GB/T 20274.2-2008 Information security technology - Evaluation framework for information systems security assurance Part 2: Technical assurance (English Version)
1 Scope
This part of GB/T 20274 establishes the framework for information systems security technical assurance and the guide & general principles for starting, implementing, maintaining, evaluating and improving information security technology system in the organization. This part of GB/T 20274 defines and explains the technology architecture capability level of the organization reflected in the construction and evaluation of information systems security technology system and the information systems security technical requirements of the organization.
This part of GB/T 20274 is applicable to the organization for starting, implementing, maintaining, evaluating and improving the information security technology system and all the users, developers and evaluators involved in the information systems security technical work.
2 Normative References
The following documents contain provisions which, through reference in this text, constitute provisions of this part. For dated reference, subsequent amendments to (excluding any corrigendum), or revisions of, any of these publications do not apply. However, parties to agreements based on this standard are encouraged to investigate the possibility of applying the most recent editions of the standards indicated below. For any undated references, the latest edition of the document referred to applies.
GB/T 20274.1 Information Security Technology - Evaluation Framework for Information Systems Security Assurance - Part 1: Introduction and General Model
3 Terms and Definitions
For the purposes of this part of GB/T 20274, the terms and definitions specified in GB/T 20274.1 apply.
4 Structure of This Part
The organization structure of this part of GB/T 20274 is as follows:
a) Chapter 1 introduces the range of this part;
b) Chapter 2 introduces the normative references of this part;
c) Chapter 3 describes the terms and definitions applicable to this part;
d) Chapter 4 describes the organization structure of this part;
e) Chapter 5 describes the framework for information systems security technical assurance and further summarizes the information systems security technical assurance control class domain and security technology architecture capability level;
f) Chapter 6 describes the standard description structure and requirements of information security technical assurance control class;
g) Chapter 7 to Chapter 17 expatiate the detailed requirements of eleven information security technical assurance control classes which provide information security technical assurance control classes;
h) Chapter 18 describes the security technology architecture capability maturity model;
i) Appendix A is informative and further explains the security technical requirements;
j) Appendix B is informative and describes the hierarchical multi-point information systems security technology architecture;
k) In the Bibliography, the bibliographies of this part of GB/T 20274 are listed.
5 Information Security Technical Assurance
5.1 Overview of Security Technical Assurance
Evaluation framework for information systems security assurance - security technical assurance is mainly used to evaluate the system level security technology framework and the security technology solution in information systems, i.e. make security assessment on the information technology systems (Information technology systems: any combination of computer hardware, software and/or firmware which are used to acquire, create, communicate, compute, distribute, process, store and/or control data or information as a part of information system to perform the information function of the organization). In the technology, management and engineering assurance of evaluation framework for information systems security assurance, security technical assurance has the most direct and close relationship with "Evaluation Criteria For IT Security" (GB/T 18336); the security technical system framework and solution with accurate information systems security assurance evaluation is directly established upon the product and product system approved by the evaluation criteria of GB/T 18336.
In the security technical assurance of evaluation framework for information systems security assurance, the target of evaluation (TOE) is any combination of all the computer hardware, software and/or firmware constituting the information systems. The security technical assurance of evaluation framework for information systems security assurance requires the information system users to establish and perfect the security technology architecture for their targets of evaluation (i.e. information technology systems) at first; make high-level analysis and determine relevant security purpose based on this security technology architecture after the security technology architecture of the information technology systems is completed; describe with standardized security technical assurance control components at last.
5.2 Security Technology Architecture Capability Level
System security technology architecture is the description of the overall structure of the security technology system of the organization's information technology system. The security technology architecture capability is the integral security technology system framework that conforms to the security policy development planning of information technology system of the organization and is established by the organization according to the system security risk evaluation results and the requirements of system security policy and by reference to the relevant security technology architecture standard and the optimal practice as well as in combination with the specific current status and needs of the organization's information technology system. It is the specific embodiment of the information technology system security strategy management of the organization. Security technology architecture capability is the integral reflection of the organization's capability in executing system security technology and it also embodies that the organization is carrying out the management of the information security technology system framework and has achieved the predetermined cost, function and quality target.
5.3 Examples of Security Technical Assurance Control Requirements
This article describes the examples used in the security technical assurance control requirements in this part. Figures 1 and 2 describe some key concepts of the examples. This article provides text description for the concepts in the figure and other key concepts not in the figure. The key concepts discussed are highlighted in bold italic.
