YD/T 1700-2007 (YD/T1700-2007, YDT 1700-2007, YDT1700-2007)
Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
YD/T 1700-2007 | English | 340 |
Add to Cart
|
0--9 seconds. Auto-delivery
|
Testing Methods for Mobile Terminal Information Security
| |
YD/T 1700-2007
|
Standards related to: YD/T 1700-2007
Standard ID | YD/T 1700-2007 (YD/T1700-2007) | Description (Translated English) | Testing Methods for Mobile Terminal Information Security | Sector / Industry | Telecommunication Industry Standard (Recommended) | Classification of Chinese Standard | M36 | Classification of International Standard | 33.60 | Word Count Estimation | 34,385 | Date of Issue | 2007-07-29 | Date of Implementation | 2008-01-01 | Drafting Organization | Ministry of Information Industry and Telecommunications Research Institute | Administrative Organization | China Communications Standards Association | Regulation (derived from) | ?MIIT-Science [2007] 480; | Summary | This standard specifies the information security testing method for mobile terminal equipment, including the terminal hardware security testing methods, safety testing methods terminal software, operating system security testing methods, but also includes a mobile terminal to access secure information transmission and security, mobile confidentiality of personal information, such as terminal information security testing methods. This standard applies to the second generation (including second generation) mobile communication network over the terminal equipment. This standard does not include EMC, EMI or other related electrical safety testing requirements. |
YD/T 17‐‐2007
ICS 33 60
M 36
YD
Telecommunication Industry Standard
Of the People’s Republic of China
YD/T 1700‐2007
Testing Methods for Mobile Terminal
Information Security
ISSUED ON. SEPTEMBER 29, 2006
IMPLEMENTED ON. JANUARY 1, 2008
Issued by. Ministry of Industry Information Technology, the People’s
Republic of China
Table of Contents
Preface ... 3
1 Scope ... 4
2 Quoted Standards ... 4
3 Definitions and Acronyms ... 5
3.1 Definitions ... 5
3.2 Acronyms ... 6
4 Overview ... 7
4.1 Test Environment ... 7
4.2 Terminal Information ... 8
4.3 Classes of Test Items ... 8
5 Mobile Terminal Access Security Test ... 9
5.1 Test of Basic Service and Functions ... 9
5.2 Test of Security-related Signaling Protocol ... 11
6 Mobile Terminal Security Test ... 14
6.1 User Identity Authentication ... 14
6.2 Mobile Terminal Hardware Security ... 19
6.3 Data Access Security ... 21
6.4 OS Security ... 25
7 Card Interface Test ... 32
7.1 GSM/GPRS Terminal SIM/ME Interface Test ... 32
7.2 CMA Terminal UIM/MS Interface Test ... 34
7.3 WCDMA Terminal Cu Interface Test ... 34
7.4 TD-SCDMA Terminal Cu Interface Test ... 36
Preface
This Standard is one of the serial mobile terminal information security specifications.
The structure and names of the serial specifications are as follows.
1. YD/T 1699-2007 “Technical Requirements for Mobile Terminal Information
Security”;
2. YD/T 1700-2007 “Testing Methods for Mobile Terminal Information Security”;
Where, YD/T1699-2007 “Technical Requirements for Mobile Terminal Information
Security” is the technical basis for this Standard.
This Standard is proposed and managed by China Telecommunication Standardization
Association.
This Standard is developed by. MII Telecommunication Institute, Huawei
Technology, Datang Telecom Technology & Industry Group, ZTE Inc., and China Mobile
Communication Corporation.
This Standard is drafted by. Pan Juan, Kuang Xiaoxuan, Zhang Xiang, Luo Hongwei, Li
Jinyi, and Liujun.
Testing Methods for Mobile Terminal
Information Security
1 Scope
This Standard specifies testing methods for mobile terminal information security,
including the testing methods for terminal hardware security, terminal software security, and
OS application security, as well as the testing methods for mobile terminal access security and
information transfer security, mobile terminal personal information confidentiality security
etc.
This Standard applies to terminal equipment in the second generation mobile
communication network and above. This Standard does not specify testing requirements
related to EMC, EMI or electrical security.
2 Quoted Standards
The following standards constitute stipulations of this Standard after quoted. All the
revision versions (excluding correction version) of the quoted standards specified with date
are not applicable for the document. Constituents are encouraged to use the latest version of
the documents. The latest version of the quoted documents without date specified is
applicable for this specification.
