GB/T 5271.8-2001 Information technology vocabulary Part 8: Security

This standard is formulated to facilitate domestic and international communication on information and data security protection. This standard provides the terms and definitions of concepts related to the field of information technology and clarifies the relationship between these items. To facilitate the translation of this standard into other minority languages, the definitions of each vocabulary in this standard try to avoid using words that are unique to the language. This standard defines concepts related to data and information security protection such as cryptographic terms, information classification and information access control, data and information recovery and security violations. GB/T 5271.8-2001 Information Technology Vocabulary Part 8: Security GB/T5271.8-2001 Standard download decompression password: www.bzxz.net

GB/T5271.8--2001
This standard is equivalent to the international standard ISO/IEC2382-8:1998 "Information Technology Vocabulary Part 8: Security". This standard is a revision of the national standard GB/T5271.8-1993. According to the development and changes of information technology, this standard focuses on the terminology and vocabulary of computer security. The title is changed from the original "Data Processing Vocabulary 08 Part Control, Integrity and Security" to "Information Technology Vocabulary Part 8 Security". In terms of content, only 18 entries related to security in the original standard are retained, and 170 new information technology security terms are added.
The purpose of formulating information technology vocabulary standards is to facilitate domestic and international exchanges of information technology. It gives the terms and definitions of concepts related to the field of information processing, and clarifies the relationship between each term. This standard defines concepts such as cryptography, information classification and access control, data and information recovery, and security violations. The GB/T5271 series of standards consists of more than 30 parts, all under the general title "Information Technology Vocabulary". This standard is the eighth part of the GB/T5271 series of standards.
This standard is proposed by the Ministry of Information Industry of the People's Republic of China. This standard replaces and abolishes the national standard GB/T5271.8-1993 from the date of implementation. This standard is under the jurisdiction of the China Electronics Technology Standardization Institute. The drafting unit of this standard is: China Electronics Technology Standardization Institute. The main drafters of this standard are: Chen Ying, Wang Baoai. 214
GB/T5271.8--2001
ISO/IEC Foreword
ISO (International Organization for Standardization) and IEC (International Electrotechnical Commission) are world-wide specialized standardization organizations. National member bodies (they are all member states of IS or IEC) participate in the formulation of international standards for specific technical fields through various technical committees established by international organizations. The technical committees of ISO and IEC cooperate in areas of common interest. Other official and non-official international organizations that have ties with ISO and IEC may also participate in the formulation of international standards. For information technology, ISO and IEC have established a joint technical committee, namely ISO/IEC JTC1. The draft international standard proposed by the joint technical committee is circulated to the national member bodies for voting. To publish an international standard, at least 75% of the national member bodies participating in the voting need to vote in favor.
International Standard ISO/IEC2382-8 was developed by the SC1 Vocabulary Subcommittee of the ISO/IECJTC1 Joint Technical Committee on Information Technology. ISO/IEC2382 consists of more than 30 parts, all under the general title "Information Technology Vocabulary". 21
1 Overview
1.1 Scope
National Standard of the People's Republic of China
Information technology--Vocabulary-Part 8:Security
GB/T 5271. 8-2001
idt ISO/IEC 2382-8: 1998
Replaces GB/T5271.8—1993
This standard is formulated to facilitate domestic and international exchanges on information and data security protection. This standard provides the terms and definitions of concepts related to the field of information technology and clarifies the relationship between these items. To facilitate the translation of this standard into other minority languages, the definitions of each vocabulary in this standard try to avoid using words that are unique to the language.
This standard defines the concepts of data and information security protection such as cryptography, information classification and information access control, data and information recovery and security violations.
1.2 References
The provisions contained in the following standards constitute the provisions of this standard through reference in this standard. When this standard was published, the versions shown were valid. All standards will be revised, and parties using this standard should explore the possibility of using the latest versions of the following standards. GB/T2659—2000 Codes for names of countries and regions in the world (eqvISO3166-1:1997) GB/T9387.2—1995 Basic reference model for open systems interconnection of information processing systems Part 2: Security architecture (idt ISO 7498-2:1989)
GB/T15237.1—2000 Vocabulary for terminology working Part 1 Theory and application (egvISO1087-1:2000) 1.3 Principles and rules to be followed
1.3.1 Definition of entries
Chapter 2 includes many entries. Each entry consists of several required elements, including an index number, a term or several synonyms, and a phrase that defines a concept. In addition, an entry may include examples, annotations, or explanations to facilitate understanding of the concept. Sometimes the same term can be defined by different entries, or an entry may include two or more concepts, as explained in 1.3.5 and 1.3.8 respectively.
