GA/T 388-2002 Technical requirements for computer information system security level protection operating system
Some standard content:
ICs35.020
People's Republic of China Public Security Industry Standard GA/T 388—2002
Computer Information System Security Level Protection
Operating systcm technology requirementin compuler information system classificd sceurity protcction2002-07-15 Issued
Released by the Ministry of Public Security of the People's Republic of China
Implemented on 2002-07-15
GA/T 388—2002
Visual reference variant
Technical treatment and specification
Transfer of protection level requirements
First level: Product protection level
Safety performance
Safety management
Second level: Rate estimation protection
Safety enterprise function..
Safety protection.
CB Design and implementation.
TC B full management...
Third level: safety standard protection load
Security enterprise kinetic energy...
TCB self-point safety production protection
TCB design and implementation
TCB safety management
Third level: structural protection level
Security enterprise kinetic energy-
TCR self-implementation full protection
\ design and actual measurement
TH full intelligence
With level five, visit the protection level.
4. 3. 1 Safety kinetic energy
TC self-safety protection
TCB design benefits I
Safety management
Attached capital attachment)
Group type relative difference system
Explore the information
About safety and other natural sounds
A.=Further about 1C3
A.5 About" energy code technology||t t
GA/T3862302
GB1785!-1655 Computer information system security level classification standard 3 is the main standard of our computer information system security level management, which was released on May 18, 2015. In order to promote the work of various security levels, a series of relevant standards have been formulated:
Computer information system security level protection technical requirements series of standards; Computer information system security level protection management requirements: "Computer information system security level protection engineering implementation requirements! Computer information system security level protection evaluation series of standards. Among them, the computer information system level protection technical requirements system standard is composed of the following standards and other relevant standards: GA 320-2002 Computer information system security level protection production application technical requirements GA/T332-2002 Computer information system enterprise security level protection operating system technical requirements: GA/333-2002 Computer information system enterprise security level protection operating system technical requirements: GA/349-2002 Computer information system security level protection micro-data management technical requirements: This standard is the first in the computer information level protection technical requirements series: Appendix A of this standard is only a confidential appendix || tt || This standard is proposed by the People's Republic of China and the Public Information Network Security Supervision Bureau of the Ministry of Public Security. This standard is undertaken by the Information System Security Standardization Committee of the Ministry of Public Security, and the preparing unit of this standard is Jiangnan Planning and Technology Research Institute. This standard is an integral part of the core series of standards for computer information system security level protection technology, which is used to guide designers to design and implement systems with the required level of security protection. It describes the technical requirements from the perspective of the security protection level of the operating system, and mainly describes the security technical measures that should be taken for the operating system to achieve the security requirements of a protection level (3178S-9R7), so as to provide a detailed description of the different security technical requirements in each level. The standard is divided into five security levels, and the technical requirements and security assurance technical requirements of each security level are described in detail. The relevant concepts in this standard are described in detail. This standard is included in the scope of the document No. GA/T 388—2002
Technical requirements for computer information system security level protection operating system This standard specifies the detailed requirements for the detailed protection level classification of operating systems according to 1774—1999. This standard is applicable to the design and implementation of operating systems that use 175%999 security level protection requirements, and is applicable to the initial production of operating systems based on security level protection requirements. The following documents are used as references: Normative references
The following documents shall be amended and shall become the applicable provisions of this standard before they are used. For all dated references, all subsequent amendments (excluding The contents of this standard are not correct or revised. The latest version of these documents can be used according to the standard. All referenced documents without the date of reference are not applicable to this standard. 175S19, Computer Information System Security Level Classification Standard A5! 2002 Computer Information System Security Level Protection General Technical Requirements 3 Terms and Definitions
155-1\ and - The correct terms and definitions are applicable to this standard. 4 Technical requirements for security protection level classification
1.1 Level 1: Self-generated protection level
4.1.1 Security kinetic energy
4. 1.1.1 Identity verification rules
The public identification includes two copies of the identification and identification of the benefits of the A/Plan 26.1.3.1, 6.1.32, and the point identification function of the operation system. Security level requirements: a! A point identification should be provided when the user enters the operating system, and the following requirements should be followed; the user who enters the operating system can be identified by the user name and the user identification number? The user identification of the operating system uses the user name and the user identification (U Jiang) to use the password for identification, and the password is invisible when the user logs into the system. The signature is stored.
In addition, 1.1.2 National access control
The requirements of 3.1.3.3 in GA3122, the autonomous control function of the operating system should be designed, and the security level requirements are:! Design named users to control the long-term sharing of entities within user groups and prevent unauthorized guests from sharing:
) Set the default function: After a subject becomes a guest, the access flow of the subject should be constant in the table.