Foreword i
1 Scope
2 Normative References
3 Terms and Definitions
4 Structure of This Part
5 Information Security Technical Assurance
5.1 Overview of Security Technical Assurance
5.2 Security Technology Architecture Capability Level
5.3 Examples of Security Technical Assurance Control Requirements
6 Control Structure of Information Security Technical Assurance
6.1 Overview
6.2 Component Classification
7 FAU Class: Security Audit
7.1 Automatic Response of Security Audit (FAU_ARP)
7.2 Generation of Security Audit Data (FAU_GEN)
7.3 Security Audit Analysis (FAU_SAA)
7.4 Security Audit Review (FAU_SAR)
7.5 Selection of Security Audit Event (FAU_SEL)
7.6 Storage of Security Audit Event (FAU_STG)
8 FCO Class: Communication
8.1 Non-repudiation of origin (FCO_NRO)
8.2 Non-repudiation of receipt (FCO_NRR)
9 FCS Class: Cryptographic Support
9.1 Key Management (FCS_CKM)
9.2 Crypto-operation (FCS_COP)
10 FDP Class: User Data Protection
10.1 Access Control Policy (FDP_ACC)
10.2 Access Control Function (FDP_ACF)
10.3 Data Authentication (FDP_DAU)
10.4 Output beyond TSF Control (FDP_ETC)
10.5 Information Flow Control Policy (FDP_IFC)
10.6 Information Flow Control Function (FDP_IFF)
10.7 Input from Outside of TSF Control (FDP_ITC)
10.8 TOE Internal Transmission (FDP_ITT)
10.9 Residual Information Protection (FDP_RIP)
10.10 Reversal (FDP_ROL)
10.11 Stored Data Integrity (FDP_SDI)
10.12 Confidentiality Protection of User Data Transmission between TSF (FDP_UCT)
10.13 Integrity Protection of User Data Transmission between TSF (FDP_UIT)
11 FIA Class: Identification and Authentication
11.1 Authentication Failure (FIA_AFL)
11.2 User Attribute Definition (FIA_ATD)
11.3 Specification of Secret (FIA_SOS)
11.4 User Authentication (FIA_UAU)
11.5 User Identification (FIA_UID)
11.6 User-Subject Binding (FIA_USB)
12 FMT Class: Security Management
12.1 Management of Function in TSF (FMT_MOF)
12.2 Management of Security Attribute (FMT_MSA)
12.3 Management of TSF Data (FMT_MTD)
12.4 Revocation (FMT_REV)
12.5 Security Attribute Expiration (FMT_SAE)
12.6 Security Management Role (FMT_SMR)
13 FPR Class: Secrecy
13.1 Anonymity (FPR_ANO)
13.2 Pseudonym (FPR_PSE)
13.3 Unlinkability (FPR_UNL)
13.4 Unobservability (FPR_UNO)
14 FPT Class: TSF Protection
14.1 Basic Abstract Machine Testing (FPT_AMT)
14.2 Failure Protection (FPT_FLS)
14.3 Availability of Output TSF Data (FPT_ITA)
14.4 Confidentiality of Output TSF Data (FPT_ITC)
14.5 Integrity of Output TSF Data (FPT_ITI)
14.6 Transmission of TSF Data in TOE (FPT_ITT)
14.7 TSF Physical Protection (FPT_PHP)
14.8 Trusted Recovery (FPT_RCV)
14.9 Replay Detection (FPT_RPL)
14.10 Reference Arbitration (FPT_RVM)
14.11 Domain Separation (FPT_SEP)
14.12 Status Synchronization Protocol (FPT_SSP)
14.13 Timestamp (FPT_STM)
14.14 Consistency of TSF Data between TSF (FPT_TDC)
14.15 Consistency of TSF Data Replication in TOE (FPT_TRC)
14.16 TSF Self-test (FPT_TST)
15 FRU Class: Resource Utilization
15.1 Fault Tolerance (FRU_FLT)
15.2 Service Priority (FRU_PRS)
15.3 Resource Allocation (FRU_RSA)
16 FTA Class: TOE Access
16.1 Optional Attribute Scope Restriction (FTA_LSA)
16.2 Multiple Concurrent Sessions Restriction (FTA_MCS)
16.3 Session Locking (FTA_SSL)
16.4 TOE Access Flag
16.5 TOE Access History (FTA_TAH)
16.6 TOE Session Establishment (FTA_TSE)
17 TP Class: Trusted Path/Channel
17.1 Trusted Channel between TSF (FTP_ITC)
17.2 Trusted Path (FTP_TRP)
18 Security Technology Architecture Capability Maturity Level
18.1 Overview
18.2 Explanation of Security Technology Architecture Capability Maturity Level
Appendix A (Informative) Annotations for Security Technical Requirements
A.1 Annotation Structure
A.1.1 Class Structure
A.1.2 Subclass Structure
A.1.3 Component Structure
A.2 Dependency Table
Table A.1 Security Technical Assurance Control Components Dependency Table
Appendix B (Informative) Hierarchical Multi-point Information Systems Security Architecture
B.1 Overview
B.2 TOE Analytical Model of Information Technology System
B.3 Introduction to Hierarchical Multi-point Security Technology Architecture
Bibliography
Figure 1 Example of Security Technical Assurance Control Requirements (Single TOE)
Figure 2 Security Function in Distributed TOE
Figure 3 Relationship between User Data and TSF Data
Figure 4 Relationship between "Authentication Data" and "Secret"
Figure 5 Structure of Security Technical Assurance Control Class
Figure 6 Structure of Security Technical Assurance Control Subclass