This standard recommends the use of other terms, such as vocabulary, concepts, terms and definitions, whose meanings are defined in GB/T15237.1. 1.3.2 Composition of entries
Each entry includes the required elements specified in 1.3.1, and some additional elements may be added if necessary. The entries include the following elements in the following order:
a) Index number:
b) The concept of the term in the language, if there is no preferred term, is represented by a five-dot symbol (..·．，); in a term, a row of dots is used to represent a word selected in each specific instance; c) Preferred term (indicated according to the rules of GB/T2659), d) Abbreviation of the term;
General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China 200 1-07-16 Approved 216
2002-03-01 Implementation
e) permitted synonymous terms;
f) the text of the definition (see 1.3.4);
g) one or more examples beginning with "Example"; GB/T5271.8—2001
h) one or more notes beginning with "Note" indicating the application of the concept to indicate special cases; i) pictures, diagrams or tables common to the terms. 1.3.3 Classification of terms
Each part of this series of standards is assigned a two-digit serial number, starting with 01 for "Basic terms". Terms are classified into groups, each group is assigned a four-digit serial number; the first two digits indicate the part of the standard in which the group is located.
Each term is assigned a six-digit index number; the first four digits indicate the standard part and group in which the term is located. 1.3.4 Choice of terms and definitions
The terms and definitions are chosen in accordance with established usage as far as possible. When a conflict arises, the method agreed by majority is adopted. 1.3.5 Polysemous terms
If a given term has several meanings in a working language, each meaning is given a separate entry to facilitate translation into other languages.
1.3.6 Abbreviations
As indicated in 1.3.2, currently used abbreviations are assigned to some terms. These abbreviations are not used in the text of definitions, examples or notes.
1.3.7 Use of parentheses
In some terms, a word or several words printed in bold are placed in parentheses. These words are part of the complete term. When the use of abbreviated terms in a technical article does not affect the meaning of the context, these words may be omitted. In the body of the definitions, examples or notes of GB/T 5271, these terms are used in their full form. In some entries, the term is followed by words in normal font enclosed in brackets. These words are not part of the term, but indicate information about the term, such as its specific application or its grammatical form. 1.3.8 Use of square brackets
If the definitions of several closely related terms differ by only a few words, the terms and their definitions are grouped together in one entry. Alternative words to indicate different meanings are enclosed in square brackets in the same order as in the term and in the definition. To avoid ambiguity about the replaced word, the last word placed before the brackets according to the above rules may be enclosed in square brackets and repeated for each change. 1.3.9 Use of boldface terms in definitions and use of asterisks When a term is printed in boldface in a definition, example, or note, it indicates that the term has been defined in another entry in the vocabulary. However, the term is printed in boldface only the first time it appears in each entry. Boldface is also used for other grammatical forms of a term, such as plural nouns and participle forms of verbs. The basic forms of all terms that appear in boldface in GB/T 5271 are listed in the index at the end of this section (see 1.3.10). When two boldface terms are cited in different entries immediately following one another, separate them with an asterisk (or simply with punctuation).
Words or terms appearing in ordinary font are to be understood as defined in general dictionaries or authoritative technical vocabulary. 1.3.10 Compilation of index tables
An alphabetical index is provided at the end of each part for each language used. The index includes all terms defined in that part. Multi-word terms appear in alphabetical order after each keyword. 2 Terms and definitions
08 Security
08.01--General concepts
GB/T 5271. 8-2001
08.01.01 Computer securitycomputer securityCOMPUSEC (abbreviation) COMPUSEC (abbreviation) Generally, appropriate actions are taken to protect data and resources from accidental or malicious actions. Note: Accidental or malicious actions here can refer to unauthorized modification, destruction, access, leakage or acquisition. 2 Administrative security08. 01. 02
Procedural security
Administrative measures for computer security.