4.1.1. 3 Data integrity
The data integrity requirements of the operating system should be designed according to the change requirements of 6.1.3.3 in GA/13S2002, and the data integrity requirements of the operating system should be implemented at the same level: For data analysis performed by the operating system, such as authentication between processes, functions to ensure data integrity should be provided. 4.1.2 TCD Self-security Protection
GA/T 388—2002
4. 1. 2. 1 TSI Protection
According to the requirements of 6.1..1 of 39202, the system protection is designed. The requirements of this level are as follows: the system should not leave "doors" when designing, that is, it should not be used as an excuse for continuous protection, and the design should not have any mode of population mentioned in the document or any mode of security rules. b) The security structure should be an independent, strictly defined system software. It should also prevent external interference and damage. If the data structure is reduced, the operating system should be layered. The operating system program and the user program should be separated. d)
, the account space of each process should be divided into two segments: the user space and the system space, which is static after the user leaves. The control system in the internal sequence should not be shared by all types of cards: the factory process should be isolated from each other, and the non-protected system segment should be prohibited from being written in the user type. When the system is running in the system mode, all operations should be allowed to have space for the operation. The boot and level configuration parameters should be provided for the effective installation batch. Before the security tree is initialized and the data related to safety is reversed and expanded, the user village administrator's security and other collection seats should be defined. F) The general exploration membrane gate system management right mode 4.1.2.2 resources should be connected (A/T%02632.1.4. requirements, and the loss of the system flow of trade resources should be designed. Second security level system requirements.When a certain fault occurs in the mine construction and the system is repaired, appropriate measures should be taken to ensure that the T51 can maintain normal operation: (above) Click on the Uber-like resource policy to further manage and allocate resources.
C) In response to the requirement of large quotas in resource allocation, C is responsible for the management and allocation of resources. The quota system ensures that users and entities will not monopolize the resources of Leco recipients, 4.1 .2.3 TCB access control
shall be in accordance with the requirements of 6.1.4.3 in GA:13Sr.-212, regardless of the TCB access control of the operating system: This security level security requirement: Approved attribute scope limited level Requirements, an attempt to select all the candidates for the safety of a certain event, and the scope restrictions used to establish the safety attributes of a
Six Chapters
are determined for multiple concurrent events Based on the requirements of small book limit and the performance of session sales, the TSF virtual limit system can develop a large number of activities and use the account value as the activity. Limit number of times:) This minimum level will be suitable for establishing an optimization system, and the management of session establishment shall be designed, designed, and implemented 4.1.3FL:B
4. 1. 3. 1 Configuration General | | tt||Should be the sales request of t.1.5.1 in A/3-202. Set up the mutual management of 1 operating system and 1CH. Intrinsic safety enterprise level requirements: There should be basic configuration capabilities, that is, the version number used by the developer is required to completely correspond to the C sample, 4..3.2 Distribution and operation
Press A to order one 200, 1. Distribution and compliance requirements of the resource planning system: 3.2, ISSA grade requirements:) Provide in the form of support: safely delay the distribution of excessive light, in order to improve safety &, generate and The Cheng Jin lights on the head indicate: The production area is always generated with a safe configuration. The inwardness described in sexual intercourse should be compared with the following: The subject of the distribution of the accusation:
An Anhui activation and exploration are too strong,
) The text of the modification of the technical access rights of the system Risks are controlled to a minimum during delivery: In the safety analysis and installation of negative meter support, this control adopts the form of a software control system to confirm the safety of the end user, and all safety mechanisms should be The payment is settled in the legal status,
The instruction plan should provide a tacit acceptance of the Anna installation, and the vehicle rate user does not make a choice when the payment is recognized and the security mechanism can effectively function) along with the full certificate of the system payment The vehicle with the production mark shall be in a non-discounted state upon delivery, and shall be verified by the administrator before approval:
GA/T 3882002
1) All document points can be paid The design is fully equipped, and the system rescue parts currently sent out are the system version of the new system version with sufficient technical support to make medicine:
4.1.3.3 development
The integration of 8.1.5.5 in G4/1G-2062 is used to configure the system TCB. This safety equal load requirement: According to the informal kinetic energy theory, the speed-adaptive detachment design, the TSF children are real spots, and the ISH internal structure is rapid. It refers to the low-rise design and informal corresponding arrangement requirements, Carry out "H and development. (Part 2)" system redesign and development to protect the integrity of the education and education system, such as updated rules for checking effectiveness, correct work plans for mutual/multiple inputs, and the causes of inquiries. Check, check the site results, check the reasonable value, check whether the service update is positive and flexible, etc. When inspecting the built-in code, to resolve the security flaw in the system, close or cancel all the files and files that have been submitted. Periodic and written checks, plans to notify users of micro-check results,
Save, in the form of text or to use! Provide guidance documents on the comparison of the requirements of h,1.5.1 in GAT3932002, shortening the TCH reference. The user documentation should provide information on the security mechanisms for different users and how to use them, describe the user's protection structure, and explain their reuse. and provide regulatory guidance. b | With the announcement of privileges and a detailed description of the security-related functions, including the case characteristics of adding and deleting monthly account changes, etc.), there is no amount of optimization in the document. Information points that endanger the safety of the system: relevant security instructions and documentation provided by components such as user interfaces, system maintenance points and system security administrators, 4.1.3.5 life cycle support
should According to the requirements of G4/003: H, the security level of the investment operating system requires: a) Develop according to the developer-defined lifecycle model and provide security and safety assurance value. When the bid is over, the watch should be sold according to the limit value and the gold withdrawal code paid by the system can be used to confirm the identification number. It should be in an inactive state after the installation is completed, and be checked by the system. Weihuo:
The damage control document should describe in detail the process of safety work and cooperation, detail the start-up of the safety functions, and the summary of the normal moving and guarding products
Eliminate or modify, explain how to restore the system status when there is a problem or system error: 4.1.3.6 Traceability
should be based on the requirements of GA/T39020021%.1.5.b 1CB of crime-fighting capability shall be tested. Six safety level requirements: It shall pass: General functional test and equivalence test·Environmental recognition [the kinetic energy is consistent with the required function, b) there will always be a system that is safe and should Through comprehensive testing, all defects discovered should be corrected, eliminated or rendered ineffective, and re-tested after the leak has been eliminated to confirm that they have been eliminated and that there is a need to cause an effect: provided at the end Test text, describe the test plan in detail, test the material, and test the spinning results: 4.1.4TR safety management
The requirements of F.1. in GA/T1502002 should be reported to implement the safety management of C. Level fee requirements:) Develop corresponding operations for new control services related to insurance, functions related to segmentation control, auditing and all parts management, as well as functions related to general drug safety, dispensing, etc. h) According to the safety kinetic energy support technical requirements involved in this document, the company guarantees the completeness of identity verification and the production and distribution of energy pellets involved in the technical requirements. And operations, development, guidance, production and testing, etc. are involved in 3
GA/T 386 -72
Guan Nei Customer Design 1 Heart B Full Management|| tt | Marking and identification: The system shall be evaluated and identified according to the requirements of GA Section 30U2CC2 1.2.3.1: and 6.2.3.1.2. Security requirements:) The system should provide users with identification when accessing the operating system, and according to the requirements, users who need to enter the operating system should first provide (compensation documents). Account: The operating system user ID should be widely used, and the user ID (L1D) should be used to change the user name, user name, etc. For example. 1. Use the command 1 for verification, and require that passwords be invisible and protected during storage and maintenance. tt | |Company) Allows named users to control sharing of objects at specified times by user and/or user group, and to use non-monitor sharing:
Change the recognition function, when a When the host generates a guest, he or she will have all the assets that have been purchased that year in the object's excavable list.
