Search result: GB/T 42564-2023
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 42564-2023 | English | 499 |
Add to Cart
|
4 days [Need to translate]
|
Information security technology - Security technical requirements for edge computing
| Valid |
GB/T 42564-2023
|
| Standard ID | GB/T 42564-2023 (GB/T42564-2023) | | Description (Translated English) | Information security technology -- Security technical requirements for edge computing | | Sector / Industry | National Standard (Recommended) | | Classification of Chinese Standard | L80 | | Classification of International Standard | 35.030 | | Word Count Estimation | 24,275 | | Date of Issue | 2023-05-23 | | Date of Implementation | 2023-12-01 | | Issuing agency(ies) | State Administration for Market Regulation, National Standardization Management Committee |
GB/T 42564-2023: Information Security Technology Edge Computing Security Technical Requirements
ICS 35:030
CCSL80
National Standards of People's Republic of China
Information Security Technology Edge Computing Security Technical Requirements
Released on 2023-05-23
2023-12-01 implementation
State Administration for Market Regulation
Released by the National Standardization Management Committee
table of contents
Preface III
1 Range 1
2 Normative references 1
3 Terms and Definitions 1
4 Abbreviations 2
5 Overview 3
5:1 Reference Architecture 3
5:2 Security Responsibilities of Related Parties 3
5:3 Major Security Risks 3
5:4 Safety Protection Scope 4
6 Edge Computing Security Requirements 4
6:1 Edge Computing Security Framework 4
6:2 Infrastructure Security Requirements 5
6:3 Network Security Requirements 6
6:4 Application Security Requirements 7
6:5 Data Security Requirements 8
6:6 Safe operation and maintenance requirements 9
6:7 Safety Support Requirements 10
6:8 End-Edge Collaboration Security Requirements 11
6:9 Security Requirements for Cloud-Edge Collaboration 11
Appendix A (Informative) Typical Application Scenarios of Edge Computing 13
Appendix B (Informative) Edge Computing Security Risk Factors 16
Appendix C (Informative) Table 18 Correspondence between Edge Computing Related Parties and Security Technical Requirements
Reference 20
foreword
This document is in accordance with the provisions of GB/T 1:1-2020 "Guidelines for Standardization Work Part 1: Structure and Drafting Rules for Standardization Documents"
drafting:
Please note that some contents of this document may refer to patents: The issuing agency of this document assumes no responsibility for identifying patents:
This document is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260):
This document is drafted by: China Mobile (Hangzhou) Information Technology Co:, Ltd:, China Mobile Communications Group Co:, Ltd:, China Electronics Technical Standards
Chemical Research Institute, National Computer Network Emergency Coordination Center, the Third Research Institute of the Ministry of Public Security, National Industrial Information Security Development Research Center
Xin, China Power Great Wall Internet System Application Co:, Ltd:, Huawei Technologies Co:, Ltd:, Tencent Cloud Computing (Beijing) Co:, Ltd:, Sangfor Technology
Co:, Ltd:, Lenovo (Beijing) Co:, Ltd:, Hisense Group Holdings Co:, Ltd:, AsiaInfo Security Technology Co:, Ltd:, Beijing Baidu
Duwangxun Technology Co:, Ltd:, H3C Technology Co:, Ltd:, Alibaba Cloud Computing Co:, Ltd:, Inspur Electronic Information Industry Co:, Ltd:, Beijing
Beijing University of Science and Technology, Beijing Shanshi Network Information Technology Co:, Ltd:, Hangzhou Hikvision Digital Technology Co:, Ltd:, Beijing Tianrongxin Network
Security Technology Co:, Ltd:, Datang Microelectronics Technology Co:, Ltd:, Hangzhou Anheng Information Technology Co:, Ltd:, Venustech Information Technology Group
Group Co:, Ltd:, Zhijiang Laboratory, Institute of Information Engineering, Chinese Academy of Sciences, China Electronics Technology Network Information Security Co:, Ltd:, Beijing
Shenzhou NSFOCUS Technology Co:, Ltd:, Shanghai 30Guard Information Security Co:, Ltd:, State Grid Xinjiang Electric Power Co:, Ltd: Electric Power Research Institute, Shenzhen