Figure 7 Structure of Security Technical Assurance Control Component
Figure 8 Structure of Demonstration Class
Figure 9 Structure of Security Audit Class
Figure 10 Structure of Communication Class
Figure 11 Structure of Cryptographic Support
Figure 12 Structure of User Data Protection Class
Figure 13 Structure of Identification and Authentication Class
Figure 14 Structure of Security Management Class
Figure 15 Structure of Secrecy Class
Figure 16 Structure of Protection Class
Figure 17 Structure of Resource Utilization Class
Figure 18 Structure of TOE Access Class
Figure 19 Structure of Trusted Path / Channel Class
Figure A.1 Structure of Security Technical Assurance Control Class
Figure A.2 Structure of Security Technical Assurance Control Subclass
Figure A.3 Structure of Security Technical Assurance Control Component
Figure B.1 Analytical Model of Information Technology System
Figure B.2 Hierarchical Multi-point Security Technology Architecture
Table A.1 Security Technical Assurance Control Components Dependency Table
GB/T 20274.2-2008 Information security technology - Evaluation framework for information systems security assurance Part 2: Technical assurance (English Version)
Standard No.
GB/T 20274.2-2008
Status
valid
Language
English
File Format
PDF
Word Count
40000 words
Price(USD)
140.0
Implemented on
2008-12-1
Delivery
via email in 1 business day
Detail of GB/T 20274.2-2008
Standard No.
GB/T 20274.2-2008
English Name
Information security technology - Evaluation framework for information systems security assurance Part 2: Technical assurance
1 Scope
This part of GB/T 20274 establishes the framework for information systems security technical assurance and the guide & general principles for starting, implementing, maintaining, evaluating and improving information security technology system in the organization. This part of GB/T 20274 defines and explains the technology architecture capability level of the organization reflected in the construction and evaluation of information systems security technology system and the information systems security technical requirements of the organization.
This part of GB/T 20274 is applicable to the organization for starting, implementing, maintaining, evaluating and improving the information security technology system and all the users, developers and evaluators involved in the information systems security technical work.
2 Normative References
The following documents contain provisions which, through reference in this text, constitute provisions of this part. For dated reference, subsequent amendments to (excluding any corrigendum), or revisions of, any of these publications do not apply. However, parties to agreements based on this standard are encouraged to investigate the possibility of applying the most recent editions of the standards indicated below. For any undated references, the latest edition of the document referred to applies.
GB/T 20274.1 Information Security Technology - Evaluation Framework for Information Systems Security Assurance - Part 1: Introduction and General Model
3 Terms and Definitions
For the purposes of this part of GB/T 20274, the terms and definitions specified in GB/T 20274.1 apply.
4 Structure of This Part
The organization structure of this part of GB/T 20274 is as follows:
a) Chapter 1 introduces the range of this part;
b) Chapter 2 introduces the normative references of this part;
c) Chapter 3 describes the terms and definitions applicable to this part;
d) Chapter 4 describes the organization structure of this part;
e) Chapter 5 describes the framework for information systems security technical assurance and further summarizes the information systems security technical assurance control class domain and security technology architecture capability level;
f) Chapter 6 describes the standard description structure and requirements of information security technical assurance control class;
g) Chapter 7 to Chapter 17 expatiate the detailed requirements of eleven information security technical assurance control classes which provide information security technical assurance control classes;
h) Chapter 18 describes the security technology architecture capability maturity model;
i) Appendix A is informative and further explains the security technical requirements;
j) Appendix B is informative and describes the hierarchical multi-point information systems security technology architecture;
k) In the Bibliography, the bibliographies of this part of GB/T 20274 are listed.