There is still a fine-grained reading system of twenty. Yes, for another user in the system, the administrator of taxable objects such as the Department should try to determine the permissions of his or her customary body by using the general index c
, while other users in the same group Or the account opening and account period of the same group should be granted to the violator.
The actual situation of Yueguang Cunfen is based on the user's various status d
, so that the user's own behavior must be properly respected. () The owner of the case should always note the status of the final authority to acquire the subject matter.Someone should have all the suggestions for the objects they test, but it is not allowed to separate the objects of the object from other partners, +, the actual access format is expandable, and the code is protected. The control properties of the subject should include read, write, row and other objects. The control properties of the subject should include read, execute and other permissions that can be assigned to the subject. The permissions can be assigned to and modified by the subject. Procurement of the same control plan and object verification. And implement the separation and modification of the access control thickness of the subject and object. The result of the rules should ensure that only authorized users are allowed to access the object. , 1: Define the access grant rules of the subject and the object, which are based on the access control properties of the subject and the object. At the same time, measures should be taken to change the type of application of these rules by the entity. 4.2.1.3 The object uses
to comply with the requirements of 3.2.3.4 in GA/-C2 and change it to a ticket system that can be reused. This security level requires ensuring that the resources that are retained and managed can be reused while maintaining information security, mainly including: ai
-Ensure that the user cannot retrieve and return the information to the system Controlling the information retention rate of media storage: Ensure that non-users cannot view the previous information in the storage media that the system has allocated to the storage pool.) In single-user systems, the memory protection process prevents the machine from using the system. "Complete system operation") In a multi-user system, the memory holder should ensure that all users in the system are of different generations. d: The system administrator should include:
1. The protection of local certificates ensures that illegal users cannot access the data and can store the data: various types of deep illegal operations are provided for the operation of storage units that lack standard protection, and the underlying protection is guaranteed. Introducing the beauty type without "reading!" Write "column "read-only": cannot reduce/remove 4 saw units. If it is violated/written, the system should issue an delay report or interrupt program execution. 4
G4/T 3BB·2002
One by one, logic isolation and internal force methods can be used to protect the controller in batches, including: boundary marking device protection method, memory mark activity, lock protection and control law special certification, air protection production modification, etc. .
2.2.1.4 Audit
Virtually press GA, the requirements of 5.2.2.3 in 139(20F2) are changed to the application function of the system. This security level requires:! The application function has changed the identity. The security functions such as rule-finding and compliance control are closely integrated to ensure the success and maintenance of the security and expansion process, so that it can avoid modification and illegal damage. In particular, it will protect the audit evidence and ensure the integrity of the system. Limiting unauthorized user access
) can create and maintain a pair of protected content access audits and deletes, protecting unauthorized records from unauthorized access, collection, and corruption: || tt||Indicates the recordable open contract type, including the successful registration session login and the system interface of the negative number. The system effect d
Account attributes, market tracking and extension extensions are used to set up and use product D, change system programs or processes, or change date and time, etc.), and the user's identity will be changed after receiving the order from the superintendent. For a certain case, you enter the pool address space of a certain user (such as opening a file), excluding changes made by system administrators and system security administrators. During the calculation, you should ensure that the traceability of restricted files is audited in a timely manner. Completion provides a mechanism to display the currently selected audit events. Users of this mechanism should have limited authorization
). For each data comparison, the information generated should be included The time of the period, the account to which the link is sent, the type of the link, the event is successful or failed, etc. For identity recognition and authentication, the source of the request should be welcomed, such as a secondary number or a control; for connection creation and When an entity is removed, the name of the object and the security of the object should be recorded.) A protected trap should be provided to open and close the market as a rule. This mechanism can create and improve security audits to ensure "system security" The system is in an acknowledgment state at the time of operation; use of this mechanism is subject to the authorization restrictions of the system administrator, who can select one or more authentication actions based on identification or object-based authentication. : The plan should be able to authorize everyone to use, modify and change the site plan: should provide protection for the planning and management of the plan, so as to prevent the establishment, promotion and destruction of the city plan and wait for the empty and The administrator of archived coupons should be able to define the readings that exceed the comprehensive limit of the calculation period: when the deposit is cancelled, there should be a management pointer to specify the decision-making measures to buy, including reporting that the loss is not recorded. The mountain plan information. The temporary Buddha was caught in the plan, and Lan Yifan's city plan records, etc. 2.2.1.5 Data integrity
The requirements of 6.2.3.5 in CA3902002 should be followed to improve the data integrity of the system. Requirements for this security level: 1) When performing access operations on data , check whether there are any complete misreadings in the used numbers stored in the correct introduction. The immersion system can perform the following functions through the enhanced tunnel scanning program for the numerical errors of the various settings on the dial: to dynamically check that the fixed parts and the surface of the dial are intact: once the space between the dial and the dial is Traces are automatically recorded; check at any time to diagnose process errors
5) For data transmission with retrograde data in the operating system, such as incoming communications, a method to ensure the integrity of the data transmission system should be provided. Must be able. For the data processed in the infectious system, the corresponding TCB security function tracking module should be set according to the rollback number, and the normal operation database should be rolled back to ensure the integrity of the data: 4.2.2 TCH own security protection
4.2.2.1TSF protection
In accordance with the safety requirements of e.2.4.1 in GA/T320-2002, the 7SF protection segment operating system must meet the security level requirements: What is the safety level requirement? Caitong was designed with a "back door" in mind. That is to say, the security structure should be a security structure that should not be used to continue to protect people and patterns that are not specified in the document. An independent, disciplined system education system should protect against external interference and corruption, such as sensitive access to its code or data structures.
