GB/T 34975-2017 Information security technology-Security technical requirements and testing and evaluation approaches for application software of smart mobile terminals (English Version)
Information security technology-Security technical requirements and testing and evaluation approaches for application software of smart mobile terminals
Codeofchina.com is in charge of this English translation. In case of any doubt about the English translation, the Chinese original shall be considered authoritative.
This standard is developed in accordance with the rules given in GB/T 1.1-2009.
This standard was proposed by and is under the jurisdiction of the National Technical Committee on Information Security of Standardization Administration of China (SAC/TC 260).
Information security technology — Security technical requirements and testing and evaluation approaches for application software of smart mobile terminals
1 Scope
This standard specifies the security technical requirements and test assessment methods for application software of smart mobile terminal.
This standard is applicable to the security protection and test evaluation of the development, operation and maintenance of application software of smart mobile terminal, but not applicable to the evaluation of malicious application software of smart mobile terminal.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 18336.3-2015 Information technology ― Security techniques ― Evaluation criteria for IT security ― Part 3: Security assurance components
GB/T 25069-2010 Information security technology ― Glossary
3 Terms and definitions
For the purposes of this document, the terms and definitions given in GB 18336.3-2015 and GB 25069-2010 and the following apply.
3.1
smart mobile terminal
terminal mobile communication products that access the public mobile communication network, have an operating system, and may be installed and uninstalled applications by users
3.2
operating system of smart mobile terminal
most basic system software of smart mobile terminal used to control and manage various hardware and software resources of smart mobile terminal, and provided with application software development interface
3.3
application software of smart mobile terminal
application software developed for smart mobile terminal includes the preset third-party application software of smart mobile terminal and the application software provided by Internet information service providers that can be downloaded, installed and upgraded through mobile application distribution platforms such as websites and application stores
4 Security technical requirements
4.1 Security functional requirements
4.1.1 Security of installation and uninstallation
4.1.1.1 Installation requirements
The installation of terminal application software needs to be explicitly authorized. Its installation process can only run in a specific environment, and its running environment cannot be damaged. The specific technical requirements are as follows:
a) Include signature information and software attribute information that may effectively characterize the identity of the supplier or developer;
b) Correctly install it on relevant smart mobile terminal and generate corresponding icons;
c) Terminal operating system users shall be prompted to confirm the terminal resources and terminal data they use during installation;
d) The normal operation of terminal operating system and other application software shall not be affected.
4.1.1.2 Uninstallation requirements
The normal use of the smart mobile terminal will be not affected after the terminal application software is uninstalled. The specific technical requirements are as follows:
a) The resource files, configuration files and user data generated in installation and use shall be able to deleted;
b) Prompt shall be given when deleting the data generated in use;
c) The functions of terminal operating system and other application software shall not be affected.
4.1.2 Identification mechanism
4.1.2.1 Identity authentication
If the terminal application software involves user sensitive data, an effective identity authentication mechanism shall be provided for the visiting user. The specific technical requirements are as follows:
a) Before a user accesses an application service, the terminal application software authenticates his identity and provides measures for authentication failure;
b) Have the function of locking or logout after login timeout.
4.1.2.2 Password security mechanism
If the user password is involved in the use of terminal application software, the specific technical requirements are as follows:
a) It shall not be displayed and stored in plaintext during use;
b) The user name and password with which the user last logged in shall not be saved by default;
c) Have password strength checking mechanism;
d) Have password timeliness checking mechanism;
e) When modifying or retrieving passwords, there is a verification mechanism;
f) Keyboard anti-hijacking mechanism shall be provided during use.
4.1.2.3 Verification code security mechanism
If the verification codes involved in the use of terminal application software include graphic and SMS verification codes, the specific technical requirements are as follows:
a) The verification code shall be generated on the terminal application software server;
b) The graphic verification code shall be able to resist machine recognition to some extent;
c) Anti-replay attack mechanism with SMS verification code shall be provided.
