GB/T 38660-2020 PDF EnglishUS$155.00 · In stock · Download in 9 seconds
GB/T 38660-2020: Identification System for Internet of Things - Security Mechanism for Ecode Identification System Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure Status: Valid
Similar standardsGB/T 38660-2020: Identification System for Internet of Things - Security Mechanism for Ecode Identification System---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GBT38660-2020 GB NATIONAL STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 A 24 Identification System for Internet of Things - Security Mechanism for Ecode Identification System ISSUED ON: MARCH 31, 2020 IMPLEMENTED ON: OCTOBER 1, 2020 Issued by: State Administration for Market Regulation; Standardization Administration of the People’s Republic of China. Table of ContentsForeword ... 3 1 Scope ... 4 2 Normative References ... 4 3 Terms and Definitions ... 4 4 Abbreviations ... 5 5 General Requirements for Security of Ecode Identification System ... 5 6 Security Requirements for Ecode Encoding Data ... 6 7 Identity Authentication and Authorization Requirements for Ecode Identification System ... 8 8 Access Control Requirements for Ecode Identification System... 9 9 Interaction Security Requirements for Ecode Identification System ... 10 10 Security Assessment Requirements for Ecode Identification System ... 10 11 Management Requirements for Ecode Identification System ... 12 Bibliography ... 13 Identification System for Internet of Things - Security Mechanism for Ecode Identification System1 ScopeThis Standard specifies the general requirements, encoding data security, authentication and authorization, access control, interaction security, security assessment and management requirements for Ecode identification system in the identification system for Internet of Things. This Standard is applicable to information security assurance in the construction and application of Ecode identification system in the identification system for Internet of Things.2 Normative ReferencesThe following documents are indispensable to the application of this document. In terms of references with a specified date, only versions with a specified date are applicable to this document. In terms of references without a specified date, the latest version (including all the modifications) is applicable to this document. GB/T 2887 General Specification for Computer Field GB/T 17963 Information Technology - Open Systems Interconnection - Network Layer Security Protocol GB/T 22239 Information Security Technology - Baseline for Classified Protection of Cybersecurity GB/T 25064 Information Security Technology - Public Key Infrastructure - Electronic Signature Formats Specification GB/T 31866 Identification System for Internet of Things - Entity Code3 Terms and DefinitionsWhat is defined in GB/T 31866, and the following terms and definitions are applicable to this document. 3.1 Security Mechanism for Ecode Identification System Security mechanism for Ecode identification system refers to a collection of assessment or certification of a nationally approved third-party institution. 5.3 Disaster Recovery Center The Ecode identification system disaster recovery center should select a location with good geological conditions. The disaster recovery center shall adopt remote disaster recovery and should not be in the same earthquake zone as the main center. 5.4 Security Audit Security audit shall include functions, such as: automatic response, data generation, audit analysis, review, event selection and event storage, etc. The audit log content shall include the time, type, subject identity and result of security event.6 Security Requirements for Ecode Encoding Data6.1 Ecode Encoding Data Storage The security of Ecode encoding data storage shall comply with the following requirements: a) The medium that stores Ecode encoding data shall be stable and reliable, and shall not be significantly affected by the physical conditions of the external environment; b) Mobile medium shall not be used to store or transfer Ecode encoding data; c) Technical processing shall be carried out on the medium, from which, Ecode encoding data has been deleted, so that the deleted data cannot be recovered; d) Authorization management shall be carried out on the storage medium entry and exit process, and corresponding records shall be retained. 6.2 Ecode Encoding Data Transmission The anti-interference, privacy, integrity and correctness of Ecode encoding data during the transmission process shall be guaranteed. See the specific requirements below: a) Necessary technical and management measures shall be taken to prevent interference of Ecode encoding data during the transmission. b) Necessary technical and management measures shall be taken to ensure the privacy of Ecode encoding data during the transmission. The network transmission of the Ecode identification system shall have the capability of preventing eavesdropping; security protocols, for example, HTTPS, should be adopted; digital certificates shall be installed. The security protection mechanism of the transmission protocol shall comply with the requirements established, which shall be respectively stored on media like disks, so as to facilitate data recovery when necessary; d) A regular transferred storage system of the Ecode database shall be established. In accordance with the Ecode encoding data transaction volume, the frequency of the transferred storage shall be determined. The strategy of real-time transferred storage should be adopted. 6.5 Ecode Identification System Sensitive Information Protection Necessary technical and management measures shall be taken to protect sensitive information of the Ecode identification system. See the specific requirements below: a) Sensitive information, such as: ID cards and business licenses, shall be stored and calculated in the Ecode identification system; data shall not be locally stored; b) The application and transferring process of sensitive information storage media shall be rigorously tracked and monitored, so as to prevent loss and information leakage; c) Without permission, the scope of data services must not be exceeded, and data must not be altered or transmitted. In addition, it is prohibited to display sensitive information in the Ecode identification system in plain text; d) Unified medium destruction tools shall be provided, which include, but are not limited to: physical destruction and degaussing equipment, so as to implement effective destruction of various media. 