The operating system should be designed in layers, and operating system programs and user programs should be isolated. d: The personal evaluation log plus space is divided into two parts: user space and system space. The separation between the two is static. GA/T 388—2002
is temporarily in memory. The selection system in the mountain should be used by all students, and my questions should be followed by this. Processes running in user mode should be prohibited from reading system segments line by line, and processes running in user mode should be allowed to read all virtual segments. ||tt| |e) Set up and upgrade the installation system of configuration files. Before establishing and protecting security-related data structures, security policies for users and users should be defined: F) Operational system protection modes should be distinguished, only) Prevents a normal user from entering maintenance mode from an unauthorized system and should enable a general-purpose maintenance-style interaction with the system. This ensures that the system can be installed and configured in a safe manner before Metro users access the system. (a) For backup or system maintenance that does not affect IC compliance, all system groups are not required to be expanded. When the system installation is completed and can be accessed from an ordinary user, the system should be configured with proper user analysis, root records, audit parameters, system tracking settings, and file and system tracking in the maintenance module. Comprehensive access control for logs. ": Implementation procedures provided by the execution system shall be (specifically) limited to those valid for the system, and only the system type is allowed to modify or replace the first practical program provided by the system.
The environment flow provides a mechanism for users to control the logging/path search for commands. 1) After the TC3 failure occurs, ensure that the protection text is restored in a small format and implement the normal operating system performance when the TSI fails according to the instructions described in Failure Protection. The usage of Bangshiji system console should be controlled, tt.
n! The system should be able to identify the source of the information received by the system. All data to be verified should be securely transferred from the source to the verification system. There should be no public or shared two-way communication. For hair beauty, you can use several issues of encrypted preparation or add a letter and click on the link to send it horizontally,
4.2.2.2 Resource Utilization
2((2 in 6.\.4.2 Next, design the operating system to use encryption. This security level requires: 4/39)
a) Certain measures should be taken to ensure that certain fault conditions are detected when the system fails. 1S can be maintained at normal times if the system should detect and notify the system that the water level is reduced to a predetermined minimum value. Appropriate policies should be adopted to manage and allocate TCE resources by prioritizing individual resource subsets within the SC for limited service delivery.
In response to the requirement of allocating a quota of ten exhibitors, TCB resources are allocated and subcontracted. A quota mechanism is required to ensure that users of Guanghe soil will not occupy controlled resources: d) system It should be ensured that the funds are accounted for and utilized when requested by an authorized party.e: When the system service level drops to the preset minimum, the system will detect and issue an alarm, and the system should be able to continue to operate in the maintenance state. In the maintenance state, various safety features are still effective and can only be used by system personnel. The system should provide a mechanism to control their consumption of micro disks and CPU usage based on the number of users per month.
4.2.2.3TC access control
According to the requirements of GA1302002..1.\, the TCB method of the operating system is designed to control the security of the system. The following requirements are met: a) The security scope of the system is limited to the minimum requirements, and all failure attempts of the security attributes are applied to the external security attributes. The security scope of the system is limited.
b) According to the basic requirements of limiting the number of users to issue public calls, the design of the session management is based on the basic training basis. The TSI should limit the number of public calls issued by the system and the number of authentication times as the limit. According to the minimum number of public calls established, the session tracking is designed: 1) To establish a TE session, the government recognizes the identity of the H: the login mechanism allows the authentication mechanism to bypass the Russian bypass. e) After successfully signing into the system, C shows the following data to the user: - date, time, source and the number of times the last authentication was successful. The system should display the number of failed authentications since the last authentication.
GA/T38B—2002
- the number of successful or unsuccessful authentications can be displayed in the form of integer counts, time tables, etc.; 4.2.3 TCB design and implementation
4.2.3.1 Configuration management
According to the requirements of 6.2.3.1 of GAT39200, this security level requirement) is required! The configuration management system should implement the requirements of the TCB, including the TCB implementation, configuration documentation, test documentation, user documentation, administrator documentation, and other configuration documents.
