GB 42250-2022 PDF EnglishUS$170.00 · In stock · Download in 9 seconds
GB 42250-2022: Information security technology - Security technical requirements of specialized cybersecurity products Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure Status: Valid
Similar standardsGB 42250-2022: Information security technology - Security technical requirements of specialized cybersecurity products---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GB42250-2022 GB NATIONAL STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 CCS L 80 Information security technology - Security technical requirements of specialized cybersecurity products Issued on. DECEMBER 29, 2022 Implemented on. JULY 01, 2023 Issued by. State Administration for Market Regulation; Standardization Administration of the People's Republic of China. Table of ContentsForeword... 3 Introduction... 4 1 Scope... 5 2 Normative references... 5 3 Terms and definitions... 5 4 Security functional requirements... 6 4.1 Access control... 6 4.2 Intrusion prevention... 7 4.3 Security audit... 7 4.4 Malicious program prevention... 7 5 Own security requirements... 8 5.1 Identification and authentication... 8 5.2 Own access control... 8 5.3 Own security audit... 8 5.4 Communication security... 8 5.5 Support system security... 9 5.6 Product upgrade... 9 5.7 User information security... 9 5.8 Password requirements... 10 6 Security requirements... 10 6.1 Supply chain security... 10 6.2 Design and development... 10 6.3 Production and delivery... 11 6.4 Operation and maintenance service guarantee... 11 6.5 User information protection... 12 Bibliography... 13ForewordThis document was drafted in accordance with the rules given in GB/T 1.1-2020 "Directives for standardization - Part 1.Rules for the structure and drafting of standardizing documents". Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. The issuing authority shall not be held responsible for identifying any or all such patent rights. This document was proposed by and shall be under the jurisdiction of Ministry of Public Security of the People's Republic of China.IntroductionThis document is formulated to implement Article 23 of the Cybersecurity Law of the People's Republic of China. Specialized cybersecurity products are developed, produced, serviced and tested in accordance with the security technical requirements of this document and other technical specifications stipulated by relevant national authorities. This document is the baseline requirement that all specialized cybersecurity products and their providers need to meet. Information security technology - Security technical requirements of specialized cybersecurity products1 ScopeThis document stipulates the security function requirements, own security requirements and security assurance requirements of specialized cybersecurity products. This document is applicable to the research and development, production, service, and testing of specialized cybersecurity products sold or provided.2 Normative referencesThe following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. GB/T 25069, Information security techniques -- Terminology3 Terms and definitionsFor the purposes of this document, the terms and definitions defined in GB/T 25069 as well as the followings apply. 3.1 specialized cybersecurity products Specialized hardware and software products used to secure networks. 3.2 specialized cybersecurity products provider Developers, producers or maintenance service providers of specialized cybersecurity products. 3.3 security domain A collection of assets and resources subject to a common security policy. 3.4 personal information Various information related to identified or identifiable natural persons recorded electronically, excluding anonymized information. 3.5 user information Electronically recorded information generated, collected, stored, transmitted, and processed by individuals, legal persons, or other organizations during the installation and use of specialized cybersecurity products. 3.6 malicious program Programs with network attack functions such as destroying networks and information systems, interfering with the normal use of networks and information systems, stealing or maliciously encrypting network and system data.4 Security functional requirements4.1 Access control Specialized cybersecurity products with access control functions should have the following functions. 4.2 Intrusion prevention Specialized cybersecurity products with intrusion prevention functions should have the following functions. 4.3 Security audit Specialized cybersecurity products with security audit functions should have the following functions. 4.4 Malicious program prevention Specialized cybersecurity products with malicious program prevention functions should have the following functions.5 Own security requirements5.1 Identification and authentication Specialized cybersecurity products should have the following functions. 5.2 Own access control Specialized cybersecurity products should have the following functions. 5.3 Own security audit Specialized cybersecurity products should have the following functions. 5.4 Communication security Specialized cybersecurity products should provide security measures to ensure the confidentiality and integrity of product remote management network communication data. 5.5 Support system security Specialized cybersecurity products should not contain disclosed medium- and high-risk vulnerabilities. 5.6 Product upgrade Specialized cybersecurity products should have the following functions. 5.7 User information security Specialized cybersecurity products should have the following functions. 5.8 Password requirements Any content related to the use and management of passwords in this document shall be in accordance with relevant standards.6 Security requirements6.1 Supply chain security Specialized cybersecurity products provider should meet the following security assurance requirements. 6.2 Design and development Specialized cybersecurity products provider should meet the following security assurance requirements. 6.3 Production and delivery Specialized cybersecurity products provider should meet the following security requirements. 6.4 Operation and maintenance service guarantee Specialized cybersecurity products provider should meet the following security assurance requirements. 6.5 User information protection Specialized cybersecurity products provider should meet the following security assurance requirements. ......Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al. Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of English version of GB 42250-2022 be delivered?Answer: The full copy PDF of English version of GB 42250-2022 can be downloaded in 9 seconds, and it will also be emailed to you in 9 seconds (double mechanisms to ensure the delivery reliably), with PDF-invoice.Question 2: Can I share the purchased PDF of GB 42250-2022_English with my colleagues?Answer: Yes. The purchased PDF of GB 42250-2022_English will be deemed to be sold to your employer/organization who actually paid for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. www.ChineseStandard.us -- GB 42250-2022 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds.How to buy and download a true PDF of English version of GB 42250-2022?A step-by-step guide to download PDF of GB 42250-2022_EnglishStep 1: Visit website https://www.ChineseStandard.net (Pay in USD), or https://www.ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD).Step 2: Search keyword "GB 42250-2022". Step 3: Click "Add to Cart". If multiple PDFs are required, repeat steps 2 and 3 to add up to 12 PDFs to cart. Step 4: Select payment option (Via payment agents Stripe or PayPal). Step 5: Customize Tax Invoice -- Fill up your email etc. Step 6: Click "Checkout". Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment is completed and in 9 seconds, you will receive 2 emails attached with the purchased PDFs and PDF-invoice, respectively. Step 8: Optional -- Go to download PDF. Step 9: Optional -- Click Open/Download PDF to download PDFs and invoice. See screenshots for above steps: Steps 1~3 Steps 4~6 Step 7 Step 8 Step 9 |
