HOME Cart(2) Quotation About-Us Policy PDFs Standard-List
www.ChineseStandard.net Database: 189759 (19 Oct 2025)

GA/T 687-2007 English PDF

Standard ID	Contents [version]	USD	STEP2	[PDF] delivered in	Standard Title (Description)	Status	PDF
GA/T 687-2007	English	RFQ	ASK	10 days [Need to translate]	Information security technology--Technology requirements of public key infrastructure security	Obsolete	GA/T 687-2007

PDF similar to GA/T 687-2007

Standard similar to GA/T 687-2007

GB/T 37230 GB 13954 GA/T 671 GA/T 543.23 GA/T 686 GA/T 681

Basic data

Standard ID	GA/T 687-2007 (GA/T687-2007)
Description (Translated English)	Information security technology--Technology requirements of public key infrastructure security
Sector / Industry	Public Security (Police) Industry Standard (Recommended)
Classification of Chinese Standard	A90
Classification of International Standard	35.040
Word Count Estimation	71,737
Date of Issue	2007-03-20
Date of Implementation	2007-05-01
Quoted Standard	GB 17859-1999; GB/T 19713-2005; GB/T 20271-2006; GB/T 20518-2006
Issuing agency(ies)	Ministry of Public Security
Summary	This standard specifies the security requirements for different classes of PKI systems. This standard is applicable to the design and implementation of PKI system, and can be used for the research, development, testing and product purchasing of PKI system security function.

GA/T 687-2007: Information security technology--Technology requirements of public key infrastructure security

---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology - Technology requirements of public key infrastructure security ICS 35.040 A90 People's Republic of China Public Security Industry Standards Information Security Technology Public Key Infrastructure Security Technical Requirements Posted 2007-03-20 2007-05-01 implementation People's Republic of China Ministry of Public Security

Introduction Ⅴ Introduction Ⅵ 1 Scope 1 2 Normative references 1 3 Terms and definitions 4 Abbreviations 2 5 Security Level 2 technical requirements for protection 5.1 The first Level 2 5.1.1 Overview 2 5.1.2 Physical Security 2 5.1.3 Roles and Responsibilities 2 5.1.4 Access Control 3 5.1.5 identification and authentication 4 5.1.6 Data input and output 4 5.1.7 Key Management 4 5.1.8 contour Management 5 5.1.9 Certificate Management 6 5.1.10 Configuration Management 7 5.1.11 distribution and operation 7 5.1.12 Development 7 5.1.13 Guidance Document 8 5.1.14 Lifecycle Support 8 5.1.15 Test 8 5.2 The second stage 8 5.2.1 Overview 8 5.2.2 Physical Security 8 5.2.3 Roles and Responsibilities 8 5.2.4 Access Control 9 5.2.5 identification and authentication 10 5.2.6 Audit 11 5.2.7 Data input and output 12 5.2.8 Backup and Recovery 12 5.2.9 Key Management 13 5.2.10 Contour managed 14 5.2.11 Certificate Management 15 5.2.12 Configuration Management 16 5.2.13 distribution and operation 16 5.2.14 Development 16 5.2.15 guidance document 17 5.2.16 Lifecycle Support 17 5.2.17 Test 17 5.2.18 Vulnerability Assessment 17 5.3 The third stage 17 5.3.1 Overview 17 5.3.2 Physical Security 18 5.3.3 Roles and Responsibilities 18 5.3.4 Access Control 19 5.3.5 identification and authentication 20 5.3.6 Audit 21 5.3.7 Data input and output 23 5.3.8 Backup and Recovery 23 5.3.9 Key Management 24 5.3.10 Contour Management 27 5.3.11 Certificate Management 28 5.3.12 Configuration Management 29 5.3.13 distribution and operation 30 5.3.14 Development 31 5.3.15 guidance document 31 5.3.16 Lifecycle Support 32 5.3.17 Test 32 5.3.18 Vulnerability Assessment 32 5.4 The fourth stage 32 5.4.1 Overview 32 5.4.2 Physical Security 32 5.4.3 Roles and Responsibilities 33 5.4.4 Access Control 33 5.4.5 identification and authentication 35 5.4.6 Audit 36 5.4.7 Data input and output 38 5.4.8 Backup and Recovery 38 5.4.9 Key Management 39 5.4.10 Contour Management 43 5.4.11 Certificate Management 44 5.4.12 Configuration Management 45 5.4.13 distribution and operation 45 5.4.14 Development 46 5.4.15 guidance document 46 5.4.16 Lifecycle Support 47 5.4.17 Test 47 5.4.18 Vulnerability Assessment 47 5.5 Fifth level 48 5.5.1 Overview 48 5.5.2 Physical Security 48 5.5.3 Roles and Responsibilities 48 5.5.4 Access Control 49 5.5.5 identification and authentication 51 5.5.6 Audit 52 5.5.7 Data input and output 53 5.5.8 Backup and Recovery 54 5.5.9 Key Management 54 5.5.10 Contour Management 58 5.5.11 Certificate Management 59 5.5.12 Configuration Management 60 5.5.13 distribution and operation 61 5.5.14 Development 62 5.5.15 guidance document 62 5.5.16 Lifecycle Support 63 5.5.17 Test 63 5.5.18 Vulnerability Assessment 63 Appendix A (normative) Security Elements Required Level 64 division References 65