Throughout the life of the system, that is, during its development, testing, and maintenance, there should be a configuration management system that maintains control over changes to source code and related documents: only valid code modifications are allowed to be incorporated into the delivered source code: all changes should be logged and checked to ensure that the security of the system is not compromised. The configuration management system should include system version identification and source code protection work and specifications. Through the combination of technology, physical and security regulations: the internal source code used in the generation system can be fully protected from being modified and hidden from the outside.
4.2.3-2 Distribution and operationWww.bzxZ.net
The key points of 6.2.3.2 in GA1391-02 are recorded, and the distribution and replacement of the operating system CR are designed. In terms of security level requirements: 8) The distribution process of the CCB should be provided in a documented form, and the installation, installation and startup procedures should be described, and the final configuration should be safe.
) The process of TCB distribution should be provided in a documented form, as well as the installation, installation and startup procedures, and the final configuration should be safe. The content of the description should include: the process of long-term security;
The process of safe room operation and operation:
A company-established and determined management.
e) The risk of technical modification of the system should be controlled to a minimum during delivery. This control should be used to ensure that the software is safe and will be the most user-friendly during packaging, distribution and installation. All safety plans should be delivered with functional installation features.
) All software components are provided with safe installation values. When the customer does not choose to open them, the default values should be effective in disassembling the full function of the safety mechanism.
All software components must be accompanied by the system with a recognized identification code. They should be in a non-current state when delivered. Before use, the administrator should contact you:
"! User documentation should be packaged together with the software delivered. The design and procedures should also ensure that the system software currently delivered to users is strictly made with the new system version.
4.2.3.3 Development
should meet the requirements of 6.2.5.3 in A390202 to ensure the system TCB 1. Unsafe level requirements 11. Requirements for interface, descriptive high-level design, 1. Single implementation, . Internal structure model, descriptive low-level design, informal corresponding description and informal security strategy model requirements, TCS development,
) The design of the system should ensure the integrity of the product period, such as, check the update of variables, rules, correct handling of objects, recovery of the status of the test, check the results, the inspection of the information, the update of the service certificate, etc.,) When checking the internal code: potential safety pitfalls should be resolved, and all back-ends should be closed or cancelled. d. All delivered software and documents should be checked regularly for defects, and the results of the inspection should be reported to GA/I 388 202
Monthly.
System control data, such as passwords and passwords, shall not be in plain text in protected databases or documents, but shall provide users with relevant data in a transparent form. 4.2.3.2 Guidance Documents
In accordance with the requirements of 6.2.5.4 of A/390-2003, the guidance documents of the TC shall be prepared. The following requirements shall be met: a) The user shall be provided with information about the available security mechanisms for different users and how to use them, describe the protection mechanisms that are not explicitly stated for users, and provide guidance on their use, including what information will be disclosed if the information is disclosed and what information is entrusted by the system.
1) System management documentation should provide
all information on safe system startup, operation, and restart, including the process of logging the system (such as booting the system into a secure enterprise cloud), the process of recovering safe system data in the event of a system failure, and the protection and process of running software and data backup.
A separate installation guide should be provided, detailing the system initialization process and providing a complete description of the new system version. New installation documentation should include a description of all possible safety-related processes, software analysis data, and backup files. C) Security management product training documentation The following should be provided:
- Detailed guidance on how to implement, protect and analyze system scenarios, including appropriate security advisories, and information about the capabilities and privileges of the company;
- Detailed description of the functions of the administrator related to security, including the ability to add or delete a user, modify the security settings of the account, etc.;
- Documentation on all accounting tools, including the recommended process for price and compensation audits (including detailed single record documentation for each audited item), recommended master procedures for periodic security and failure audit records, and daily requirements for risk checks. The recommended amount of free disk space for new files; the minimum possible access permissions for all files and the required settings; a file system or disk integrity check; a section on how to conduct a system evaluation (with network security requirements, access control, and multiple disaster recovery plans); ... This document should be a unique document for users, system administrators and system security personnel, and should be included in the product guide and user guide as a single section. The document is also portable! If it is a physical document, it should be controlled for distribution.
4.2.3.5 Lifecycle support
The requirements of GA/T391201)2.2.5.h should be followed to define the lifecycle support of the system [CH]. The developer of this security level should define these lifecycle models for development and provide instructions for security measures during the development process. b) All security software should provide public installation default values. When making special selections, the security mechanism should be installed according to the default value. The system will be delivered with a door identification number, and the software should be in an activated state when the system is installed. The system management point will charge a fee for activation.
The document shall describe in detail the process of safety activation and operation: specify whether the safety function can be revoked or modified after activation, and explain how to restore the system to a safe state in the event of a fault or error. e) If the system contains unique features to increase safety, the final diagnosis or test of the product shall be able to carry out detailed operation and correction of the unique features in various operating environments. 4.2.3.6 Testing
The requirements of 6.2.5.6 of GA/50-2602 shall be met. The system shall be tested in accordance with the requirements of GA/50-2602. The safety level of this system shall be 8The T(1 of the special operation system is tested. The safety level is required; 8The T(1 of the special operation system is tested. The safety level is required; 8The security requirements of this standard are: 1) The minimum security range is limited by the requirements, and all failure attempts of the security attributes of the road are limited to the range of security established by the public.
b) According to the basic requirements of the number of public calls, the design of the conversation management system is based on the basic training basis. The TSI should limit the number of public calls issued by the system and the number of times the call is recognized as the limit of the meeting certificate. According to the minimum number of public calls established, the session tracking is designed: 1) To establish a TE session, the government recognizes the identity of the H: the login mechanism allows the authentication mechanism to bypass the Russian bypass. e) After successfully signing into the system, C shows the following data to the user: - date, time, source and the number of times the last authentication was successful. The system should display the number of failed authentications since the last authentication.
