Home Cart Quotation About-Us
www.ChineseStandard.net
SEARCH

GB/T 20272-2019 PDF English

Q: Do you accept my currency other than USD?

Yes. https://www.ChineseStandard.us/products/GBT20272-2019 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds.

Q: How to buy and download a true PDF of English version of GB/T 20272-2019?

Answer: A step-by-step guide to download PDF of GB/T 20272-2019_English. Step 1: Visit website https://www.ChineseStandard.net (Pay in USD), or https://www.ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD). Step 2: Search keyword 'GB/T 20272-2019'. Step 3: Click 'Add to Cart'. If multiple PDFs are required, repeat steps 2 and 3 to add up to 12 PDFs to cart. Step 4: Select payment option (Via payment agents Stripe or PayPal). Step 5: Customize Tax Invoice -- Fill up your email etc. Step 6: Click 'Checkout'. Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment is completed and in 9 seconds, you will receive 2 emails attached with the purchased PDFs and PDF-invoice, respectively. Step 8: Optional -- Go to download PDF. Step 9: Optional -- Click Open/Download PDF to download PDFs and invoice. See screenshots for above steps: https://www.chinesestandard.net/Img/LDHowToStep1-3.jpg https://www.chinesestandard.net/Img/LDHowToStep4-6.jpg https://www.chinesestandard.net/Img/LDHowToStep7.jpg https://www.chinesestandard.net/Img/LDHowToStep8.jpg https://www.chinesestandard.net/Img/LDHowToStep9.jpg

US$350.00 · In stock · Download in 9 seconds
GB/T 20272-2019: Information security technology - Security technical requirements for operating system
Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure
Status: Valid

GB/T 20272: Historical versions

Standard ID	USD	BUY PDF	Delivery	Standard Title (Description)	Status
GB/T 20272-2019	350	Add to Cart	Auto, 9 seconds.	Information security technology - Security technical requirements for operating system	Valid
GB/T 20272-2006	150	Add to Cart	Auto, 9 seconds.	Information security technology -- Security techniques requirement for operating system	Obsolete

Similar standards

GB/T 20273 GB/T 20271 GB/T 20270 GB/T 20279

GB/T 20272-2019: Information security technology - Security technical requirements for operating system

---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GBT20272-2019
NATIONAL STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 Replacing GB/T 20272-2006 Information security technology - Security technical requirements for operating system Issued on. AUGUST 30, 2019 Implemented on. MARCH 01, 2020 Issued by. State Administration for Market Regulation; Standardization Administration of the PRC.

Foreword... 3 1 Scope... 5 2 Normative references... 5 3 Terms and definitions... 5 4 Abbreviations... 6 5 Product description... 6 6 Security technical requirements... 6 6.1 Class 1.user self-protection class... 6 6.1.1 Security function requirements... 6 6.1.2 Self-security requirements... 8 6.1.3 Security assurance requirements... 9 6.2 Class 2.system audit protection class... 13 6.2.1 Security function requirements... 13 6.2.2 Self-security requirements... 16 6.2.3 Security assurance requirements... 19 6.3 Class 3.security label protection class... 24 6.3.1 Security function requirements... 24 6.3.2 Self-security requirements... 29 6.3.3 Security assurance requirements... 33 6.4 Class 4.structured protection class... 39 6.4.1 Security function requirements... 39 6.4.2 Self-security requirements... 45 6.4.3 Security assurance requirements... 48 6.5 Class 5.access verification protection class... 55 6.5.1 Security function requirements... 55 6.5.2 Self-security requirements... 61 6.5.3 Security assurance requirements... 65 Appendix A (Informative) Table for classing of security technical requirements for operating system... 74 Bibliography... 75

1 Scope

This Standard specifies the security technical requirements for operating system of five security classes. This Standard applies to the research and development, testing, maintenance, and evaluation of security of operating system.

