|
US$1669.00 ยท In stock
Delivery: <= 10 days. True-PDF full-copy in English will be manually translated and delivered via email.
LY/T 2170-2013: Security evaluation criterion of forestry information system
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| LY/T 2170-2013 | English | 1669 |
Add to Cart
|
10 days [Need to translate]
|
Security evaluation criterion of forestry information system
| Valid |
LY/T 2170-2013
|
PDF similar to LY/T 2170-2013
Basic data | Standard ID | LY/T 2170-2013 (LY/T2170-2013) | | Description (Translated English) | Security evaluation criterion of forestry information system | | Sector / Industry | Forestry Industry Standard (Recommended) | | Classification of Chinese Standard | B65 | | Classification of International Standard | 65.020.40 | | Word Count Estimation | 68,688 | | Quoted Standard | GB/T 5271.8; GB 17859; GB/T 22240; GB 50016; GB 50174-2008 | | Regulation (derived from) | State Forestry Bulletin No. 14 of 2013 | | Issuing agency(ies) | State Forestry Administration | | Summary | This standard specifies the basic requirements for the protection of forestry different security level of information systems, including the basic technical requirements, the basic management requirements and response measures. This standard applies to se | LY/T 2170-2013: Security evaluation criterion of forestry information system---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Security evaluation criterion of forestry information system
ICS 65.020.40
B65
People's Republic of China Forestry Industry Standard
Forestry Information System Safety Assessment Guidelines
Published on.2013-10-17
2014-01-01 implementation
State Forestry Administration released
Content
Foreword III
Introduction IV
1 Scope 1
2 Normative references 1
3 Terms and Definitions 1
4 Forestry Information System Security Level Protection 1
4.1 Forestry Information System Security Protection Level 1
4.2 Different levels of security protection 1
4.3 Basic safety requirements 2
4.4 Three types of basic technical requirements 2
5 First level basic requirements and countermeasures 2
5.1 Technical requirements and countermeasures 2
5.1.1 Physical Security 2
5.1.2 Network Security 3
5.1.3 Host Security 4
5.1.4 Application Security 4
5.1.5 Data Security and Backup Recovery 5
5.2 Management requirements and countermeasures 5
5.2.1 Safety Management System 5
5.2.2 Security Management Agency 5
5.2.3 Personnel Safety Management 6
5.2.4 System Construction Management 6
5.2.5 System Operation and Maintenance Management 7
6 Second level basic requirements and countermeasures 9
6.1 Technical requirements and countermeasures 9
6.1.1 Physical Security 9
6.1.2 Network Security 11
6.1.3 Host Security 12
6.1.4 Application Security 13
6.1.5 Data Security and Backup Recovery 14
6.2 Management requirements and countermeasures 15
6.2.1 Safety Management System 15
6.2.2 Safety Management Agency 15
6.2.3 Personnel safety management 16
6.2.4 System Construction Management 16
6.2.5 System Operation and Maintenance Management 18
7 Third level basic requirements and countermeasures 21
7.1 Technical requirements and countermeasures 21
7.1.1 Physical Security 21
7.1.2 Network Security 23
7.1.3 Host Security 25
7.1.4 Application Security 27
7.1.5 Data Security and Backup Recovery 29
7.2 Management requirements and countermeasures 29
7.2.1 Safety Management System 29
7.2.2 Security Management Agency 30
7.2.3 Personnel safety management 31
7.2.4 System Construction Management 32
7.2.5 System Operation and Maintenance Management 34
8 Fourth level basic requirements and countermeasures 38
8.1 Technical requirements and countermeasures 38
8.1.1 Physical Security 38
8.1.2 Network Security 40
8.1.3 Host Security 42
8.1.4 Application Security 44
8.1.5 Data Security and Backup Recovery 46
8.2 Management requirements and countermeasures 47
8.2.1 Safety Management System 47
8.2.2 Security Management Agency 48
8.2.3 Personnel safety management 49
8.2.4 System Construction Management 50
8.2.5 System Operation and Maintenance Management 52
9 Level 5 Basic Requirements 56
Appendix A (Normative Appendix) Requirements for the overall safety protection capabilities of forestry information systems 57
Appendix B (Normative Appendix) Selection and use of safety requirements for important information systems in forestry 58
References 59
Foreword
This standard was drafted in accordance with the rules given in GB/T 1.1-2009.
This standard is proposed and managed by the National Forestry Information Data Standardization Technical Committee (SAC/TC386).
This standard was drafted. National Forestry Administration Information Center, China Science and Technology Information Security Common Technology National Engineering Research Center Co., Ltd.
The main drafters of this standard. Yang Xinmin, Wu Rigen, Li Shufang, Wen Zhanqiang, Bai Ying, Zhang Yang, Yan Shaoliang, Xue Zhengyu.
Introduction
This standard is formulated in accordance with the national information security level protection management regulations. Forestry has a high degree of informationization and high business continuity requirements.
The capacity and processing power of information systems are highly demanding. This standard is based on the actual situation of forestry and the information security technology information system.
The relevant requirements of the Basic Requirements for Safety Level Protection (GB/T 22239-2008) have been clarified, refined and adjusted, and forestry has been proposed and regulated.
Technical requirements for different levels of information systems, and technical and management responses for different levels of security requirements, applicable to
Guide forestry in accordance with the requirements of grade protection for safety construction, evaluation and supervision.
In the text of this standard, the contents of the definition, refinement and adjustment are indicated in italics.
Forestry Information System Safety Assessment Guidelines
1 Scope
This standard specifies the basic protection requirements for forestry security protection level information systems, including basic technical requirements and basic management requirements.
And countermeasures.
This standard is applicable to guide the safety construction, rectification, evaluation, supervision and management of forestry hierarchical information systems.
2 Normative references
The following documents are indispensable for the application of this document. For dated references, only dated versions apply to this article.
Pieces. For undated references, the latest edition (including all amendments) applies to this document.
GB/T 5271.8 Information technology vocabulary Part 8. Security
GB 17859 Computer Information System Security Protection Level Division Guidelines
GB/T 22240 Information Security Technology Information System Security Level Protection Rating Guide
GB 50016 Building Design Fire Code
GB 50174-2008 Electronic Information System Room Design Specification
3 Terms and definitions
The following terms and definitions as defined in GB/T 5271.8 and GB 17859 apply to this document.
3.1
Security protection capability
The system is able to withstand threats, detect security incidents, and restore the previous state after the system is compromised.
4 Forestry Information System Security Level Protection
4.1 Forestry Information System Security Protection Level
The forestry information system is destroyed by national security and society according to its importance in national security, economic construction and social life.
The degree of harm to the order, the stability of the forestry market, the public interest, and the legitimate rights and interests of investors, legal persons and other organizations is divided into five from low to high.
For the classification, the definition of classification is given in GB/T 22240.
4.2 Different levels of security protection
The basic security protection capabilities of different levels of information systems are as follows.
First-level security protection. should be able to protect the system from malicious attacks from individual, threatened sources with few resources,
The damage caused by the general natural disaster and other threats of considerable harm can be restored after the system is damaged.
Some features.
Second-level security protection. should be able to protect the system from evil sources from small external organizations with small resources
Important resources caused by intentional attacks, general natural disasters, and other threats of considerable harm can reveal important security
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of LY/T 2170-2013_English be delivered?Answer: Upon your order, we will start to translate LY/T 2170-2013_English as soon as possible, and keep you informed of the progress. The lead time is typically 6 ~ 10 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of LY/T 2170-2013_English with my colleagues?Answer: Yes. The purchased PDF of LY/T 2170-2013_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.
|