GA/T38B—2002
- the number of successful or unsuccessful authentications can be displayed in the form of integer counts, time tables, etc.; 4.2.3 TCB design and implementation
4.2.3.1 Configuration management
According to the requirements of 6.2.3.1 of GAT39200, this security level requirement) is required! The configuration management system should implement the requirements of the TCB, including the TCB implementation, configuration documentation, test documentation, user documentation, administrator documentation, and other configuration documents.
Throughout the life of the system, that is, during its development, testing, and maintenance, there should be a configuration management system that maintains control over changes to source code and related documents: only valid code modifications are allowed to be incorporated into the delivered source code: all changes should be logged and checked to ensure that the security of the system is not compromised. The configuration management system should include system version identification and source code protection work and specifications. Through the combination of technology, physical and security regulations: the internal source code used in the generation system can be fully protected from being modified and hidden from the outside.
4.2.3-2 Distribution and operation
The key points of 6.2.3.2 in GA1391-02 are recorded, and the distribution and replacement of the operating system CR are designed. In terms of security level requirements: 8) The distribution process of the CCB should be provided in a documented form, and the installation, installation and startup procedures should be described, and the final configuration should be safe.
) The process of TCB distribution should be provided in a documented form, as well as the installation, installation and startup procedures, and the final configuration should be safe. The content of the description should include: the process of long-term security;
The process of safe room operation and operation:
A company-established and determined management.
e) The risk of technical modification of the system should be controlled to a minimum during delivery. This control should be used to ensure that the software is safe and will be the most user-friendly during packaging, distribution and installation. All safety plans should be delivered with functional installation features.
) All software components are provided with safe installation values. When the customer does not choose to open them, the default values should be effective in disassembling the full function of the safety mechanism.
All software components must be accompanied by the system with a recognized identification code. They should be in a non-current state when delivered. Before use, the administrator should contact you:
"! User documentation should be packaged together with the software delivered. The design and procedures should also ensure that the system software currently delivered to users is strictly made with the new system version.
4.2.3.3 Development
should meet the requirements of 6.2.5.3 in A390202 to ensure the system TCB 1. Unsafe level requirements 11. Requirements for interface, descriptive high-level design, 1. Single implementation, . Internal structure model, descriptive low-level design, informal corresponding description and informal security strategy model requirements, TCS development,
) The design of the system should ensure the integrity of the product period, such as, check the update of variables, rules, correct handling of objects, recovery of the status of the test, check the results, the inspection of the information, the update of the service certificate, etc.,) When checking the internal code: potential safety pitfalls should be resolved, and all back-ends should be closed or cancelled. d. All delivered software and documents should be checked regularly for defects, and the results of the inspection should be reported to GA/I 388 202
Monthly.
System control data, such as passwords and passwords, shall not be in plain text in protected databases or documents, but shall provide users with relevant data in a transparent form. 4.2.3.2 Guidance Documents
In accordance with the requirements of 6.2.5.4 of A/390-2003, the guidance documents of the TC shall be prepared. The following requirements shall be met: a) The user shall be provided with information about the available security mechanisms for different users and how to use them, describe the protection mechanisms that are not explicitly stated for users, and provide guidance on their use, including what information will be disclosed if the information is disclosed and what information is entrusted by the system.
1) System management documentation should provide
all information on safe system startup, operation, and restart, including the process of logging the system (such as booting the system into a secure enterprise cloud), the process of recovering safe system data in the event of a system failure, and the protection and process of running software and data backup.
A separate installation guide should be provided, detailing the system initialization process and providing a complete description of the new system version. New installation documentation should include a description of all possible safety-related processes, software analysis data, and backup files. C) Security management product training documentation The following should be provided:
- Detailed guidance on how to implement, protect and analyze system scenarios, including appropriate security advisories, and information about the capabilities and privileges of the company;
- Detailed description of the functions of the administrator related to security, including the ability to add or delete a user, modify the security settings of the account, etc.;
- Documentation on all accounting tools, including the recommended process for price and compensation audits (including detailed single record documentation for each audited item), recommended master procedures for periodic security and failure audit records, and daily requirements for risk checks. The recommended amount of free disk space for new files; the minimum possible access permissions for all files and the required settings; a file system or disk integrity check; a section on how to conduct a system evaluation (with network security requirements, access control, and multiple disaster recovery plans); ... This document should be a unique document for users, system administrators and system security personnel, and should be included in the product guide and user guide as a single section. The document is also portable! If it is a physical document, it should be controlled for distribution.
4.2.3.5 Lifecycle support
The requirements of GA/T391201)2.2.5.h should be followed to define the lifecycle support of the system [CH]. The developer of this security level should define these lifecycle models for development and provide instructions for security measures during the development process. b) All security software should provide public installation default values. When making special selections, the security mechanism should be installed according to the default value. The system will be delivered with a door identification number, and the software should be in an activated state when the system is installed. The system management point will charge a fee for activation.