2 Normative references

The following documents are indispensable for the application of this document. For the dated references, only the editions with the dates indicated are applicable to this document. For the undated references, the latest edition (including all the amendments) are applicable to this document. GB 17859-1999 Classified criteria for security protection of computer information system GB/T 18336.3-2015 Information technology - Security techniques - Evaluation criteria for IT security - Part 3.Security assurance components GB/T 20271-2006 Information security technology - Common security techniques requirement for information system GB/T 29240-2012 Information security technology - General security technique requirements and testing and evaluation method for terminal computer

3 Terms and definitions

The terms and definitions defined in GB 17859-1999, GB/T 18336.3-2015, GB/T 20271-2006, and GB/T 29240-2012 and the following ones apply to this document. 3.1 Security of operating system The confidentiality, integrity, and availability of operating system itself and of the information it stores, transmits, and processes. 3.2 Security subsystem of operating system The general term for security protection devices in an operating system, including hardware, firmware, software, and a combination responsible for implementing security policies.

4 Abbreviations

The following abbreviations apply to this document. SSF. SSOOS Security Function SSOOS. Security Subsystem of Operating System UID. User Identifier

5 Product description

Resource management (including equipment hardware resources and data resources) is the most basic function of operating system. The security protection of resources in the operating system is implemented by SSOOS. SSOOS is a combination of all security protection devices in an operating system. SSOOS generally contains multiple SSFs. Each security function module is a concrete implementation of one or more security function policies. All security function policies in SSOOS form a security domain, to protect the

6 Security technical requirements

6.1 Class 1.user self-protection class 6.1.1 Security function requirements 6.1.1.1 Identity authentication The identity authentication functions of SSOOS are as follows. 6.1.1.2 Discretionary access control The discretionary access control functions of SSOOS are as follows. 6.1.1.3 Data integrity For user data transmitted internally the operating system (such as inter-process communication), there shall be a function of ensuring the integrity of user data. 6.1.1.4 Network security protection SUPPORT two-way network access control based on IP address, port, and physical interface. DISCARD packets which do not meet the pre-defined policy. 6.1.2 Self-security requirements 6.1.2.1 Operation security protection The operation security protection functions of SSF are as follows. 6.1.2.2 Resource utilization 6.1.2.2.1 Fault tolerance Certain measures shall be taken to ensure that the SSF can maintain normal operation when certain deterministic fault conditions occur in the system. 6.1.2.4 Security policy configuration Security policy configuration functions shall be provided for identity authentication, network security protection, resource utilization, and user login access control. 6.1.3 Security assurance requirements 6.1.3.1 Development 6.1.3.2 Guiding document 6.1.3.3 Life cycle support 6.1.3.4 Testing 6.1.3.4.1 Coverage The developer shall provide a testing coverage document. The evidence of the testing coverage shall indicate the correspondence between the testing in the testing document and the SSOOS interface in the functional specification description. 6.1.3.4.2 Functional testing Developers shall test SSF and self-security protection functions. The testing document shall include the following. 6.1.3.4.4 Cryptographic testing Developers shall test the correctness and compliance of the symmetric, asymmetric, and hash cryptographic algorithms used, to ensure that the actual operation results are consistent with the expected correct results. Developers shall ensure that symmetric, asymmetric, and hash cryptographic algorithms which comply with national cryptography-related regulations are used. 6.1.3.5 Vulnerability evaluation Based on the identified potential vulnerabilities, the operating system shall resist attacks by attackers with a basic attack potential. Note. The resisting to attacks by attackers with basic attack potential needs to be comprehensively considered based on the following 5 specific factors. attack time, attacker ability, level of understanding of the operating system, time of access to operating system or number of attack samples, attack equipment used. See GB/T 30270-2013 Appendix A, A.8. 6.2 Class 2.system audit protection class 6.2.1 Security function requirements 6.2.1.1 Identity authentication The identity authentication functions of SSOOS are as follows. 6.2.2 Self-security requirements 6.2.2.1 Operation security protection The operation security protection functions of SSF are as follows. 6.2.2.2 Resource utilization 6.2.2.2.1 Fault tolerance The fault tolerance functions of SSOOS are as follows. 6.2.2.2.2 Service priority The service priority functions of SSOOS are as follows. a) The service priority policy shall be adopted to set the subject to use the priority of a subset of resources within the SSF control scope to manage and allocate operating system resources; b) It shall be ensured that access to all operating system resources is based on the priority set by the subject. 6.2.2.2.3 Resource allocation The resource allocation functions of SSOOS are as follows. a) In accordance with the requirements of 5.1.4.2 a) maximum quota resource allocation in GB/T 20271-2006, it shall carry out the management and allocation of operating system resources. The quota mechanism ensures that users and subjects will not monopolize certain controlled resources. b) It shall be ensured that, when an authorized subject makes a request, resources can be accessed and utilized. c) It shall, based on each user or each user group, provide a mechanism, to control its consumption of disks and the use of resources such as CPU. 6.2.2.3 User login access control The user login access control functions of SSOOS are as follows. 6.2.2.4 Trusted measurement The trusted measurement functions of SSOOS are as follows. 6.2.2.5 Security policy configuration Security policy configuration functions shall be provided for identity authentication, security audit, network security protection, resource utilization, and user login access control. 6.2.3 Security assurance requirements 6.2.3.1 Development 6.3.2 Self-security requirements 6.3.2.1 Operation security protection The operation security protection functions of SSF are as follows. 6.3.2.2 Resource utilization 6.3.2.2.1 Fault tolerance The fault tolerance functions of SSOOS are as follows. 6.3.3 Security assurance requirements 6.3.3.1 Development 6.3.3.1.1 Security architecture The developer shall provide the security architecture description document of SSOOS. The security architecture description document shall meet the following requirements. 6.4 Class 4.structured protection class 6.4.1 Security function requirements 6.4.1.1 Identity authentication The identity authentication functions of SSOOS are as follows. 6.5.3.4 Testing 6.5.3.4.1 Coverage The developer shall provide a testing coverage document. The testing coverage document shall meet the following requirements. 6.5.3.4.3 Functional testing Developers shall test SSF and self-security protection functions. The testing document shall include the following. 6.5.3.4.4 Independent testing Developers shall provide a set of equivalent resources as they used in self-tests, for testing of SSOOS. 6.5.3.4.5 Cryptographic testing Developers shall test the correctness and compliance of the symmetric, asymmetric, and hash cryptographic algorithms used, to ensure that the actual operation results are consistent with the expected correct results. Developers shall ensure that symmetric, asymmetric, and hash cryptographic algorithms which comply with national cryptography-related regulations are used. 6.5.3.4.6 Code security testing The developer shall perform a security testing on the SSOOS implementation representation and the operating system kernel code, to confirm that there are no security flaws or backdoors in the code. 6.5.3.5 Vulnerability evaluation Developers shall assess the vulnerability of the operating system in the following ways. ......
Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al.

