GB/T 21079.1-2011
Banking.Secure cryptographic devices (retail).Part 1: Concepts, requirements and evaluation methods (English Version)

GB/T 21079.1-2011
Standard No.
GB/T 21079.1-2011
Language
Chinese, Available in English version
Release Date
2011
Published By
General Administration of Quality Supervision, Inspection and Quarantine of the People‘s Republic of China
Status
 2022-12
Replace By
GB/T 21079.1-2022
Latest
GB/T 21079.1-2022
Replace
GB/T 21079.1-2007
Scope
This part of GB/T 21079 is based on the cryptographic methods defined in ISO 9564, ISO 16609 and ISO 11568, and specifies the requirements for secure cryptographic devices (hereinafter referred to as SCD). This part has the following two main purposes: a) to specify the operational requirements of SCD and its management requirements throughout the life cycle; b) to standardize the compliance check method of the above requirements. The SCD should have appropriate equipment characteristics and proper equipment management. The former ensures the operational performance of the SCD and provides sufficient protection for its internal data; the latter ensures the legality of the SCD, that is, the SCD will not be changed in an unauthorized way (such as installing "listening devices", etc.) and any sensitive data in it (such as encryption keys) will not be leaked or tampered with. Absolute security is practically unattainable. SCD security relies on a combination of proper management and secure cryptographic features at each stage of the life cycle. The hypervisor can reduce the probability of SCD security breaches through preventive measures, with the purpose of increasing the possibility of illegal access to sensitive or confidential data when the device itself cannot prevent or detect security attacks. Appendix A describes, in the form of informative information, the concepts applicable to SCD security levels mentioned in this section. This part does not involve the problems caused by SCD denial of service, nor does it involve the specific requirements of different SCDs in terms of equipment characteristics and management in financial retail business. See ISO 13491-2 for the content of this part. This section applies to the security management of security cryptographic devices in financial retail business.

GB/T 21079.1-2011 Referenced Document

  • ISO 11568-1 Banking - Key management (retail) - Part 1: Principles
  • ISO 11568-2:2005 Banking - Key management (retail) - Part 2: Symmetric ciphers, their key management and life cycle
  • ISO 11568-4 Banking - Key management (retail) - Part 4: Asymmetric cryptosystems - Key management and life cycle
  • ISO 13491-2 Financial services — Secure cryptographic devices (retail) — Part 2: Security compliance checklists for devices used in financial transactions*2023-01-11 Update

GB/T 21079.1-2011 history

  • 2022 GB/T 21079.1-2022 Financial services—Secure cryptographic devices(retail)—Part 1:Concepts, requirements and evaluation methods
  • 2011 GB/T 21079.1-2011 Banking.Secure cryptographic devices (retail).Part 1: Concepts, requirements and evaluation methods
  • 2007 GB/T 21079.1-2007 Banking- Secure cryptographic devices (retail) Part 1: Concepts, requirements and evaluation methods

GB/T 21079.1-2011 -All Parts

GB/T 21079.1-2022 Financial services—Secure cryptographic devices(retail)—Part 1:Concepts, requirements and evaluation methods GB/T 21079.2-2022 Financial services—Secure cryptographic devices (retail) —Part 2:Security comliance checklists for devices used in financial transactions


Copyright ©2007-2023 ANTPEDIA, All Rights Reserved