4.1.3 Access control
4.1.3.1 User-based control
If the terminal application software involves user sensitive data, an effective authorization mechanism shall be provided for accessing users. The specific technical requirements are as follows:
a) Authorized users cannot access the content beyond the scope of authorization;
b) Restrict multiple concurrent sessions with user accounts.
4.1.3.2 Application software restriction
Terminal application software shall access terminal data and terminal resources with explicit permission from terminal operating system users. The specific technical requirements are as follows:
a) Terminal data and terminal resources shall not be accessed without permission;
b) Terminal data shall not be modified or deleted without permission; terminal resource configuration shall not be modified without permission.
4.1.4 Data security
4.1.4.1 Data storage security
Terminal application software shall not store user sensitive data in plaintext to prevent unauthorized access to data.
4.1.4.2 Data transmission security
Terminal application software shall not transmit user sensitive data in plaintext through the network to prevent unauthorized access to data.
4.1.4.3 Data deletion
If the terminal application software has the data deletion function, it shall be clearly prompted before the data is deleted, and the user shall reconfirm the deletion.
4.1.4.4 Data backup and recovery
If the terminal application software has backup and recovery functions, the specific technical requirements are as follows:
a) The backup mechanism shall be complete and effective, and the backup data shall be protected;
b) The availability and integrity of the recovered data shall be verified before use.
4.1.5 Operational security
4.1.5.1 Security implementation
Terminal application software shall ensure the security of the program itself:
a) There shall be no entrance of any type that violates or bypasses the security rules and entrance of any mode not described in the document;
b) There shall be a security mechanism to prevent the program from being decompiled and anti-debugged;
c) There shall be no published high-risk loopholes.
4.1.5.2 Stability
Terminal application software shall ensure its stable operation and avoid similar phenomena such as function failure. The specific requirements are as follows:
a) It shall not cause terminal collapse or abnormal situation;
b) avoid the phenomenon of losing response and flashback;
c) It is allowed to stop and exit at any time.
4.1.5.3 Error tolerance
Terminal application software shall be able to handle predictable error operation and shall not let this affect the normal operation of the program.
4.1.5.4 Resource occupation
The operation of terminal application software shall not occupy terminal resources permanently or unlimitedly, and shall not affect legal user login and resource access to the terminal.
4.1.5.5 Upgrade
Terminal application software shall support software update, with specific technical requirements as follows:
a) Adopt at least one security mechanism to ensure the timeliness and accuracy of upgrade;
b) Ensure the effectiveness of the security mechanism of terminal application software.
4.1.6 Other security requirements
The terminal application software server shall at least meet the following requirements:
a) Sensitive information of user shall not be stored in plaintext in database or file system;
b) Passwords in plaintext shall not be saved in Cookie;
c) Session protection measures shall be taken to ensure that the session between the terminal application software and the server is not eavesdropped, tampered, forged or replayed;
d) The sensitive information of user shall not be recorded in the server-side log. If it is really necessary to record sensitive information in server-side log, it shall be fuzzified;
e) Ensure the safe storage of log data on the server side and strictly limit the access authority of log data;
f) If open-source-third-party application components and codes are used, patches shall be updated in time for published security vulnerabilities;
g) There shall be no published high-risk vulnerabilities on the server side.
4.2 Security assurance requirements
4.2.1 Development
4.2.1.1 Security architecture
The developer shall provide the security architecture description of the security function of the terminal application software, which shall meet the following requirements:
a) It shall comply with the abstract description level of security functions in product design documents;
b) Describe the security domain of the security function of terminal application software consistent with the security function requirements;
c) Describe why the initialization process of security function of terminal application software is safe;
d) Verify that the security function of terminal application software can be prevented from being destroyed;
e) Verify that the security function of terminal application software can prevent the security features from being bypassed.
4.2.1.2 Function specification
The developer shall provide complete functional specification, which shall meet the following requirements:
a) Fully describe the security functions of terminal application software;
b) Describe the purpose and usage of all security function interfaces;
c) Identify and describe the parameters related to security functions of terminal application software;
d) Describe the security function demand implementation related to security function interfaces;
e) Describe direct error messages caused by security function execution behavior and abnormality;
f) Verify traceability of security function requirements to security function interfaces.
