengtong Information Technology Co., Ltd., Beijing Zhongpu Zhixin Standardization Consulting Firm, Shanxi Ketai Aerospace Defense Technology Co., Ltd.,
Hangzhou Quality and Technical Supervision and Inspection Institute, Fujian Engineering College, Liaocheng Zhuoqun Auto Parts Co., Ltd., Liaocheng Zhengfeng Electric Co., Ltd., China
Guancun Emerging Technology Service Industry Alliance, Zhongguancun Spatial Information Industry Technology Alliance, Henan Information Consulting Design Research Co., Ltd., Fu
Provincial Institute of Standardization, China Light Industry Information Center, Great Wall Computer Software and Systems Co., Ltd., Zhongke Standard (Ningde) Technology Co., Ltd.
Company, China Cable Network Information Technology (Shandong) Co., Ltd., Lvdengxing Cable Group Co., Ltd., Dongguan Yidianyuan Industrial Investment Co., Ltd., Fu
Zhou Baoshang Information Technology Co., Ltd., Shandong Rongtuo Technology Co., Ltd., Jiangxi Jinge Technology Co., Ltd., Beijing Zhongke Standard Technology
GROUP LIMITED.
The main drafters of this document. Wang Zhimin, Zhang Xiwu, Wu Guojian, Zeng Xiaofan, Liu Ying, Jin Hongzhou, Cheng Liang, Fan Xiao, Guo Feng, Mei Zhen, Liu Shixue,
Sun Cong, Chen Xiaoliang, Zhao Wenqing, Zhao Zhaolin, Huang Zhonghu, Wan Min, Ma Jianhong, Shi Lijuan, Ding Jianjun, Zhao Ning, Huo Dongmei, Xiong Shulin, Zhai Jianfei,
Fu Yiming, Zhang Longyu, Ma Shengdong, Zhang Xun, Yang Weiguo, Mao Wei, Ma Guanghao, Zhao Yang, Meng Huimin, Li Yuezhen, Cao Xinjiu, Sun Guangzhi, Xiong Bolin,
Wang Wei, Miao Xianyu, Wang Bing, Shao Qiang, Xian Chuanjun, Zheng Hailin, Xin Qianqian, Zhou Runqiu, Luo Xianjuan, Chen Guilian, Li Cinu, Zhang Jiamin.
Information security of third-party electronic contract service platform
skills requirement
1 Scope
This document stipulates the basic requirements for third-party electronic contract service platforms, the security of the conclusion process, storage and application security, and secure operation and maintenance, etc.
Require.
This document applies to the design, development, operation and electronic contract conclusion process of the third-party electronic contract service platform.
2 Normative reference documents
The contents of the following documents constitute essential provisions of this document through normative references in the text. Among them, the dated quotations
For undated referenced documents, only the version corresponding to that date applies to this document; for undated referenced documents, the latest version (including all amendments) applies to
this document.
GB/T 20520 Information security technology public key infrastructure timestamp specification
GB/T 20988 Information Security Technology Information System Disaster Recovery Specification
GB/T 22239 Basic requirements for network security level protection of information security technology
GB/T 28448 Information security technology network security level protection evaluation requirements
GB/T 32918.2 Information security technology SM2 elliptic curve public key cryptography algorithm Part 2.Digital signature algorithm
GB/T 35273 Information Security Technology Personal Information Security Specifications
GB/T 37988 Information security technology data security capability maturity model
GB 50174 Data Center Design Specification
JR/T 0118 Financial Electronic Authentication Specification
3 Terms and definitions
The following terms and definitions apply to this document.
3.1
electroniccontractelectroniccontract
The establishment, change and termination of civil rights obligations between natural persons, legal persons and other organizations use data messages as the carrier and use electronic communication means.
business relationship agreement.
[Source. GB/T 36298-2018, 3.1, with modifications]
3.2
electronic signatureelectronicsignature
Data contained in a data message in electronic form and attached to identify the signer and indicate that the signer acknowledges its content.
3.3
PKI-based digital signature authentication technology.
3.4
Activities that provide authenticity and reliability verification for all parties involved in electronic signatures.
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 42971-2023_English be delivered?Answer: Upon your order, we will start to translate GB/T 42971-2023_English as soon as possible, and keep you informed of the progress. The lead time is typically 1 ~ 3 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GB/T 42971-2023_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 42971-2023_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.
|