The document shall describe in detail the process of safety activation and operation: specify whether the safety function can be revoked or modified after activation, and explain how to restore the system to a safe state in the event of a fault or error. e) If the system contains unique features to increase safety, the final diagnosis or test of the product shall be able to carry out detailed operation and correction of the unique features in various operating environments. 4.2.3.6 Testing
The requirements of 6.2.5.6 of GA/50-2602 shall be met. The system shall be tested in accordance with the requirements of GA/50-2602. The safety level of this system shall be 8The security requirements of this standard are: 1) The minimum security range is limited by the requirements, and all failure attempts of the security attributes of the road are limited to the range of security established by the public.
b) According to the basic requirements of the number of public calls, the design of the conversation management system is based on the basic training basis. The TSI should limit the number of public calls issued by the system and the number of times the call is recognized as the limit of the meeting certificate. According to the minimum number of public calls established, the session tracking is designed: 1) To establish a TE session, the government recognizes the identity of the H: the login mechanism allows the authentication mechanism to bypass the Russian bypass. e) After successfully signing into the system, C shows the following data to the user: - date, time, source and the number of times the last authentication was successful. The system should display the number of failed authentications since the last authentication.
GA/T38B—2002
- the number of successful or unsuccessful authentications can be displayed in the form of integer counts, time tables, etc.; 4.2.3 TCB design and implementation
4.2.3.1 Configuration management
According to the requirements of 6.2.3.1 of GAT39200, this security level requirement) is required! The configuration management system should implement the requirements of the TCB, including the TCB implementation, configuration documentation, test documentation, user documentation, administrator documentation, and other configuration documents.
Throughout the life of the system, that is, during its development, testing, and maintenance, there should be a configuration management system that maintains control over changes to source code and related documents: only valid code modifications are allowed to be incorporated into the delivered source code: all changes should be logged and checked to ensure that the security of the system is not compromised. The configuration management system should include system version identification and source code protection work and specifications. Through the combination of technology, physical and security regulations: the internal source code used in the generation system can be fully protected from being modified and hidden from the outside.
4.2.3-2 Distribution and operation
The key points of 6.2.3.2 in GA1391-02 are recorded, and the distribution and replacement of the operating system CR are designed. In terms of security level requirements: 8) The distribution process of the CCB should be provided in a documented form, and the installation, installation and startup procedures should be described, and the final configuration should be safe.
) The process of TCB distribution should be provided in a documented form, as well as the installation, installation and startup procedures, and the final configuration should be safe. The content of the description should include: the process of long-term security;
The process of safe room operation and operation:
A company-established and determined management.
e) The risk of technical modification of the system should be controlled to a minimum during delivery. This control should be used to ensure that the software is safe and will be the most user-friendly during packaging, distribution and installation. All safety plans should be delivered with functional installation features.
) All software components are provided with safe installation values. When the customer does not choose to open them, the default values should be effective in disassembling the full function of the safety mechanism.
All software components must be accompanied by the system with a recognized identification code. They should be in a non-current state when delivered. Before use, the administrator should contact you:
"! User documentation should be packaged together with the software delivered. The design and procedures should also ensure that the system software currently delivered to users is strictly made with the new system version.
4.2.3.3 Development
should meet the requirements of 6.2.5.3 in A390202 to ensure the system TCB 1. Unsafe level requirements 11. Requirements for interface, descriptive high-level design, 1. Single implementation, . Internal structure model, descriptive low-level design, informal corresponding description and informal security strategy model requirements, TCS development,
) The design of the system should ensure the integrity of the product period, such as, check the update of variables, rules, correct handling of objects, recovery of the status of the test, check the results, the inspection of the information, the update of the service certificate, etc.,) When checking the internal code: potential safety pitfalls should be resolved, and all back-ends should be closed or cancelled. d. All delivered software and documents should be checked regularly for defects, and the results of the inspection should be reported to GA/I 388 202
Monthly.
System control data, such as passwords and passwords, shall not be in plain text in protected databases or documents, but shall provide users with relevant data in a transparent form. 4.2.3.2 Guidance Documents
In accordance with the requirements of 6.2.5.4 of A/390-2003, the guidance documents of the TC shall be prepared. The following requirements shall be met: a) The user shall be provided with information about the available security mechanisms for different users and how to use them, describe the protection mechanisms that are not explicitly stated for users, and provide guidance on their use, including what information will be disclosed if the information is disclosed and what information is entrusted by the system.
1) System management documentation should provide
all information on safe system startup, operation, and restart, including the process of logging the system (such as booting the system into a secure enterprise cloud), the process of recovering safe system data in the event of a system failure, and the protection and process of running software and data backup.
A separate installation guide should be provided, detailing the system initialization process and providing a complete description of the new system version. New installation documentation should include a description of all possible safety-related processes, software analysis data, and backup files. C) Security management product training documentation The following should be provided:
- Detailed guidance on how to implement, protect and analyze system scenarios, including appropriate security advisories, and information about the capabilities and privileges of the company;
- Detailed description of the functions of the administrator related to security, including the ability to add or delete a user, modify the security settings of the account, etc.;
- Documentation on all accounting tools, including the recommended process for price and compensation audits (including detailed single record documentation for each audited item), recommended master procedures for periodic security and failure audit records, and daily requirements for risk checks. The recommended amount of free disk space for new files; the minimum possible access permissions for all files and the required settings; a file system or disk integrity check; a section on how to conduct a system evaluation (with network security requirements, access control, and multiple disaster recovery plans); ... This document should be a unique document for users, system administrators and system security personnel, and should be included in the product guide and user guide as a single section. The document is also portable! If it is a physical document, it should be controlled for distribution.
