Chinese Standards

Chinese Standards

China National Standardization Administration issued the first standard on information security in 1985. In 2015, it released the first national standard for video surveillance. More than 200 national standards for information security have been released so far. There are less than 10 national standards for video surveillance. The national standard system number of China is mainly:

  1. GB, meaning that it contains mandatory provisions and recommended provisions, and does not contain recommended provisions when the full text is mandatory.
  2. GB/T, indicating full-text recommendation, "T" is the recommended meaning.
  3. GB/Z, indicating guiding technical documents.

The following are some of the national standards related to video surveillance and information security that have been released.

 

First, the national standard for video surveillance

GB 35114-2017 — Public safety video surveillance network information security technical requirements

GB/T 25724-2017 — Public safety video surveillance digital video and audio codec technical requirements

GB/T 28181-2016 — Technical requirements for information transmission, exchange and control of public safety video surveillance networking systems

GB/T 31488-2015 — Technical requirements for safety video surveillance face recognition system

GB/T 33778-2017 — Video surveillance system wireless transmission equipment RF technical indicators and test methods

 

Second, the national standard for security classification protection

GB/T 22239-2008 — Information security technology — Basic requirements for classified protection of information system security

GB/T 22240-2008 — Information security technology — Classification guide for classified protection of information system security

GB/T 25058-2010 — Information security technology — Implementation guide for classified protection of information system security

GB/T 25070-2010 — Information security technology — Technical requirements of security design for information system classified protection

GB/T 28448-2012 — Information security technology — Testing and evaluation requirements for classified protection of information system security

GB/T 28449-2012 — Information security technology — Testing and evaluation process guide for classified protection of information system security

GB/T 35317-2017 — Information security classification protection requirements for public security internet of things system

 

Third, the national standards related to cloud computing security

GB/T 31167-2014 — Information security technology — Cloud computing service security guide

GB/T 31168-2014 — Information security technology — Cloud computing service security capability requirements

GB/T 32399-2015 — Information technology — Cloud Computing Reference architecture

GB/T 32400-2015 — Information technology — Cloud Computing Overview and vocabulary

GB/T 33780.1-2017 — Technical specification of electronic government common platform based on cloud computing — Part 1: System architecture

GB/T 33780.2-2017 — Technical specification of electronic government common platform based on cloud computing — Part 2: Functions and performance

GB/T 33780.3-2017 — Technical specification of electronic government common platform based on cloud computing — Part 3: System and data interface

GB/T 33780.6-2017 — Technical specification of electronic government common platform based on cloud computing — Part 6: Service testing

GB/T 34077.1-2017 — Management specification of electronic government common platform based on cloud computing — Part 1: Evaluation specification for service quality

GB/T 34078.1-2017 — General specification of electronic government common platform based on cloud computing — Part 1: Terminology and definition

GB/T 34079.3-2017 — Service specification of electronic government common platform based on cloud computing — Part 3: Data management

GB/T 34080.1-2017 — Security specification of electronic government common platform based on cloud computing — Part 1: General requirements

GB/T 34080.2-2017 — Security specification of electronic government common platform based on cloud computing — Part 2: Information resource security

GB/T 34942-2017 — Information security technology — The assessment method for security capability of cloud computing service

GB/T 34982-2017 — Basic requirements for cloud computing data center

GB/T 35293-2017 — Information technology — Cloud computing — General requirements of virtual machine management

GB/T 35301-2017 — Information technology — Cloud computing — Platform as a Service(PaaS)reference architecture

 

Fourth, the national standards related to e-government security

GB/T 29245-2012 — Information security technology — Basic requirements of information security for government department

GB/T 30278-2013 — Information security technology — Government desktop core configuration specifications

GB/T 31506-2015 — Information security technology — Security technology guidelines for web portal system of government

GB/T 32925-2016 — Information security technology — Basic security requirements for networked computer terminal of government

GB/T 32926-2016 — Information security technology — Information security management specification for government information technology service outsourcing

GB/T 35282-2017 — Information security technology — Security technology specifications of mobile e-government system

GB/Z 24294.1-2018 — Information security technology — Guide of implementation for internet-based e-government information security — Part 1: General

GB/Z 24294.2-2017 — Information security technology — Guide of implementation for internet-based e-government information security — Part 2: Access control and secure exchange