Foreword

Appendix A of this standard is a normative appendix. This standard was proposed by the Ministry of Public Security Public Information Network Security Supervision Bureau. This standard is under the jurisdiction of the Ministry of Public Security Information System Standardization Technical Committee. This standard was drafted. State Key Laboratory of Information Security, Graduate School of Chinese Academy of Sciences. The main drafters of this standard. FENG Deng, Zhang Fan, Zhang Liwu, road Xiaoming, Zhuang Yong.

Introduction

Public Key Infrastructure is a set of institutions, systems (hardware and software), staff, programs, policies and agreements as a whole, using the public key concepts and Technology to implement and provide security services, with a universal security infrastructure. PKI is a system through the issuance and management of public key certificates End-user mode for the system to provide services, including CA, RA, database and other basic logic components and key escrow, OCSP and other optional services Parts and rely on operating environment. "PKI security level protection system technical requirements" divided by five principles developed PKI system security level protection technology requirements, details Elaborate five clear PKI system security level should take safety technical requirements, and to ensure the safety of these technologies to achieve security Function to achieve its security should have taken measures to ensure that, the detailed description of the technical requirements, that is the main explanation for the realization Safety measures for the protection level of each element of assessment to be taken, as well as the technical safety requirements on different security implementation stage Differences. The first level is the lowest level, the fifth level is the highest level, with the level of increase, PKI system security level protection requirements with The increment. Content-based text font bold new level requirements section. Information Security Technology Public Key Infrastructure Security Technical Requirements

1 Scope

The five standard reference GB 17859-1999 security level of the division of the PKI system security protection of classification, Regulation Given the different levels of PKI systems require security technical requirements. This standard applies to the design and implementation of PKI systems PKI system for security features research, development, testing and product procurement can Referring use.

2 Normative references

The following documents contain provisions which, through reference in this standard and become the standard terms. For dated references, subsequent Amendments (not including errata content) or revisions do not apply to this standard, however, encourage the parties to the agreement are based on research Whether the latest versions of these documents. For undated reference documents, the latest versions apply to this standard. GB 17859-1999 computer information system security protection classification criterion GB/T 19713-2005 Information technology - Security techniques Public Key Infrastructure Online Certificate Status Protocol GB/T 20271-2006 Information security technology - Common security techniques requirement information system GB/T 20518-2006 Information security technology - Public key infrastructure - Digital certificate format

3 Terms and Definitions

The following terms and definitions apply to this standard. 3.1 Public Key Infrastructure Public Key Infrastructure is to support the system, provide identification, encryption, integrity and non-repudiation services. 3.2 PKI system is a system by way of issuing and managing public key certificates provide services to end-users, including CA, RA, databases, etc. The basic logic components and key escrow, OCSP and other optional services and components depend on operating environment. 3.3 Accurately specify a range of safety rules, including derived from this document Rules Rules and suppliers add. 3.4 Two or more entities are saved as part of the key, each part of the key is not valid plaintext key information should be leaked, and When these parts fit together in the encryption module can get all the information key, this method is called segmentation knowledge. 3.5 Used to implement split knowledge procedures. 3.6 Series to meet specific user requirements for a class of objects implemented independently assess security requirements.