| 
	
		
			| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |  
			| GB/T 25055-2010 | English | RFQ | ASK | 5 days [Need to translate] | Information security techniques -- Public key infrastructure security supporting platform framework | Obsolete | GB/T 25055-2010 |  
	 
       PDF similar to GB/T 25055-2010 
 Basic data             | Standard ID | GB/T 25055-2010 (GB/T25055-2010) |           | Description (Translated English) | Information security techniques -- Public key infrastructure security supporting platform framework |           | Sector / Industry | National Standard (Recommended) |           | Classification of Chinese Standard | L80 |           | Classification of International Standard | 35.040 |           | Word Count Estimation | 27,296 |           | Date of Issue | 2010-09-02 |           | Date of Implementation | 2011-02-01 |           | Quoted Standard | GB/T 19713-2005; GB/T 19714-2005; GB/T 20275-2006; GB/T 20281-2006; GB/T 20518-2006; GB/T 20519-2006; GB/T 20520-2006; GB/T 20984-2007; GB/T 21052-2007; GB/T 25056-2010; GB/T 25059-2010; RFC 1777; State Encryption Administration "digital certificate authentication system password protocol specification" August 13, 2007 the first bulletin No. 11 |           | Regulation (derived from) | Announcement of Newly Approved National Standards No. 4 of 2010 (total 159) |           | Issuing agency(ies) | General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China |           | Summary | This standard specifies the security based on public key infrastructure support platform technology framework, This standard applies to network information system security support platform design, construction, testing, operation and management, network information systems and business applications to provide Unified letter of software and hardware security support services, as well as the standard security product manufacturers also offer products and technologies as well as standardized reference standard positioning, guidance on safety security product manufacturers in the design and construction support platform to improve the safety of products credibility and mutual summarized as sexual objects, specific security support platform for the construction, according to the specific business needs and circumstances for flexible configuration, | GB/T 25055-2010: Information security techniques -- Public key infrastructure security supporting platform framework---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
 Information security techniques.Public key infrastructure security supporting platform framework
ICS 35.040
L80
National Standards of People's Republic of China
Information Security Technology
Public Key Infrastructure security support platform technology framework
Issued on. 2010-09-02
2011-02-01 implementation
Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China
Standardization Administration of China released
 Table of ContentsIntroduction Ⅲ
Introduction Ⅳ
1 Scope 1
2 Normative references 1
3 Terms and definitions
4 Abbreviations 3
5 Overview 4
5.1 security application system support platform with security association 4
5.2 security platform support structure 4
5.3 security features supporting platform 4
6 certificate authentication system 5
6.1 Certification System 5
6.2 Logical Structure 5
6.3 CA 5
6.4 Registration Authority RA 6
Directory Services 6.5 Certificate System 7
7 Key Management System KMS 8
7.1 General Description 8
7.2 System components 9
9 7.3 Functional requirements
7.4 Performance Requirements 10
7.5 Interface Requirements 10
8 specific permissions management infrastructure PMI 10
8.1 General Description 10
8.2 System components 10
8.3 Functional requirements 11
8.4 Performance Requirements 12
8.5 Interface Requirements 12
9 Cryptographic Service System 12
9.1 General Description 12
9.2 System components 12
9.3 Functional requirements 12
9.4 Performance Requirements 13
9.5 Interface Requirements 13
10 Trusted time stamp service system 13
10.1 General Description 13
13 10.2 System components
10.3 Functional requirements 13
10.4 Performance Requirements 13
14 10.5 Interface Requirements
11 failover and disaster recovery system 14
11.1 General Description 14
11.2 Recovery 14
11.3 Disaster Recovery 14
11.4 Disaster Recovery Level 15
12 15 Security Audit System
15 12.1 System components
12.2 Functional requirements 15
12.3 Performance Requirements 15
13 15 Liability Identification System
13.1 General Description 15
15 13.2 System components
13.3 Functional requirements 16
13.4 Performance Requirements 16
14 basic security protection system 16
16 14.1 Network Security
17 14.2 Physical Security
17 14.3 System Security
15 17 Safety Management System
15.1 Functional requirements 17
15.2 setting mechanism 17
Relations Annex A (informative) security support platform and application security system 19
Annex B (informative) certificate authentication system hierarchical logic structure 20
Annex C (informative) Key Management System composition structure 21
References 22ForewordThis standard Annex A, Annex B and Annex C is informative appendix.
This standard by the National Safety Standardization Technical Committee (SAC/TC260) and focal points.
Drafting of this standard. Shanghai Engineering Research Center for Information Security, National Information Security Engineering Research Center.