4.2.1.3 Product design
The developer shall provide product design documents, which shall meet the following requirements:
a) Describe the structure of terminal application software base on subsystem;
b) Identify and describe all subsystems of terminal application software security function;
c) Describe the interaction among all subsystems of the security functions;
d) The provided mapping relationship shall demonstrate that all of the behaviors described in the design can be mapped to the security function interface that calls it.
4.2.2 Guidance documents
4.2.2.1 User operation guide
The developer shall provide clear and reasonable user operation guide, which is consistent with all other documents provided for evaluation. The description of each user role shall meet the following requirements:
a) Describe the functions and privileges that are accessible for controlled users in a secure processing environment, including proper warning messages;
b) Describe how to securely use the available interface provided by the product;
c) Describe the available functions and interfaces, especially all security parameters controlled by users; if necessary, indicate security values;
d) Clearly explain each security-related event related to the user-accessible function to be executed, including changing the security characteristics of the entity controlled by the security function;
e) Identify all possible states of terminal application software operation (including failure or operational error caused by operation), and their causal relationship and connection with maintaining safe operation;
f) Fully achieve security policies that are implemented for security purposes.
4.2.2.2 Preparation procedure
The developer shall provide terminal application software and its preparation program, and the preparation program description shall meet the following requirements:
a) Describe all steps required for safely receiving the terminal application software delivered, which shall be consistent with developer’s delivery procedures;
b) Describe all steps required by safe terminal application software installation and operational environment.
4.2.3 Life cycle support
Foreword i
1 Scope
2 Normative references
3 Terms and definitions
4 Security technical requirements
4.1 Security functional requirements
4.2 Security assurance requirements
5 Test and evaluation methods
5.1 Security requirement test
5.2 Security assurance test
GB/T 34975-2017 Information security technology-Security technical requirements and testing and evaluation approaches for application software of smart mobile terminals (English Version)
Standard No.
GB/T 34975-2017
Status
valid
Language
English
File Format
PDF
Word Count
8500 words
Price(USD)
250.0
Implemented on
2018-5-1
Delivery
via email in 1 business day
Detail of GB/T 34975-2017
Standard No.
GB/T 34975-2017
English Name
Information security technology-Security technical requirements and testing and evaluation approaches for application software of smart mobile terminals
Codeofchina.com is in charge of this English translation. In case of any doubt about the English translation, the Chinese original shall be considered authoritative.
This standard is developed in accordance with the rules given in GB/T 1.1-2009.
This standard was proposed by and is under the jurisdiction of the National Technical Committee on Information Security of Standardization Administration of China (SAC/TC 260).
Information security technology — Security technical requirements and testing and evaluation approaches for application software of smart mobile terminals
1 Scope
This standard specifies the security technical requirements and test assessment methods for application software of smart mobile terminal.
This standard is applicable to the security protection and test evaluation of the development, operation and maintenance of application software of smart mobile terminal, but not applicable to the evaluation of malicious application software of smart mobile terminal.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 18336.3-2015 Information technology ― Security techniques ― Evaluation criteria for IT security ― Part 3: Security assurance components
GB/T 25069-2010 Information security technology ― Glossary
3 Terms and definitions
For the purposes of this document, the terms and definitions given in GB 18336.3-2015 and GB 25069-2010 and the following apply.
3.1
smart mobile terminal
terminal mobile communication products that access the public mobile communication network, have an operating system, and may be installed and uninstalled applications by users
3.2
operating system of smart mobile terminal
most basic system software of smart mobile terminal used to control and manage various hardware and software resources of smart mobile terminal, and provided with application software development interface
3.3
application software of smart mobile terminal
application software developed for smart mobile terminal includes the preset third-party application software of smart mobile terminal and the application software provided by Internet information service providers that can be downloaded, installed and upgraded through mobile application distribution platforms such as websites and application stores
4 Security technical requirements
4.1 Security functional requirements
4.1.1 Security of installation and uninstallation
4.1.1.1 Installation requirements
The installation of terminal application software needs to be explicitly authorized. Its installation process can only run in a specific environment, and its running environment cannot be damaged. The specific technical requirements are as follows:
a) Include signature information and software attribute information that may effectively characterize the identity of the supplier or developer;
b) Correctly install it on relevant smart mobile terminal and generate corresponding icons;
c) Terminal operating system users shall be prompted to confirm the terminal resources and terminal data they use during installation;
d) The normal operation of terminal operating system and other application software shall not be affected.