Note: The measures here can be operational verification processes, processes for investigating security violations, and processes for reviewing audit trails. 08.01.03 Communication securityCOMSEC (abbreviation)COMSEC (abbreviation) Computer security applicable to data communications. 08.01.04 Data securitydata security applies to computer security of data.
5 Security auditsecurityaudit
Independent review and examination of data processing system records and activities to test the adequacy of system controls, ensure compliance with established security policies and operating procedures, detect security violations, and make recommendations for changes in controls, security policies, and procedures.
6 Security policysecuritypolicy08. 01. 06
A plan of action or policy to ensure computer security. 08. 01. 07
Data integrity
The property of data that its accuracy and consistency remain unchanged regardless of changes in its form. 08. 01. 08 File protectionThe use of appropriate administrative, technical, or physical measures to prevent unauthorized access, modification, or deletion of files. 9Confidentiality08. 01. 09
The property of data that indicates the degree to which data are not made available or disclosed to unauthorized individuals, processes, or other entities.
08. 01. 10
Accountability
The property that ensures that the actions of an entity can be uniquely traced back to that entity. 08.01.11
Authentication
The act of verifying that an entity is who it claims to be. Message authentication message authentication08.01.12
Verify that a message is sent from the stated originator to the intended recipient and that the message has not been altered in transit.08. 01. 13 Authentication information authentication information used to establish the validity of an entity's claimed identity.08. 01. 14
08.01. 15
credentials
Data transmitted to establish an entity's claimed identity.Authentication exchange authentication exchange A mechanism to ensure an entity's identity by means of information exchange.6 Authorization authorization
Granting of rights, including the granting of access rights.08. 01. 17
Availability (in computer security) availability (in computer security) The property of data or resources that authorized entities can access and use as required.3 Certification (in computer security) certification (in computer security)08.01.18
GB/T 5271. 8—2001
The process by which a third party provides assurance that all or part of a data processing system complies with security requirements. 08. 01. 195
Security clearance; clearance authorizes an individual to access "data or information at or below a specific security level." 08.01.20
Security level security level
A combination of a layered security level and a security category that represents the sensitivity of an object or the security clearance of an individual. 08.071.21 Closed-security environment closed-security environment An environment in which special emphasis is placed (through authorizations, security permissions, configuration controls, etc.) on protecting data and resources from accidental or malicious actions. 08. 01.22
Open-security environment open-security environment An environment in which protection of data and resources from accidental or malicious actions is obtained through ordinary operating procedures.
08.01.23F
Privacy
Protection against intrusion into an individual's private life or affairs through improper or unlawful collection and use of personal data. 08.01.241
Risk analysis
Risk assessment
A systematic approach to identifying the assets of a data processing system, the threats to those assets, and the vulnerability of the system to those threats.
08. 01. 25Risk acceptance-A management decision, usually based on technical or cost factors, to accept a certain level of risk. 08.01.26 Sensitivity
A measure of the importance assigned to information by the information owner to indicate the need for protection of that information. system integrity
08. 01. 27
The quality of a data processing system that can perform its operating purpose while preventing unauthorized users from modifying or using resources and preventing authorized users from modifying or using resources improperly. 08. 01.28threat analysisthreat analysisThe examination of actions and events that could harm a data processing system. 08.01.29trusted computer systemtrusted computer systema data processing system that provides adequate computer security by allowing users with different access rights to concurrently access data and to access data with different security levels and categories.08.01.30subject (in computer security)subject (in computer security)An active entity that can access an object.
Example: A process involved in the execution of a program.
Note: A subject can cause information to flow between objects or can change the state of a data processing system. 08.01.31
object (in computer security)object (in computer security)An entity to which access is controlled. Examples: files, programs, main memory areas; personal data collected and maintained. 08.02 Information classification
08.02.01 Security classification; security level security classification determines a certain degree of protection against access to data or information, and gives a name to the degree of protection. Examples: "top secret", "confidential", "secret". 08.02. 02 Sensitive information sensitive information is information that must be protected as determined by an authority because the disclosure, modification, destruction or loss of the information will cause foreseeable damage to people or things.
