基本信息
| 标准名称: | 重点单位重要部位安全技术防范系统要求 第9部分:零售商业 |
| 发布部门: | 上海市质量技术监督局 |
| 发布日期: | 2008-01-01 |
| 实施日期: | 2008-07-01 |
| 首发日期: | |
| 作废日期: | |
| 出版社: | 中国标准出版社 |
| 出版日期: | 2008-07-01 |
适用范围
没有内容
前言
没有内容
目录
没有内容
引用标准
没有内容
所属分类: 农业 林业 林业 观赏植物 农业 农业和林业
【英文标准名称】:Informationtechnology-Securitytechniques-AframeworkforITsecurityassurance-Part2:Assurancemethods
【原文标准名称】:信息技术.安全技术.IT安全保障框架.第2部分:保障方法
【标准号】:ISO/IECTR15443-2-2005
【标准状态】:作废
【国别】:国际
【发布日期】:2005-09
【实施或试行日期】:
【发布单位】:国际标准化组织(IX-ISO)
【起草单位】:ISO/IECJTC1/SC27
【标准类型】:()
【标准水平】:()
【中文主题词】:规范(验收);安全程序;PC;安全;数据处理;电气工程;电气器具;电气安全;安全工程;电信;信息技术;安全要求;质量保证;危害;数据安全;设备;安全规则;计算机;信息处理;系统;信息安全;寿命;EDP;IT安全;数据保护;办公机器;数据处理设备;办公室设备;合格性
【英文主题词】:Assuranceprogrammes;Computers;Confidentiality;Dataprocessing;Dataprocessingequipment;Dataprotection;Datasecurity;EDP;Electricappliances;Electricalengineering;Electricalsafety;Equipment;Hazards;Informationprocessing;Informationsecurity;Informationtechnology;ITsecurity;Lifecycles;Officeequipment;Officemachines;PC;Qualityassurance;Safety;Safetyengineering;Safetyregulations;Safetyrequirements;Specification(approval);Systems;Telecommunications
【摘要】:1.1PurposeThispartofISO/IECTR15443providesacollectionofassurancemethodsincludingthosenotuniquetoICTsecurityaslongastheycontributetooverallICTsecurity.Itgivesanoverviewastotheiraimanddescribestheirfeatures,referenceandstandardizationaspects.Inprinciple,theresultantICTsecurityassuranceistheassuranceoftheproduct,systemorserviceinoperation.Theresultantassuranceisthereforethesumoftheassuranceincrementsobtainedbyeachoftheassurancemethodsappliedtotheproduct,systemorserviceduringitslifecyclestages.ThelargenumberofavailableassurancemethodsmakesguidancenecessaryastowhichmethodtoapplytoagivenICTfieldtogainrecognizedassurance.EachitemofthecollectionpresentedinthispartofISO/IECTR15443isclassifiedinanoverviewfashionusingthebasicassuranceconceptsandtermsdevelopedinISO/IECTR15443-1.Usingthiscategorization,thispartofISO/IECTR15443guidestheICTprofessionalintheselection,andpossiblecombination,oftheassurancemethod(s)suitableforagivenICTsecurityproduct,system,orserviceanditsspecificenvironment.1.2FieldofApplicationThispartofISO/IECTR15443givesguidanceinasummaryandoverviewfashion.Itissuitabletoobtainfromthepresentedcollectionareducedsetofapplicablemethodstochoosefrom,bywayofexclusionofinappropriatemethods.Thesummariesareinformativetoprovidethebasicstofacilitatetheunderstandingoftheanalysiswithoutrequiringthesourcestandards.IntendedusersofthispartofISO/IECTR15443includethefollowing:1.acquirer(anindividualororganizationthatacquiresorprocuresasystem,softwareproductorsoftwareservicefromasupplier);2.evaluator(anindividualororganizationthatperformsanevaluation;anevaluatormay,forexample,beatestinglaboratory,thequalitydepartmentofasoftwaredevelopmentorganization,agovernmentorganizationorauser);3.developer(anindividualororganizationthatperformsdevelopmentactivities,includingrequirementsanalysis,design,andtestingthroughacceptanceduringthesoftwarelifecycleprocess);4.maintainer(anindividualororganizationthatperformsmaintenanceactivities);5.supplier(anindividualororganizationthatentersintoacontractwiththeacquirerforthesupplyofasystem,softwareproductorsoftwareserviceunderthetermsofthecontract)whenvalidatingsoftwarequalityatqualificationtest;6.user(anindividualororganizationthatusesthesoftwareproducttoperformaspecificfunction)whenevaluatingqualityofsoftwareproductatacceptancetest;7.securityofficerordepartment(anindividualororganizationthatperformasystematicexaminationofthesoftwareproductorsoftwareservices)whenevaluatingsoftwarequalityatqualificationtest.1.3LimitationsThispartofISO/IECTR15443givesguidanceinanoverviewfashiononly.ISO/IECTR15443-3providesguidancetorefinethischoiceforbetterresolutionofassurancerequirementsenablingareviewoftheircomparableandsynergeticproperties.TheregulatoryinfrastructuretosupportverificationofanassuranceapproachandthepersonneltoperformverificationisoutsidethescopeofthispartofISO/IECTR15443.
【中国标准分类号】:L70
【国际标准分类号】:35_040
【页数】:66P;A4
【正文语种】:英语