4.1.1.2 Uninstallation requirements
The normal use of the smart mobile terminal will be not affected after the terminal application software is uninstalled. The specific technical requirements are as follows:
a) The resource files, configuration files and user data generated in installation and use shall be able to deleted;
b) Prompt shall be given when deleting the data generated in use;
c) The functions of terminal operating system and other application software shall not be affected.
4.1.2 Identification mechanism
4.1.2.1 Identity authentication
If the terminal application software involves user sensitive data, an effective identity authentication mechanism shall be provided for the visiting user. The specific technical requirements are as follows:
a) Before a user accesses an application service, the terminal application software authenticates his identity and provides measures for authentication failure;
b) Have the function of locking or logout after login timeout.
4.1.2.2 Password security mechanism
If the user password is involved in the use of terminal application software, the specific technical requirements are as follows:
a) It shall not be displayed and stored in plaintext during use;
b) The user name and password with which the user last logged in shall not be saved by default;
c) Have password strength checking mechanism;
d) Have password timeliness checking mechanism;
e) When modifying or retrieving passwords, there is a verification mechanism;
f) Keyboard anti-hijacking mechanism shall be provided during use.
4.1.2.3 Verification code security mechanism
If the verification codes involved in the use of terminal application software include graphic and SMS verification codes, the specific technical requirements are as follows:
a) The verification code shall be generated on the terminal application software server;
b) The graphic verification code shall be able to resist machine recognition to some extent;
c) Anti-replay attack mechanism with SMS verification code shall be provided.
4.1.3 Access control
4.1.3.1 User-based control
If the terminal application software involves user sensitive data, an effective authorization mechanism shall be provided for accessing users. The specific technical requirements are as follows:
a) Authorized users cannot access the content beyond the scope of authorization;
b) Restrict multiple concurrent sessions with user accounts.
4.1.3.2 Application software restriction
Terminal application software shall access terminal data and terminal resources with explicit permission from terminal operating system users. The specific technical requirements are as follows:
a) Terminal data and terminal resources shall not be accessed without permission;
b) Terminal data shall not be modified or deleted without permission; terminal resource configuration shall not be modified without permission.
4.1.4 Data security
4.1.4.1 Data storage security
Terminal application software shall not store user sensitive data in plaintext to prevent unauthorized access to data.
4.1.4.2 Data transmission security
Terminal application software shall not transmit user sensitive data in plaintext through the network to prevent unauthorized access to data.
4.1.4.3 Data deletion
If the terminal application software has the data deletion function, it shall be clearly prompted before the data is deleted, and the user shall reconfirm the deletion.
4.1.4.4 Data backup and recovery
If the terminal application software has backup and recovery functions, the specific technical requirements are as follows:
a) The backup mechanism shall be complete and effective, and the backup data shall be protected;
b) The availability and integrity of the recovered data shall be verified before use.
4.1.5 Operational security
4.1.5.1 Security implementation
Terminal application software shall ensure the security of the program itself:
a) There shall be no entrance of any type that violates or bypasses the security rules and entrance of any mode not described in the document;
b) There shall be a security mechanism to prevent the program from being decompiled and anti-debugged;
c) There shall be no published high-risk loopholes.
4.1.5.2 Stability
Terminal application software shall ensure its stable operation and avoid similar phenomena such as function failure. The specific requirements are as follows:
a) It shall not cause terminal collapse or abnormal situation;
b) avoid the phenomenon of losing response and flashback;
c) It is allowed to stop and exit at any time.