4.2.3.5 Lifecycle support
The requirements of GA/T391201)2.2.5.h should be followed to define the lifecycle support of the system [CH]. The developer of this security level should define these lifecycle models for development and provide instructions for security measures during the development process. b) All security software should provide public installation default values. When making special selections, the security mechanism should be installed according to the default value. The system will be delivered with a door identification number, and the software should be in an activated state when the system is installed. The system management point will charge a fee for activation.
The document shall describe in detail the process of safety activation and operation: specify whether the safety function can be revoked or modified after activation, and explain how to restore the system to a safe state in the event of a fault or error. e) If the system contains unique features to increase safety, the final diagnosis or test of the product shall be able to carry out detailed operation and correction of the unique features in various operating environments. 4.2.3.6 Testing
The requirements of 6.2.5.6 of GA/50-2602 shall be met. The system shall be tested in accordance with the requirements of GA/50-2602. The safety level of this system shall be 8e) After successfully logging into the system, the C program shall display the following data to the user: - date, time, source and number of days of last login: - number of failed identity authentications since the last login - number of successful or unsuccessful authentications shall be displayed in the form of integer counts, time tables, etc. 4.2.3 TCB design and implementation 4.2.3.1 Configuration management According to the requirements of 6.2.3.1 of GAT39200, this security level requires that the configuration party shall implement the requirements of the configuration authorization system, etc., and the TCB implementation shall be displayed in the configuration management party of the TCB, including the configuration documents, test documents, user documents, administrator documents, and other configuration documents.
Throughout the life of the system, i.e. during its development, testing and maintenance, there should be a database management system in place to maintain control over changes to source code files: only valid code modifications are allowed to be incorporated into the delivered source code: all changes should be logged and checked to ensure that the security of the system is not compromised. The configuration management system should include a verification letter to identify the system version and the source code generated by the system and the specifications for protecting the source code from unauthorized modifications. Through a combination of technical, physical and security regulations: the source code used to generate the system can be fully protected from unauthorized static modification and external exposure.
4.2.3-2 Distribution and operation
The key points of 6.2.3.2 in GA1391-02 are recorded, and the CR distribution and replacement of the operating system are designed. In terms of safety level requirements: 8) The process of TCB distribution should be documented, with instructions for installation, installation, and startup, and the final safe configuration.
) The process of TCB distribution should be documented, as well as the installation, installation, and startup process, and the final safe configuration should be provided. The content of the description should include: the process of long-term distribution;
the process of safe room activation and operation:
an enterprise-wide and determined management.
e) The technical modification of the system should be controlled to a minimum. During the packaging, safe distribution and installation process, this control should be used to confirm that the software is safe. The user will consider the most natural situation. All safety plans should be compared with functional installation. All software components are provided with safe installation values. When the customer does not choose to open, the default value should be quickly and effectively released by the safety mechanism. All software components provided with the system must be accompanied by a recognized identification code. They should be in a non-current state when delivered. The software must be packaged together with the user documentation. The design and procedures should also ensure that the system software currently delivered to the user is strictly safe. The new system version is produced by the car. The requirements of 6.2.5.3 in A390202 should be met to ensure the system TCB 1. Unsafe level requirements 11. Requirements for interface, descriptive high-level design, 1. Single implementation, . Internal structure model, descriptive low-level design, informal corresponding description and informal security strategy model requirements, TCS development,
) The design of the system should ensure the integrity of the product period, such as, check the update of variables, rules, correct handling of objects, recovery of the status of the test, check the results, the inspection of the information, the update of the service certificate, etc.,) When checking the internal code: potential safety pitfalls should be resolved, and all back-ends should be closed or cancelled. d. All delivered software and documents should be checked regularly for defects, and the results of the inspection should be reported to GA/I 388 202
Monthly.
System control data, such as passwords and passwords, shall not be in plain text in protected databases or documents, but shall provide users with relevant data in a transparent form. 4.2.3.2 Guidance Documents
In accordance with the requirements of 6.2.5.4 of A/390-2003, the guidance documents of the TC shall be prepared. The following requirements shall be met: a) The user shall be provided with information about the available security mechanisms for different users and how to use them, describe the protection mechanisms that are not explicitly stated for users, and provide guidance on their use, including what information will be disclosed if the information is disclosed and what information is entrusted by the system.
1) System management documentation should provide
all information on safe system startup, operation, and restart, including the process of logging the system (such as booting the system into a secure enterprise cloud), the process of recovering safe system data in the event of a system failure, and the protection and process of running software and data backup.
A separate installation guide should be provided, detailing the system initialization process and providing a complete description of the new system version. New installation documentation should include a description of all possible safety-related processes, software analysis data, and backup files. C) Security management product training documentation The following should be provided:
- Detailed guidance on how to implement, protect and analyze system scenarios, including appropriate security advisories, and information about the capabilities and privileges of the company;
- Detailed description of the functions of the administrator related to security, including the ability to add or delete a user, modify the security settings of the account, etc.;
- Documentation on all accounting tools, including the recommended process for price and compensation audits (including detailed single record documentation for each audited item), recommended master procedures for periodic security and failure audit records, and daily requirements for risk checks. The recommended amount of free disk space for new files; the minimum possible access permissions for all files and the required settings; a file system or disk integrity check; a section on how to conduct a system evaluation (with network security requirements, access control, and multiple disaster recov
Tip: This standard content only shows part of the intercepted content of the complete standard. If you need the complete standard, please go to the top to download the complete standard document for free.