Shenzhen Yuanlian Technology Co:, Ltd:, Guangdong Telecom Planning and Design Institute Co:, Ltd:, Beijing Eye Technology Co:, Ltd:, Beijing Digital Certification Co:, Ltd:
Co:, Ltd:, Zhengzhou Xinda Jiean Information Technology Co:, Ltd:, Guangzhou University, China Automotive Engineering Research Institute Co:, Ltd:, Shanghai Guanan
Information Technology Co:, Ltd:, Shenzhen Hailiang Technology Co:, Ltd:, Hengan Jiaxin (Beijing) Technology Co:, Ltd:, Fei Nuo Menzhen (Beijing) Branch
Technology Co:, Ltd:, Rockwell Automation (China) Co:, Ltd:, Rockwell Technology Group Co:, Ltd:, Chengdu Weston Information Industry
Co:, Ltd:, Shanghai Yitu Network Technology Co:, Ltd:, Schneider Electric (China) Co:, Ltd:, Hangzhou Xieyun Technology Co:, Ltd:
The main drafters of this document: Lu Xiaoming, Qiu Qin, Wang Chenguang, Zhang Jinwei, Lu Qing, Zhixulong, Sun Yan, Wang Wenlei, Zhang Yan, Sun Yan, Min Jinghua,
Yan Minrui, Wang Yongxia, Zi Ran, Huang Jiandong, Gao Xuesong, Xue Hui, Wu Yuesheng, Wan Xiaolan, Li Xiaocheng, Song Guixiang, Lin Fuhong, Ren Liang, Zhou Shaopeng,
Wang Yan, Wang Yong, Li Jianfeng, Bi Qinbo, Li Zhenting, Liu Yuling, Bi Min, Yin Yawei, Ganlu, Shu Fei, Ye Sihai, Lu Weizhou, Shang Ke, Wang Xinhua,
Liang Songtao, Xu Guangxia, Quan Daiyong, Xie Jiang, Guo Jianfeng, Xu Xinbai, Ge Qiang, Peng Xiaobo, Li Wei, Zhang Wenke, Liu Yiheng, Yan Xinhua, Wang Aoyu,
Wu Junyi, Huang Yiming, Zhang Jihu, Wang Xiaoming:
Information Security Technology Edge Computing Security Technical Requirements
1 Scope
This document specifies the edge computing security framework and the infrastructure security, network security, application security, data security,
Technical requirements for security operation and maintenance, security support, device-edge collaboration security, and cloud-edge collaboration security:
This document is applicable to guide edge computing providers and edge computing developers to carry out research and development, testing, deployment and operation of edge computing:
2 Normative references
The contents of the following documents constitute the essential provisions of this document through normative references in the text: Among them, dated references
For documents, only the version corresponding to the date is applicable to this document; for undated reference documents, the latest version (including all amendments) is applicable to
this document:
GB/T 20271-2006 Information Security Technology Information System General Security Technical Requirements
GB/T 22239-2019 Basic Requirements for Network Security Level Protection of Information Security Technology
GB/T 25069 Information Security Technical Terms
GB/T 30276-2020 Information Security Technology Network Security Vulnerability Management Specification
GB/T 35273-2020 Personal Information Security Specifications for Information Security Technology
GB/T 35293-2017 General requirements for information technology cloud computing virtual machine management
GB/T 37092-2018 Security requirements for cryptographic modules of information security technology
GB/T 37988-2019 Information Security Technology Data Security Capability Maturity Model
GB/T 38626-2020 Guidelines for Password Protection of Information Security Technology Intelligent Networking Devices
GB/T 39786-2021 Basic Requirements for Cryptography Application in Information Security Technology Information System
GB/T 41479-2022 Information Security Technology Network Data Processing Security Requirements
3 Terms and Definitions
GB/T 20271-2006, GB/T 25069, GB/T 35273-2020 and the following terms and definitions apply to this document:
3:1
edge edge
The boundary between related digital and physical entities, formed by networked sensors and actuators:
[Source: ISO /IEC TR23188:2019, 3:1:2]
3:2
edge computing edgecomputing
A form of distributed computing with data processing and storage at or near the edge:
[Source: ISO /IEC TR23188:2019, 3:1:3, with modifications]
3:3
edge computing node edgecomputingnode
An entity that provides storage, computing, networking, and other resources at or near the edge:
......
|