GB/Z 24294.3-2017 — Information security technology — Guide of implementation for internet-based e-government information security — Part 3: Identity authentication and authorization

GB/Z 24294.4-2017 — Information security technology — Guide of implementation for internet-based e-government information security — Part 4: Defense for terminal security

 

Fifth, the national standard for general information security

GB/T 33562-2017 — Information security technology — Secure domain name system implementation guide

GB/T 29244-2012 — Information security technology — Basic safety requirements for office equipment

GB/T 35274-2017 — Information security technology — Big data service security capability requirements

GB/T 31503-2015 — Information security technology — Electronic document encryption and signature message syntax

GB/T 30282-2013 — Information security technology — Anti-spam product technical requirements and test evaluation methods

GB/T 35277-2017 — Information security technology — Anti-virus gateway security technical requirements and test evaluation methods

GB/T 20281-2015 — Information security technology — Firewall security technical requirements and test evaluation methods

GB/T 25063-2010 — Information security technology — Server security assessment requirements

GB/T 21028-2007 — Information security technology — Server security technical requirements

GB/T 35273-2017 — Information security technology — Personal information security specification

GB/T 33134-2016 — Information security technology — Public domain name service system security requirements

GB/T 33131-2016 — Information security technology — IPSec-based IP storage network security technical requirements

GB/T 35283-2017 — Information security technology — Computer terminal core configuration baseline structure specification

GB/T 29242-2012 — Information security technology — Authentication and authorization — Security assertion markup language

GB/T 30280-2013 — Information security technology — Authentication and authorization — Geospatial scalable access control markup language

GB/T 25062-2010 — Information security technology — Authentication and authorization — Role-based access control model and management specification

GB/T 30281-2013 — Information security technology — Authentication and authorization — Extensible access control markup language

GB/T 30275-2013 — Information security technology — Authentication and authorization — Certification middleware framework and interface specification

GB/T 31501-2015 — Information security technology — Authentication and authorization — Authorized application decision interface specification

GB/T 31504-2015 — Information security technology — Authentication and authorization — Digital identity information service framework specification

GB/T 25069-2010 — Information security technology — Terminology

GB/T 29765-2013 — Information security technology — Technical requirements and test evaluation methods for data backup and recovery products

GB/T 20273-2006 — Information security technology — Database management system security technical requirements

GB/T 20009-2005 — Information security technology — Database management system security assessment criteria

GB/T 31499-2015 — Information security technology — Unified threat management product technical requirements and test evaluation methods

GB/T 32924-2016 — Information security technology — Network security alert guide

GB/T 20278-2013 — Information security technology — Network vulnerability scanning product security technical requirements

GB/T 20280-2006 — Information security technology — network vulnerability scanning product test evaluation method

GB/T 20279-2015 — Information security technology — Network and terminal isolation product security technical requirements

GB/T 20277-2015 — Information security technology — Network and terminal isolation product test evaluation method

GB/T 20270-2006 — Information security technology — Network basic security technical requirements

GB/T 20275-2013 — Information security technology — Network intrusion detection system technical requirements and test evaluation methods

GB/T 28451-2012 — Information security technology — Network intrusion prevention product technical requirements and test evaluation methods

GB/T 35287-2017 — Information security technology — Website trusted logo technical guide

GB/T 35284-2017 — Information security technology — Website identity and system security requirements and assessment methods

GB/T 29766-2013 — Information security technology — Technical requirements and test evaluation methods for website data recovery products

GB/T 33565-2017 — Information security technology — Wireless LAN access system security technical requirements (Evaluation support level 2 enhancement)

GB/T 33563-2017 — Information security technology — Wireless LAN client security technical requirements (Evaluation support level 2 enhancement)

GB/T 31495.1-2015 — Information security technology — Information security assurance index system and evaluation method — Part 1: Concepts and models

GB/T 31495.2-2015 — Information security technology — Information security assurance index system and evaluation method — Part 2: Index system

GB/T 31495.3-2015 — Information security technology — Information security assurance index system and evaluation method — Part 3: Implementation guide

GB/T 25066-2010 — Information security technology — Information security product category and code

GB/T 33132-2016 — Information security technology — Information security risk processing implementation guide

GB/Z 24364-2009 — Information security technology — Information security risk management guide

GB/T 20984-2007 — Information security technology — Information security risk assessment specification

GB/T 31509-2015 — Information security technology — Implementation guide for information security risk assessment