4.1.5.3 Error tolerance
Terminal application software shall be able to handle predictable error operation and shall not let this affect the normal operation of the program.
4.1.5.4 Resource occupation
The operation of terminal application software shall not occupy terminal resources permanently or unlimitedly, and shall not affect legal user login and resource access to the terminal.
4.1.5.5 Upgrade
Terminal application software shall support software update, with specific technical requirements as follows:
a) Adopt at least one security mechanism to ensure the timeliness and accuracy of upgrade;
b) Ensure the effectiveness of the security mechanism of terminal application software.
4.1.6 Other security requirements
The terminal application software server shall at least meet the following requirements:
a) Sensitive information of user shall not be stored in plaintext in database or file system;
b) Passwords in plaintext shall not be saved in Cookie;
c) Session protection measures shall be taken to ensure that the session between the terminal application software and the server is not eavesdropped, tampered, forged or replayed;
d) The sensitive information of user shall not be recorded in the server-side log. If it is really necessary to record sensitive information in server-side log, it shall be fuzzified;
e) Ensure the safe storage of log data on the server side and strictly limit the access authority of log data;
f) If open-source-third-party application components and codes are used, patches shall be updated in time for published security vulnerabilities;
g) There shall be no published high-risk vulnerabilities on the server side.
4.2 Security assurance requirements
4.2.1 Development
4.2.1.1 Security architecture
The developer shall provide the security architecture description of the security function of the terminal application software, which shall meet the following requirements:
a) It shall comply with the abstract description level of security functions in product design documents;
b) Describe the security domain of the security function of terminal application software consistent with the security function requirements;
c) Describe why the initialization process of security function of terminal application software is safe;
d) Verify that the security function of terminal application software can be prevented from being destroyed;
e) Verify that the security function of terminal application software can prevent the security features from being bypassed.
4.2.1.2 Function specification
The developer shall provide complete functional specification, which shall meet the following requirements:
a) Fully describe the security functions of terminal application software;
b) Describe the purpose and usage of all security function interfaces;
c) Identify and describe the parameters related to security functions of terminal application software;
d) Describe the security function demand implementation related to security function interfaces;
e) Describe direct error messages caused by security function execution behavior and abnormality;
f) Verify traceability of security function requirements to security function interfaces.
4.2.1.3 Product design
The developer shall provide product design documents, which shall meet the following requirements:
a) Describe the structure of terminal application software base on subsystem;
b) Identify and describe all subsystems of terminal application software security function;
c) Describe the interaction among all subsystems of the security functions;
d) The provided mapping relationship shall demonstrate that all of the behaviors described in the design can be mapped to the security function interface that calls it.
4.2.2 Guidance documents
4.2.2.1 User operation guide
The developer shall provide clear and reasonable user operation guide, which is consistent with all other documents provided for evaluation. The description of each user role shall meet the following requirements:
a) Describe the functions and privileges that are accessible for controlled users in a secure processing environment, including proper warning messages;
b) Describe how to securely use the available interface provided by the product;
c) Describe the available functions and interfaces, especially all security parameters controlled by users; if necessary, indicate security values;
d) Clearly explain each security-related event related to the user-accessible function to be executed, including changing the security characteristics of the entity controlled by the security function;
e) Identify all possible states of terminal application software operation (including failure or operational error caused by operation), and their causal relationship and connection with maintaining safe operation;
f) Fully achieve security policies that are implemented for security purposes.
4.2.2.2 Preparation procedure
The developer shall provide terminal application software and its preparation program, and the preparation program description shall meet the following requirements:
a) Describe all steps required for safely receiving the terminal application software delivered, which shall be consistent with developer’s delivery procedures;
b) Describe all steps required by safe terminal application software installation and operational environment.
4.2.3 Life cycle support
Contents of GB/T 34975-2017
Foreword i
1 Scope
2 Normative references
3 Terms and definitions
4 Security technical requirements
4.1 Security functional requirements
4.2 Security assurance requirements
5 Test and evaluation methods
5.1 Security requirement test
5.2 Security assurance test