The main drafters of this standard. Yuan Wengong, Liu Ping, HE Da, Guo Lei, Feng Yuan, Hong Huanjian.IntroductionThe rapid development of information technology, so that the support platform to build secure information systems has become an important national security issues need to be resolved in the construction.
This standard presents a support platform-based security technology framework PKI technology framework provides for common technical standard to be followed by each subsystem
Registration for our information security infrastructure, providing common security with technical support for the security needs of the application system. Security support platform
Password-based technology to provide unified information system, common network trust services, information security services, network security service
Service, password and key support services to meet the information systems network communications entity authenticity, confidentiality, integrity, non-repudiation and other security
Security needs.
Information security standards and national standards GB present China has developed/T 20518-2006, GB/T 19714-2005 and
GB/T 25056-2010 and other standards closely, to better regulate the construction of China's information security infrastructure security support platform, and more
Good information security infrastructure to solve interoperability problems and further promote the development of information technology and the national economy in China.
In the standard implementation process, involving public-key cryptography infrastructure applications and related technology systems interface technology and encryption technology with
When the body of the application should be performed in accordance with the State Password Administration issued relevant regulations and relevant technical specifications.
Implementation and operation covered by this standard shall comply with digital signature system "People's Republic of China Electronic Signature Law."
Information Security Technology
Public Key Infrastructure security support platform technology framework1 ScopeThis standard specifies the technical framework based on public key infrastructure security support platform.
This standard applies to network information security system design supporting platform, construction, testing, operation and management, information systems and industry network
Service applications provide a unified trusted software and hardware security support services. Meanwhile, the standard also provides products and technology for the security products manufacturer
Standard mapping techniques and standardized reference guide security products manufacturer for the design and construction of security support platform to improve product safety
Credibility and interoperability. For the construction of specific security support platform and can be flexibly configured according to specific business needs and circumstances.2 Normative referencesThe following documents contain provisions which, through reference in this standard and become the standard terms. For dated references, subsequent
Amendments (not including errata content) or revisions do not apply to this standard. However, according to research encourages the parties to the agreement
Study whether the latest versions of these documents. For undated reference documents, the latest versions apply to this standard.
GB/T 19713-2005 Information technology - Security techniques Public Key Infrastructure Online Certificate Status Protocol
GB/T 19714-2005 Information technology - Security techniques Public Key Infrastructure Certificate Management Protocol
GB/T 20275-2006 Information technology security intrusion detection system technical requirements and test evaluation methods
GB/T 20281-2006 Information security technology firewall technology requirements and testing and evaluation approaches
GB/T 20518-2006 Information security technology - Public key infrastructure - Digital certificate format
GB/T 20519-2006 Information security technology - Public key infrastructure specific permission Manager Technical Specification
GB/T 20520-2006 Information security technology - Public key infrastructure timestamp Specification
GB/T 20984-2007 Information Security techniques - Information security risk assessment specification
GB/T 20988-2007 Information security technology information system disaster recovery norms
GB/T 21052-2007 Information security technology - Physical Security Information System Technical Requirements
GB/T 25056-2010 Information technology security certificate authentication system password security and related technical specifications
GB/T 25059-2010 Information security technology - Public Key Infrastructure Online Certificate Status Protocol summary
RFC1777 LDAP Lightweight Directory Access Protocol
State Encryption Administration "digital certificate authentication system cryptographic protocol specification," Bulletin No. 11, 2007 August 133 Terms and DefinitionsThe following terms and definitions apply to this standard.
3.1
Attribute Authority AttributeAuthority
To assign privileges by issuing attribute certificates certificate authority.
3.2
Attribute Certificate attributecertificate
Attribute Authority digitally signed data structure, the holder of identity with some attribute value binding.
3.3
Property Registration Authority AttributeRegistrationAuthority
Examination of an application for registration mechanism attribute certificates, also known as the property registration authority.
 
 |