1 Scope
This standard specifies the requirements of every security grade for the security technology required for information system security according to the classification of five security protection grades in GB 17859-1999.
This standard is applicable to the design and realization of security information system according to the graded requirements and serves for reference for the test and management of the information system security implemented according to graded requirements.
2 Normative References
The following normative documents contain provisions which, through reference in this text, constitute provisions of this standard. For dated references, subsequent amendments to (excluding amending errors in the text), or revisions of, any of these publications do not apply. However, all parties coming to an agreement according to this standard are encouraged to study whether the latest edition of the normative document is applicable. For undated references, the latest edition of the normative document applies.
GB 17859-1999 Classified Criteria for Security Protection of Computer Information System
GBJ 45-1982 Specifications for the Design of Highrise Civil Buildings (Trial) - Fire Prevention
TJ 16-1974 Code for Design of Building Fire Protection
3 Terms, Definitions and Abbreviations
3.1 Terms and Definitions
For the purposes of this standard, the terms and definitions specified in GB 17859-1999 and those listed below apply.
3.1.1
Security of information system
The representation of confidentiality, integrity and availability of information system and the information stored, transported and processed by it.
3.1.2
Common security technology of information system
The security technology generally applicable for realizing various types of security of information system.
3.1.3
Security subsystem of information system
A generic term for security protection devices in information system, including hardware, firmware, software and combined entity responsible for implementing security policy. It establishes a basic security protection environment for information system, and provides additional user service required for security information system.
Note: according to the definition of TCB (trusted computing base) in GB 17859-1999, SSOIS (security subsystem of information system) is TCB of information system.
3.1.4
Security element
The composition of security contents contained in technical requirements of security function and security assurance in this standard.
3.1.5
Security function policy
The security policy adopted to realize the function required for SSOIS security element.
3.1.6
Security function
Foreword I
Introduction II
1 Scope
2 Normative References
3 Terms, Definitions and Abbreviations
3.1 Terms and Definitions
3.2 Abbreviations
4 Technical Requirements for Security Function
4.1 Physical Security
4.1.1 Environmental Security
4.1.2 Equipment Security
4.1.3 Record Medium Security
4.2 Operation Security
4.2.1 Risk Analysis
4.2.2 Test and Analysis of Information System Security
4.2.3 Information System Security Monitoring
4.2.4 Security Audit
4.2.5 Security Protection for Information System Boundary
4.2.6 Backup and Fault Recovery
4.2.7 Malicious Code Protection
4.2.8 Emergency Treatment of Information System
4.2.9 Trusted Computing and Trusted Connecting Technology
4.3 Data Security
4.3.1 Identity Authentication
4.3.2 Non-repudiation
4.3.3 Discretionary Access Control
4.3.4 Label
4.3.5 Mandatory Access Control
4.3.6 Integrity Protection for User Data
4.3.7 Confidentiality Protection for User Data
4.3.8 Data Flow Control
4.3.9 Trusted Path
4.3.10 Password Support
5 Technical Requirements of Security Assurance
5.1 SSOIS Self-security Protection
5.1.1 SSF Physical Security Protection
5.1.2 SSF Operation Security Protection
5.1.3 SSF Data Security Protection
5.1.4 SSOIS Resources Utilization
5.1.5 SSOIS Access Control
5.2 SSOIS Design and Realization
5.2.1 Configuration Management
5.2.2 Distribution and Operation
5.2.3 Development
5.2.4 Document Requirements
5.2.5 Life Cycle Support
5.2.6 Test
5.2.7 Vulnerability Assessment
5.3 SSOIS Security Management
5.3.1 SSF Function Management
5.3.2 Security Attribute Management
5.3.3 SSF Data Management
5.3.4 Definition and Management of Security Role
5.3.5 Centralized Management of SSOIS Security Mechanism
6 Graded Requirements for Security Technology of Information System
6.1 Grade 1: the User's Discretionary Protection Grade
6.1.1 Physical Security
6.1.2 Operation Security
6.1.3 Data Security
6.1.4 SSOIS Self-security Protection
6.1.5 SSOIS Design and Realization
6.1.6 SSOIS Security Management