08.02.03 security category security category GB/T 5271.8—2001
A non-hierarchical grouping of sensitive information that allows for more granular control of access to data than using hierarchical security levels.
compartmentalization
The division of data into isolated blocks with independent security controls to reduce risk. Example: Dividing data associated with a main project into blocks corresponding to subprojects, each with its own security protection, reduces the possibility of exposing the entire project. 08.02.05 multilevel device A functional unit that can process data at two or more security levels simultaneously without compromising the security of the computer. 08.02.06 single-level device A functional unit that can process data at only one security level at a time. 08.03 Cryptography
08.03.01 Cryptography
cryptography
A discipline that encompasses the principles, means, and methods of transforming data in order to hide its semantic content and prevent unauthorized use or undetected modification.
Encryptionencryption;encipherment08.03.022
Cryptographic transformation of data.
1 The result of encryption is ciphertext.
2 The reverse process is called decryption.
3 See also public key cryptography, symmetric cryptography and irreversible encryption. 08. 03. 03 irreversible encryption;irreversible enciphermentone-way encryption
A type of encryption that only produces ciphertext and cannot regenerate the ciphertext into the original data. Note: Irreversible encryption is used for authentication. For example, a password can be irreversibly encrypted and the resulting ciphertext stored. A password presented later will also be irreversibly encrypted and the two ciphertexts will then be compared. If they are the same, the password presented later is correct. 08. 03. 04 decryptiondecryption;deciphermentThe process of obtaining the corresponding original data from a ciphertext. Note: Ciphertext may be re-encrypted, in which case a single decryption will not produce the original plaintext. 08.03.05 cryptographic system; ciphersystem; cryptosystem - the files, components, devices and related techniques used together to provide a means of encryption or decryption. 08.03.06 cryptanalysis 08.03.07
analysis of a cryptographic system, its input or output, or both, to derive sensitive information, such as plaintext. plaintext; cleartext
data whose semantic content can be derived without the use of cryptographic techniques. 08.03.08 ciphertext
data produced by encryption whose semantic content cannot be derived without the use of cryptographic techniques. 08.03.09
9 key (in computer security) key (in computer security) a string of bits that controls an encryption or decryption operation.
) private key; privatekey privatekey
a key that is used exclusively by its owner for decryption.
Public key; public key publickey
A key that any entity can use to communicate encrypted with the owner of the corresponding private key. 220
GB/T 5271. 8--2001
08.03.72 Public-key cryptography asymmetric cryptography cryptography that uses a public key and a corresponding private key for encryption and decryption. Note: If the public key is used for encryption, the corresponding private key must be used for decryption, and vice versa. 08.03.13 Symmetric cryptography cryptography that uses the same key for both encryption and decryption. 08.03.14 Secret key secret key
A key used by a limited number of communicators for encryption and decryption. 08. 03. 15 transposition A method of encryption that rearranges bits or characters according to a certain scheme. Note: The resulting ciphertext is called a transposition cipher. 5 substitution
08. 03.16
A cryptographic method in which some bit or character string is replaced by some other bit or character string. Note: The resulting ciphertext is called a substitution cipher.
08.04 access control
08.04.01 access control
access control
A means of ensuring that the resources of a data processing system are accessed only by authorized entities and in an authorized manner. 08. 04. 02 access control listaccess list
A list of entities that have access rights and are authorized to access a resource. 08.04.03 access category
access category
A category assigned to an entity based on the resources it is authorized to use. 08.04.04 access levelaccess levelThe level of authority required by an entity to access a protected resource. Example: Authorizing access to data or information at a certain security level. 08.04.05
Access right
Allows a subject to access an object for a certain type of operation. Example: allows a process to have read rights to a file, but not write rights. 08.04.06 Access permission The total access rights of a subject to an object. 08.04.07
08. 04.08
Access period
Specifies the period during which an access right is valid.
Access type (in computer security) The type of operation specified by the access right.
Examples: read, write, execute, add, modify, delete, and create. 08.04.09 Ticket (in computer security) The representation of one or more access rights that an access right holder has over a subject. Note: A label represents an access permission.
Capability (in computer security)
capability (in computer security) security) identifies an object, a class of objects, or a set of authorized access types for these objects. Note: Qualification can be implemented in the form of a certificate. Qualification (column) table capability list
08. 04. 11
A list related to a subject, which identifies all the types of access that the subject has to all objects. 221
GB/T 5271. 8-2001
Example: A list related to a process, identifying all the types of access that the process has to all files and other protected resources. 08.04. 12
Identity authentication; identity confirmation yalidationThe process of conducting a test that enables a data processing system to identify an entity. Example: verifying a password or identity token. 08.04.13Identity tokenAn object used for identification.