GB/T 30283-2013 — Information security technology — Information security services classification

GB/T 30271-2013 — Information security technology — Information security service capability assessment criteria

GB/T 32914-2016 — Information security technology — Information security service provider management requirements

GB/T 28450-2012 — Information security technology — Information security management system audit guide

GB/T 30276-2013 — Information security technology — Information security vulnerability management specification

GB/Z 20986-2007 — Information security technology — Information security event classification and classification guide

GB/T 24363-2009 — Information security technology — Information security emergency response plan specification

GB/T 35280-2017 — Information security technology — Information technology product security testing agency conditions and code of conduct

GB/T 32921-2016 — Information security technology — Information technology product supplier behavior safety guidelines

GB/T 20274.1-2006 — Information security technology — Information system security assurance assessment framework — Part 1: Profile and general model

GB/T 20274.2-2008 — Information security technology — Information system security assurance assessment framework — Part 2: Technical support

GB/T 20274.3-2008 — Information security technology — Information system security assurance assessment framework — Part 3: Management

GB/T 20274.4-2008 — Information security technology — Information system security assurance assessment framework — Part 4: Engineering

GB/T 30273-2013 — Information security technology — Information system security assurance general evaluation guide

GB/T 20282-2006 — Information security technology — Information system security engineering management requirements

GB/T 34990-2017 — Information security technology — Information system security management platform technical requirements and test evaluation methods

GB/T 28453-2012 — Information security technology — Information system security management assessment requirements

GB/T 20269-2006 — Information security technology — Information system security management requirements

GB/T 20945-2013 — Information security technology — Information system security audit product technical requirements and test evaluation methods

GB/Z 30286-2013 — Information security technology — Information system protection profile and information system security target generation guide

GB/T 30285-2013 — Information security technology — Disaster recovery center construction and operation and maintenance management specifications

GB/Z 32906-2016 — Information security technology — Guide for information security construction of small and medium-sized e-commerce enterprises

GB/T 29240-2012 — Information security technology — Terminal computer general safety technical requirements and test evaluation methods

GB/T 31505-2015 — Information security technology — Host-type firewall security technical requirements and test evaluation methods

GB/T 25068.1-2012 — Information technology — Security techniques — IT network security — Part 1: Network security management

GB/T 25068.2-2012 — Information technology — Security techniques — IT network security — Part 2: Network security architecture

GB/T 25068.3-2010 — Information technology — Security techniques — IT network security — Part 3: Inter-network communication security protection using security gateways

GB/T 25068.4-2010 — Information technology — Security techniques — IT network security — Part 4: Security for remote access

GB/T 25068.5-2010 — Information technology — Security techniques — IT network security — Part 5: Inter-network communication security protection using virtual private networks

GB/T 32920-2016 — Information technology — Security techniques — Information security management of inter-industry and inter-organizational communications

GB/T 31722-2015 — Information technology — Security techniques — Information security risk management

GB/T 31497-2015 — Information technology — Security techniques — Information security management — Measurement

GB/T 29246-2017 — Information technology — Security techniques — Information security management systems — Overview and vocabulary

GB/T 22080-2016 — Information technology — Security techniques — Information security management systems — Requirements

GB/T 25067-2016 — Information technology — Security techniques — Information security management system audit and certification body requirements

GB/T 31496-2015 — Information technology — Security techniques — Information security management system implementation guide

GB/Z 32916-2016 — Information technology — Security techniques — Information security control measures auditor's guide

GB/T 22081-2016 — Information technology — Security techniques — Information security control practice guide

GB/T 20985.1-2017 — Information technology — Security techniques — Information security event management — Part 1: Principles of event management

GB/Z 20985-2007 — Information technology — Security techniques — Information security event management guide

GB/T 32923-2016 — Information technology — Security techniques — Governance of information security

GB/T 19668.1-2014 — Information technology services — Supervision — Part 1: General

GB/T 19668.2-2017 — Information technology services — Supervision — Part 2: Supervision of infrastructure engineering

GB/T 19668.3-2017 — Information technology services — Supervision — Part 3: Operation and maintenance supervision specifications

GB/T 19668.4-2017 — Information technology services — Supervision — Part 4: Information security supervision

GB/T 19668.5-2007 — Information technology services — Supervision — Part 5: Software engineering supervision specification

 

0