Image 1 Image 2 Image 3

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of English version of GB/T 20272-2019 be delivered?

Answer: The full copy PDF of English version of GB/T 20272-2019 can be downloaded in 9 seconds, and it will also be emailed to you in 9 seconds (double mechanisms to ensure the delivery reliably), with PDF-invoice.

Question 2: Can I share the purchased PDF of GB/T 20272-2019_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 20272-2019_English will be deemed to be sold to your employer/organization who actually paid for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. www.ChineseStandard.us -- GB/T 20272-2019 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds.

Question 5: Should I purchase the latest version GB/T 20272-2019?

Answer: Yes. Unless special scenarios such as technical constraints or academic study, you should always prioritize to purchase the latest version GB/T 20272-2019 even if the enforcement date is in future. Complying with the latest version means that, by default, it also complies with all the earlier versions, technically.

How to buy and download a true PDF of English version of GB/T 20272-2019?

A step-by-step guide to download PDF of GB/T 20272-2019_English

Step 1: Visit website https://www.ChineseStandard.net (Pay in USD), or https://www.ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD).
Step 2: Search keyword "GB/T 20272-2019".
Step 3: Click "Add to Cart". If multiple PDFs are required, repeat steps 2 and 3 to add up to 12 PDFs to cart.
Step 4: Select payment option (Via payment agents Stripe or PayPal).
Step 5: Customize Tax Invoice -- Fill up your email etc.
Step 6: Click "Checkout".
Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment is completed and in 9 seconds, you will receive 2 emails attached with the purchased PDFs and PDF-invoice, respectively.
Step 8: Optional -- Go to download PDF.
Step 9: Optional -- Click Open/Download PDF to download PDFs and invoice.
See screenshots for above steps: Steps 1~3 Steps 4~6 Step 7 Step 8 Step 9