5 Information Security Technical Assurance
5.1 Overview of Security Technical Assurance
Evaluation framework for information systems security assurance - security technical assurance is mainly used to evaluate the system level security technology framework and the security technology solution in information systems, i.e. make security assessment on the information technology systems (Information technology systems: any combination of computer hardware, software and/or firmware which are used to acquire, create, communicate, compute, distribute, process, store and/or control data or information as a part of information system to perform the information function of the organization). In the technology, management and engineering assurance of evaluation framework for information systems security assurance, security technical assurance has the most direct and close relationship with "Evaluation Criteria For IT Security" (GB/T 18336); the security technical system framework and solution with accurate information systems security assurance evaluation is directly established upon the product and product system approved by the evaluation criteria of GB/T 18336.
In the security technical assurance of evaluation framework for information systems security assurance, the target of evaluation (TOE) is any combination of all the computer hardware, software and/or firmware constituting the information systems. The security technical assurance of evaluation framework for information systems security assurance requires the information system users to establish and perfect the security technology architecture for their targets of evaluation (i.e. information technology systems) at first; make high-level analysis and determine relevant security purpose based on this security technology architecture after the security technology architecture of the information technology systems is completed; describe with standardized security technical assurance control components at last.
5.2 Security Technology Architecture Capability Level
System security technology architecture is the description of the overall structure of the security technology system of the organization's information technology system. The security technology architecture capability is the integral security technology system framework that conforms to the security policy development planning of information technology system of the organization and is established by the organization according to the system security risk evaluation results and the requirements of system security policy and by reference to the relevant security technology architecture standard and the optimal practice as well as in combination with the specific current status and needs of the organization's information technology system. It is the specific embodiment of the information technology system security strategy management of the organization. Security technology architecture capability is the integral reflection of the organization's capability in executing system security technology and it also embodies that the organization is carrying out the management of the information security technology system framework and has achieved the predetermined cost, function and quality target.
5.3 Examples of Security Technical Assurance Control Requirements
This article describes the examples used in the security technical assurance control requirements in this part. Figures 1 and 2 describe some key concepts of the examples. This article provides text description for the concepts in the figure and other key concepts not in the figure. The key concepts discussed are highlighted in bold italic.
Contents of GB/T 20274.2-2008
Foreword i
1 Scope
2 Normative References
3 Terms and Definitions
4 Structure of This Part
5 Information Security Technical Assurance
5.1 Overview of Security Technical Assurance
5.2 Security Technology Architecture Capability Level
5.3 Examples of Security Technical Assurance Control Requirements
6 Control Structure of Information Security Technical Assurance
6.1 Overview
6.2 Component Classification
7 FAU Class: Security Audit
7.1 Automatic Response of Security Audit (FAU_ARP)
7.2 Generation of Security Audit Data (FAU_GEN)
7.3 Security Audit Analysis (FAU_SAA)
7.4 Security Audit Review (FAU_SAR)
7.5 Selection of Security Audit Event (FAU_SEL)
7.6 Storage of Security Audit Event (FAU_STG)
8 FCO Class: Communication
8.1 Non-repudiation of origin (FCO_NRO)
8.2 Non-repudiation of receipt (FCO_NRR)
9 FCS Class: Cryptographic Support
9.1 Key Management (FCS_CKM)
9.2 Crypto-operation (FCS_COP)