Examples: smart card, metal key.
08.04.14PasswordpasswordA string of characters used as identification information.
08.04. 15
Minimum privilegeminimum privilegeThe access rights of a subject are restricted to the minimum, that is, only those rights necessary to perform authorized tasks. 08.04.16
need-to-know
The legal requirement of the intended recipient of data to know, access, or possess the sensitive information represented by the data. 08.04.17 Logical access control logical access control uses mechanisms associated with data or information to provide access control. Example: use of passwords.
Physical access control physical access control uses physical mechanisms to provide access control.
Example: keeping computers in a locked room. 08.04. 19
Controlled access system
controlled access system
CAS(abbreviation) CAS(abbreviation) A method of automating physical access control. Example: using magnetic stripe cards, smart cards, biometric readers, etc. 08. 04.20 read access an access right that allows data to be read. write access write access an access right that allows data to be written.
note: write access can allow data to be added, modified, deleted, or created. 08.04.22 user identification userID; user identification a string of characters or patterns used by a data processing system to identify a user. 08. 04. 23 user profile (1) user profile (1) a description of a user, generally used for access control. note: a user profile includes such data as user ID, user name, password, access rights, and other attributes. 08.04.24 user profile (2) user profile (2) a pattern of user activity that can be used to detect changes in activity. 08.05 security breach
08.05.01 computer abuse
computer abuse
Intentional or unintentional unauthorized activity that affects or involves the computer security of a data processing system. 08.05.02
Computer crime
Crimes committed with the aid of or direct intervention in a data processing system or computer network. Note: This definition is an improvement on the definition in GB/T5271.1—2000. 08. 05. 03 Computer fraudcomputer fraud222
GB/T 5271. 8—2001
Fraud committed with the aid of or direct intervention in a data processing system or computer network. 08. 05.04 Threatthreat
A potential violation of computer security.
Note: See Figure 1.
5 Active threat
08. 05. 05
Threat caused by intentional, unauthorized changes to the state of a data processing system. Example: This threat would result in malicious modification, insertion of forged messages, impersonation of services, or denial of service. 08. 05. 06
Passive threat
Threat caused by the disclosure of information but not the change of the state of a data processing system. Example: This threat would result in the disclosure of sensitive information by interception of transmitted data. 08. 05. 07
Flaw (in computer security)Flaw (in computer security)A mistake, omission, or oversight that allows a protection mechanism to be circumvented or rendered ineffective. 08. 05. 08VulnerabilityA weakness or flaw in a data processing system. Notes
1If a vulnerability corresponds to a threat, there is a risk. 2See Figure 1.
08.05.09Risk
The possibility that a specific threat can exploit a specific vulnerability in a data processing system. Note: See Figure 1.
08.05.10 Denial of service Denial of authorized access to a resource or delay of critical operations. 08.05.11 Compromise
Breakage of computer security resulting in the modification, destruction or use of programs or data by unauthorized entities. Note: See Figure 1.
Quantitative measure of the damage or loss caused by a compromise. Note: See Figure 1.
3 Exposure
08. 05. 13
The possibility that a specific attack exploits a specific vulnerability of a data processing system. Note: See Figure 1.
Emission Signals radiated unintentionally that, if eavesdropped or analyzed, could reveal sensitive information being processed or transmitted. disclosure
08. 05. 15
A violation of computer security that allows data to be used by an unauthorized entity. 08.05.16
Penetration
Unauthorized access to a data processing system. Note: See Figure 1.
Breach
A component of computer security that is circumvented or rendered inoperative, with or without detection, which may result in a breach of a data processing system.
Note: See Figure 1.
08.05.18Network weavingAn intrusion technique that uses a different communications network to access a data processing system in order to avoid detection and retrieval. 223
08.05.19Attack
An attempt to violate computer security.
Examples: malicious logic, eavesdropping, etc.
Note: See Figure 1.