YD/T 1215-2006 Testing Methods of 900/1800MHz TDMA Digital Cellular Mobile
Telecommunication Network General Packet Radio Service (GPRS)
Equipment. Mobile Stations
YD/T 1683-2007 Testing Methods for CDMA Digital Cellular Mobile Communication
Network ME-UIM Card Interface;
3GPP TS 01.61 General Packet Radio Service (GPRS). GPRS Algorithm
Requirements
3GPP TS 31.121 UICC-Terminal Interface; USIM Application Testing Specification
3GPP TS 31.124 ME Consistency Test Specification; USAT Consistency Test
Specification
3GPP TS 34.123-1 UE Consistency Test Specification. Part I Protocol Consistency Test
Specification
3GPP TS 51.010-1 GSM/EDGE Radio Access Network Digital Cellular Communication
System (Phase 2);MS Consistency Test Specification. Part I
Consistency Test Specification
3GPP TS 51.010-4 MS Consistency Test Specification. Part IV SIM Application Toolkit
Consistency Test Specification
3GPP2 C.S0038-A HRPD Air Interface Signaling Consistency Test Specification
3GPP2 C.S0043-0 cdma200 Spread Spectrum System Signaling Consistency Test
Specification
ETSI TS 102 230 Smart Card; UICC-Terminal Interface; Physical, Electrical and
Logical Performance Test
3 Definitions and Acronyms
3.1 Definitions
The following definitions apply for this Standard.
Subscription Identification Management
The management process that the mobile terminal can check whether the user is
legitimate to take appropriate measures at any time.
Application
File groups or programs on the telecom smart card that are used to realize services.
Network Simulator
Simulators necessary for network system environment, such as WCDMA and GSM
network simulators.
File
Collection of information with logically full significance, which is identified with one
name;
File System
Collection of software that manages the mobile terminal software resources in the way of
software in OS, managed files and data structures;
User Authentication
Testing process on the validity of the user identity.
Authorization
Process to grant the user with appropriate permission based on predefined security policy
after user authentication.
Authorized User
User who can execute certain operation based on security strategy. It may correspond to
any defined role in this Standard based on varied operation practices.
Operation System
The most basic system software of mobile terminal, which controls and manages various
hardware and software resources of the mobile terminal and provides the interface for
application development;
Telecom Smart Card
Telecom Smart Card is a portable and tamper resistant device that is embedded with
microprocessor. It is used to store data (such as access code, user information, keys and so on)
and perform security –related operations, such as authentication and encryption. Telecom
smart cards are typically SIM card, USIM card and R-UIM card.
Cu Interface
Interface between TD-SCDMA/WCDMA terminal and USIM card.
KI
User authentication key used in the authentication algorithm.
3.2 Acronyms
The following acronyms apply to this Standard.
A-KEY Authentication key 鉴权密钥
20 27.20 SIM presence test
21 27.21 Advice of Charge (AoC)
SAT (SIM Application Toolbox) test is performed according to the limitations and
measurement methods defined in 3GPP TS 51.010-4 “MS Consistency Test Specification. Part IV
SIM Application Toolkit Consistency Test Specification”. For test item, see Table 4.
Table 4 Test Items of SAT
Sequence
Number
Corresponding
Chapter
Item Name
1 27.22.1 Initiation of SIM application toolkit, SIM application toolbox
activation ME (Profile download)
2 27.22.2 Contents of TERMINAL PROFILE Command
3 27.22.3 Services of Active SIM Command
4 27.22.4 Active SIM Command (31 commands)
5 27.22.5 Downloading data to SIM
6 27.22.6 SIM Call Control
7 27.22.7 Event Download (11 events)
8 27.22.8 MO SMS Controlled by USIM Card
For SAT, corresponding items shall be tested according to the terminal functions provided by
the manufacturer.
7.2 CMA Terminal UIM/MS Interface Test
CDMA terminal card interface test is performed according to the limitations and
measurement methods defined in YD/T1683-2007 Testing Methods for CDMA Digital Cellular
Mobile Communication Network ME-UIM Card Interface. For test item, see Table 5.
Table 5 Test Items of UIM/MS Interface
Sequence
Number
Corresponding
Chapter
Item Name
1 6.1 MS identification
2 6.2 UIM_ID/ESN_ME selection
3 6.3 Security-related commands
4 6.11 Handover protocol test
5 6.12 Directory valuing featu...
...
|