6.2 Grade 2: System Audit Protection Grade
6.2.1 Physical Security
6.2.2 Operation Security
6.2.3 Data Security
6.2.4 SSOIS Self-security Protection
6.2.5 SSOIS Design and Realization
6.2.6 SSOIS Security Management
6.3 Grade 3: Security Label Protection Grade
6.3.1 Physical Security
6.3.2 Operation Security
6.3.3 Data Security
6.3.4 SSOIS Self-security Protection
6.3.5 SSOIS Design and Realization
6.3.6 SSOIS Security Management
6.4 Level 4: Structured Protection Grade
6.4.1 Physical Security
6.4.2 Operation Security
6.4.3 Data Security
6.4.4 SSOIS Self-security Protection
6.4.5 SSOIS Design and Realization
6.4.6 SSOIS Security Management
6.5 Level 5: Access Verification Protection Grade
6.5.1 Physical Security
6.5.2 Operation Security
6.5.3 Data Security
6.5.4 SSOIS Self-security Protection
6.5.5 SSOIS Design and Realization
6.5.6 SSOIS Security Management
Appendix A (Informative) Explanation of Standard Concept
A.1 Compositions and Interrelationship
A.2 About Classification of Security Protection Grade
A.3 About Subject and Object
A.4 About SSOIS, SSF, SSP, SFP and their Interrelationship
A.5 About Encryption Technology
A.6 About Information Security Technology Grade and Information System Security Grade
Appendix B (Informative) Security Design Reference of Graded Information System
B.1 Security Demand and Graded Protection
B.1.1 Basic Method for Determining Security Demand
B.1.2 Basic Idea of Graded Protection
B.1.3 Assumption for Classification of Security Protection Grade
B.1.4 Principle and Method for Classification and Determination of Security Protection Grade
B.2 Overview of the Security Design of Information System
B.2.1 Overall Explanation for the Security Design of Information System
B.2.2 Composition and Interrelationship of Information System Security
B.2.3 Security Design of Graded Information System
Appendix C (Informative) The Corresponding Relationship between the Elements and Graded Requirements of Security Technology
Bibliography
1 Scope
This standard specifies the requirements of every security grade for the security technology required for information system security according to the classification of five security protection grades in GB 17859-1999.
This standard is applicable to the design and realization of security information system according to the graded requirements and serves for reference for the test and management of the information system security implemented according to graded requirements.
2 Normative References
The following normative documents contain provisions which, through reference in this text, constitute provisions of this standard. For dated references, subsequent amendments to (excluding amending errors in the text), or revisions of, any of these publications do not apply. However, all parties coming to an agreement according to this standard are encouraged to study whether the latest edition of the normative document is applicable. For undated references, the latest edition of the normative document applies.
GB 17859-1999 Classified Criteria for Security Protection of Computer Information System
GBJ 45-1982 Specifications for the Design of Highrise Civil Buildings (Trial) - Fire Prevention
TJ 16-1974 Code for Design of Building Fire Protection
3 Terms, Definitions and Abbreviations
3.1 Terms and Definitions
For the purposes of this standard, the terms and definitions specified in GB 17859-1999 and those listed below apply.
3.1.1
Security of information system
The representation of confidentiality, integrity and availability of information system and the information stored, transported and processed by it.
3.1.2
Common security technology of information system
The security technology generally applicable for realizing various types of security of information system.
3.1.3
Security subsystem of information system
A generic term for security protection devices in information system, including hardware, firmware, software and combined entity responsible for implementing security policy. It establishes a basic security protection environment for information system, and provides additional user service required for security information system.
Note: according to the definition of TCB (trusted computing base) in GB 17859-1999, SSOIS (security subsystem of information system) is TCB of information system.
3.1.4
Security element
The composition of security contents contained in technical requirements of security function and security assurance in this standard.
3.1.5
Security function policy
The security policy adopted to realize the function required for SSOIS security element.