10 FDP Class: User Data Protection
10.1 Access Control Policy (FDP_ACC)
10.2 Access Control Function (FDP_ACF)
10.3 Data Authentication (FDP_DAU)
10.4 Output beyond TSF Control (FDP_ETC)
10.5 Information Flow Control Policy (FDP_IFC)
10.6 Information Flow Control Function (FDP_IFF)
10.7 Input from Outside of TSF Control (FDP_ITC)
10.8 TOE Internal Transmission (FDP_ITT)
10.9 Residual Information Protection (FDP_RIP)
10.10 Reversal (FDP_ROL)
10.11 Stored Data Integrity (FDP_SDI)
10.12 Confidentiality Protection of User Data Transmission between TSF (FDP_UCT)
10.13 Integrity Protection of User Data Transmission between TSF (FDP_UIT)
11 FIA Class: Identification and Authentication
11.1 Authentication Failure (FIA_AFL)
11.2 User Attribute Definition (FIA_ATD)
11.3 Specification of Secret (FIA_SOS)
11.4 User Authentication (FIA_UAU)
11.5 User Identification (FIA_UID)
11.6 User-Subject Binding (FIA_USB)
12 FMT Class: Security Management
12.1 Management of Function in TSF (FMT_MOF)
12.2 Management of Security Attribute (FMT_MSA)
12.3 Management of TSF Data (FMT_MTD)
12.4 Revocation (FMT_REV)
12.5 Security Attribute Expiration (FMT_SAE)
12.6 Security Management Role (FMT_SMR)
13 FPR Class: Secrecy
13.1 Anonymity (FPR_ANO)
13.2 Pseudonym (FPR_PSE)
13.3 Unlinkability (FPR_UNL)
13.4 Unobservability (FPR_UNO)
14 FPT Class: TSF Protection
14.1 Basic Abstract Machine Testing (FPT_AMT)
14.2 Failure Protection (FPT_FLS)
14.3 Availability of Output TSF Data (FPT_ITA)
14.4 Confidentiality of Output TSF Data (FPT_ITC)
14.5 Integrity of Output TSF Data (FPT_ITI)
14.6 Transmission of TSF Data in TOE (FPT_ITT)
14.7 TSF Physical Protection (FPT_PHP)
14.8 Trusted Recovery (FPT_RCV)
14.9 Replay Detection (FPT_RPL)
14.10 Reference Arbitration (FPT_RVM)
14.11 Domain Separation (FPT_SEP)
14.12 Status Synchronization Protocol (FPT_SSP)
14.13 Timestamp (FPT_STM)
14.14 Consistency of TSF Data between TSF (FPT_TDC)
14.15 Consistency of TSF Data Replication in TOE (FPT_TRC)
14.16 TSF Self-test (FPT_TST)
15 FRU Class: Resource Utilization
15.1 Fault Tolerance (FRU_FLT)
15.2 Service Priority (FRU_PRS)
15.3 Resource Allocation (FRU_RSA)
16 FTA Class: TOE Access
16.1 Optional Attribute Scope Restriction (FTA_LSA)
16.2 Multiple Concurrent Sessions Restriction (FTA_MCS)
16.3 Session Locking (FTA_SSL)
16.4 TOE Access Flag
16.5 TOE Access History (FTA_TAH)
16.6 TOE Session Establishment (FTA_TSE)
17 TP Class: Trusted Path/Channel
17.1 Trusted Channel between TSF (FTP_ITC)
17.2 Trusted Path (FTP_TRP)
18 Security Technology Architecture Capability Maturity Level
18.1 Overview
18.2 Explanation of Security Technology Architecture Capability Maturity Level
Appendix A (Informative) Annotations for Security Technical Requirements
A.1 Annotation Structure
A.1.1 Class Structure
A.1.2 Subclass Structure
A.1.3 Component Structure
A.2 Dependency Table
Table A.1 Security Technical Assurance Control Components Dependency Table
Appendix B (Informative) Hierarchical Multi-point Information Systems Security Architecture
B.1 Overview
B.2 TOE Analytical Model of Information Technology System
B.3 Introduction to Hierarchical Multi-point Security Technology Architecture
Bibliography
Figure 1 Example of Security Technical Assurance Control Requirements (Single TOE)
Figure 2 Security Function in Distributed TOE
Figure 3 Relationship between User Data and TSF Data
Figure 4 Relationship between "Authentication Data" and "Secret"
Figure 5 Structure of Security Technical Assurance Control Class
Figure 6 Structure of Security Technical Assurance Control Subclass
Figure 7 Structure of Security Technical Assurance Control Component
Figure 8 Structure of Demonstration Class
Figure 9 Structure of Security Audit Class
Figure 10 Structure of Communication Class
Figure 11 Structure of Cryptographic Support
Figure 12 Structure of User Data Protection Class
Figure 13 Structure of Identification and Authentication Class
Figure 14 Structure of Security Management Class
Figure 15 Structure of Secrecy Class
Figure 16 Structure of Protection Class
Figure 17 Structure of Resource Utilization Class
Figure 18 Structure of TOE Access Class
Figure 19 Structure of Trusted Path / Channel Class
Figure A.1 Structure of Security Technical Assurance Control Class
Figure A.2 Structure of Security Technical Assurance Control Subclass
Figure A.3 Structure of Security Technical Assurance Control Component
Figure B.1 Analytical Model of Information Technology System
Figure B.2 Hierarchical Multi-point Security Technology Architecture
Table A.1 Security Technical Assurance Control Components Dependency Table