08.05.203
Analytical Attackanalytical Atack
GB/T 5271.8—2001
cryptanalytical attackcryptanalytical attackAn attempt to decrypt a code or find a key using analytical methods. Example: Statistical analysis of patterns; search for loopholes in encryption algorithms. Note: Contrast with exhaustive attack.
Ciphertext-only attackciphertext-only attackAn analytical attack in which the cryptanalyst has only the ciphertext.08.05.22
2Known-plaintext attackknown-plaintext attack-An analytical attack in which the cryptanalyst has a considerable number of corresponding plaintexts and ciphertexts.08. 05.23
Chosen-plaintext attackchosen-plaintext attack-An analytical attack in which the cryptanalyst can choose an unlimited number of plaintexts and check the corresponding ciphertexts. exhaustive attack; brute-force attack An attempt to violate computer security by trying possible values ​​for a password or key. Note: Contrast with analytical attack.
08.05.25 eavesdrop
The unauthorized interception of a radiated signal that carries information. 08.05.26 wiretapping Surreptitiously accessing a portion of a data circuit to obtain, modify, or insert data. 08. 05. 27
active wiretapping A type of wiretapping whose purpose is to modify or insert data. 08. 05. 28
passive wiretapping A type of wiretapping whose purpose is limited to obtaining data. 08.05.29
masquerade
An entity pretending to be another entity in order to gain unauthorized access. piggyback entry
Unauthorized access to a data processing system through a legitimate connection by an authorized user. to tailgate
Unauthorized physical access gained by following an authorized person through a controlled door. 08.05.32
to scavenge
Unauthorized search through residual data to obtain sensitive information. 08.05.33
to spoof
Action taken to deceive a user, observer (such as a snooper), or resource. aborted connection
Disconnection caused by failure to follow established procedures. Note: Aborting a connection can allow another entity to gain unauthorized access. 08.05.35 failure access failure access Unauthorized and usually inadvertent access to data in a data processing system due to hardware or software* failure. 08.05.36 between-the-lines entry Access to a temporary passive transmission channel connected to a legitimate user's resources by active line eavesdropping by an unauthorized user 224
trapdoor
GB/T 5271. 8-—2001
A hidden software or hardware mechanism that circumvents computer security, usually for testing or troubleshooting. 08. 05. 38
maintenance traphook
A trap in software that helps maintain and develop additional functionality and that allows entry into a program at unusual times or without regular inspection.
08.05.39 aggregation
The collection of sensitive information by collecting less sensitive information and correlating it with each other. 08.05.40 linkage (in computer security) fusion
The purposeful combination of data or information from two different data processing systems to derive protected information. 08. 05. 41 traffic analysis the inference of information by observing traffic. Example: analysis of the presence, absence, amount, direction, and frequency of traffic. 08.05.42
data corruption corruption
Accidental or deliberate violation of data integrity. bzxz.net
08.05.43 Flooding
Denial of service due to the accidental or deliberate insertion of large amounts of data. 08.05.44 Contamination
The introduction of data of one security level or security category into data of a lower security level or security category. 08.05.45 Covert channel A transmission channel that can be used to transmit "data" in a manner that violates security policy. 08.05.46 Malicious logic Program implemented in hardware, firmware, or software whose purpose is to perform unauthorized or harmful actions. Examples: logic bombs, Trojan horses, viruses, worms, etc. 08. 05.47
A program that propagates itself by modifying other programs so that they contain a copy of the original program that may have been modified. When the infected program is called, the program is executed. NOTE: A virus often causes some kind of loss or distress and can be triggered by an event, such as the occurrence of a predetermined date. 08.05.48 worm
A stand-alone program that spreads itself through a data processing system or computer network. NOTE: A worm is often designed to fill up available resources, such as storage space or processing time. 08.05.49 trojan horseA seemingly harmless program that contains malicious logic that results in the unauthorized collection, falsification, or destruction of data. 08.05.50 bacteria
chain letter
A program that spreads itself by electronic mail to everyone on a distribution list for each recipient. 08.05.51 logic bomb
A malicious logic program that, when triggered by a specific system condition, causes damage to a data processing system. 08.05.52 time bomb
A logic bomb that is activated at a predetermined time. 08.06 Protection of sensitive information
08.06.01 Verification
verification
Tip: This standard content only shows part of the intercepted content of the complete standard. If you need the complete standard, please go to the top to download the complete standard document for free.