6.6 Ecode Encoding Verification Ecode encoding verification shall comply with the following requirements: a) In the Ecode encoding structure, the MD encoding method shall be complete and accurate; necessary verification mechanisms shall be adopted; b) Ecode encoding resolution system shall establish an Ecode encoding comparison and verification mechanism to compare and verify the resolved V, NSI and MD information with the original codewords in the database, so as to ensure the accuracy and consistency of the encoding. 7 Identity Authentication and Authorization Requirements for Ecode Identification System 7.1 Ecode Identification System Identity Authentication Management9 Interaction Security Requirements for EcodeIdentification System The consistency, integrity and non-repudiation of information during the interaction process shall be ensured. There shall be mechanisms to prevent attacks, such as: fraud, replay and counterfeiting, and ensure the privacy of data between the communicating parties.10 Security Assessment Requirements for EcodeIdentification System The security assessment of the Ecode identification system shall comply with the following requirements: a) A security assessment mechanism for the Ecode identification system shall be established; b) The security assessment mechanism shall be able to analyze the security risks of the Ecode identification system. Reasonable security function components shall be selected; a security profile of the Ecode identification system shall be established; c) An assessment method model library shall be established for the Ecode identification system. Appropriate models and methods may be adopted for the assessment, which include, but are not limited to: formalization, testing and expert assessment, etc.; d) In accordance with the security profile and corresponding assessment method of the Ecode identification system, the Ecode identification system information security protection and assessment specifications shall be formulated to guide the development, construction and application of the Ecode identification system; e) It shall be ensured that the protection level of the Ecode identification system complies with the requirements of GB/T 22239. A security assessment reference model of the Ecode identification system is shown in Figure 1, which includes the determination of security objectives, the formalization of security protection profiles, the decomposition of security function components and other assessment processes. The security objectives include four categories: the confidentiality, identifiability, controllability and availability of the Ecode identification system.11 Management Requirements for Ecode IdentificationSystem 11.1 Registration Approval Mechanism The Ecode identification system shall add a registration approval mechanism. When users are applying for codes online, they shall submit corresponding materials to be used in the internal approval process of the management institution. 11.2 Security Management 11.2.1 Daily security management In the Ecode identification system, the daily security management shall comply with the following requirements: a) Establish a security management system for the daily management activities; b) Designate or authorize specialized personnel to take charge of the formulation and assessment of the security management system; c) Publish the security management system to relevant personnel in various forms, such as: paper documents and electronic documents, etc. 11.2.2 Software maintenance management The software maintenance management of the Ecode identification system shall comply with the following requirements: a) Store source files of software products on the media, for example, disks; compile detailed catalogs for the long-term preservation; b) Make two copies of important software. One shall be archived as the master copy, and the other shall be used as a backup; c) It shall be ensured that the modification of relevant software of the Ecode identification system will not impair the security of the system. 11.3 Personnel Management The Ecode identification system shall establish necessary personnel recruitment, assessment, security education and training, and external personnel access management systems, so as to ensure that the system hardware, software and data are not altered, leaked or destroyed due to accidental and malicious reasons. ......Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al. Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of English version of GB/T 38660-2020 be delivered?Answer: The full copy PDF of English version of GB/T 38660-2020 can be downloaded in 9 seconds, and it will also be emailed to you in 9 seconds (double mechanisms to ensure the delivery reliably), with PDF-invoice.Question 2: Can I share the purchased PDF of GB/T 38660-2020_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 38660-2020_English will be deemed to be sold to your employer/organization who actually paid for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. www.ChineseStandard.us -- GB/T 38660-2020 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds.How to buy and download a true PDF of English version of GB/T 38660-2020?A step-by-step guide to download PDF of GB/T 38660-2020_EnglishStep 1: Visit website https://www.ChineseStandard.net (Pay in USD), or https://www.ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD).Step 2: Search keyword "GB/T 38660-2020". Step 3: Click "Add to Cart". If multiple PDFs are required, repeat steps 2 and 3 to add up to 12 PDFs to cart. Step 4: Select payment option (Via payment agents Stripe or PayPal). Step 5: Customize Tax Invoice -- Fill up your email etc. Step 6: Click "Checkout". Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment is completed and in 9 seconds, you will receive 2 emails attached with the purchased PDFs and PDF-invoice, respectively. Step 8: Optional -- Go to download PDF. Step 9: Optional -- Click Open/Download PDF to download PDFs and invoice. See screenshots for above steps: Steps 1~3 Steps 4~6 Step 7 Step 8 Step 9 |