3.1.6
Security function
Contents of GB/T 20271-2006
Foreword I
Introduction II
1 Scope
2 Normative References
3 Terms, Definitions and Abbreviations
3.1 Terms and Definitions
3.2 Abbreviations
4 Technical Requirements for Security Function
4.1 Physical Security
4.1.1 Environmental Security
4.1.2 Equipment Security
4.1.3 Record Medium Security
4.2 Operation Security
4.2.1 Risk Analysis
4.2.2 Test and Analysis of Information System Security
4.2.3 Information System Security Monitoring
4.2.4 Security Audit
4.2.5 Security Protection for Information System Boundary
4.2.6 Backup and Fault Recovery
4.2.7 Malicious Code Protection
4.2.8 Emergency Treatment of Information System
4.2.9 Trusted Computing and Trusted Connecting Technology
4.3 Data Security
4.3.1 Identity Authentication
4.3.2 Non-repudiation
4.3.3 Discretionary Access Control
4.3.4 Label
4.3.5 Mandatory Access Control
4.3.6 Integrity Protection for User Data
4.3.7 Confidentiality Protection for User Data
4.3.8 Data Flow Control
4.3.9 Trusted Path
4.3.10 Password Support
5 Technical Requirements of Security Assurance
5.1 SSOIS Self-security Protection
5.1.1 SSF Physical Security Protection
5.1.2 SSF Operation Security Protection
5.1.3 SSF Data Security Protection
5.1.4 SSOIS Resources Utilization
5.1.5 SSOIS Access Control
5.2 SSOIS Design and Realization
5.2.1 Configuration Management
5.2.2 Distribution and Operation
5.2.3 Development
5.2.4 Document Requirements
5.2.5 Life Cycle Support
5.2.6 Test
5.2.7 Vulnerability Assessment
5.3 SSOIS Security Management
5.3.1 SSF Function Management
5.3.2 Security Attribute Management
5.3.3 SSF Data Management
5.3.4 Definition and Management of Security Role
5.3.5 Centralized Management of SSOIS Security Mechanism
6 Graded Requirements for Security Technology of Information System
6.1 Grade 1: the User's Discretionary Protection Grade
6.1.1 Physical Security
6.1.2 Operation Security
6.1.3 Data Security
6.1.4 SSOIS Self-security Protection
6.1.5 SSOIS Design and Realization
6.1.6 SSOIS Security Management
6.2 Grade 2: System Audit Protection Grade
6.2.1 Physical Security
6.2.2 Operation Security
6.2.3 Data Security
6.2.4 SSOIS Self-security Protection
6.2.5 SSOIS Design and Realization
6.2.6 SSOIS Security Management
6.3 Grade 3: Security Label Protection Grade
6.3.1 Physical Security
6.3.2 Operation Security
6.3.3 Data Security
6.3.4 SSOIS Self-security Protection
6.3.5 SSOIS Design and Realization
6.3.6 SSOIS Security Management
6.4 Level 4: Structured Protection Grade
6.4.1 Physical Security
6.4.2 Operation Security
6.4.3 Data Security
6.4.4 SSOIS Self-security Protection
6.4.5 SSOIS Design and Realization
6.4.6 SSOIS Security Management
6.5 Level 5: Access Verification Protection Grade
6.5.1 Physical Security
6.5.2 Operation Security
6.5.3 Data Security
6.5.4 SSOIS Self-security Protection
6.5.5 SSOIS Design and Realization
6.5.6 SSOIS Security Management
Appendix A (Informative) Explanation of Standard Concept
A.1 Compositions and Interrelationship
A.2 About Classification of Security Protection Grade
A.3 About Subject and Object
A.4 About SSOIS, SSF, SSP, SFP and their Interrelationship
A.5 About Encryption Technology
A.6 About Information Security Technology Grade and Information System Security Grade
Appendix B (Informative) Security Design Reference of Graded Information System
B.1 Security Demand and Graded Protection
B.1.1 Basic Method for Determining Security Demand
B.1.2 Basic Idea of Graded Protection
B.1.3 Assumption for Classification of Security Protection Grade
B.1.4 Principle and Method for Classification and Determination of Security Protection Grade
B.2 Overview of the Security Design of Information System
B.2.1 Overall Explanation for the Security Design of Information System
B.2.2 Composition and Interrelationship of Information System Security
B.2.3 Security Design of Graded Information System
Appendix C (Informative) The Corresponding Relationship between the Elements and Graded Requirements of Security Technology
Bibliography
