付费计量系统通用功能(13)

11.17 Class 17: Security function

Capability of maintaining the integrity of data elements, functions and processes.

数据单元、功能和过程的可靠性

Maintains the integrity of the system.系统的可靠

Some examples of security function attributes are given in Table 7 below.

Table 7 -- Examples of security function attributes 安全功能属性举例

Identification识别

Method of uniquely identifying an entity within the system (log-on name, account number, meter number, card number, record identifier, batch number, receipt number, personal ID number, street name and number, bank name and branch code, token identifier, etc.)

在系统中唯一识别实体的方法(登陆名、帐号、表号、卡号、记录标识符、BATCH号、收据号、个人身份证号、街道名称门牌号、银行号和支行代码、TOKEN标识符)。

Authentication鉴定

Method of determining that the sender of a given piece of information is who it claims to be or represent (password, message authentication code, signature, biometric, private and public cryptographic keys)

决定由谁给出信息的方法(密码、信息权限代码、信号、个人和公共秘钥)

Integrity可靠性

Method of determining that a given piece of information is true to the original (Cyclic_Redundancy_Code, parity check, etc.) Non-repudiation Method of ensuring that the sender of a given piece of information cannot deny having sent it (RSA signature, message sequencing)

决定发出的信息可靠的方法(循环冗余编码、奇偶校验等)。信息的发送者不能否认有信息送

出(RSA签字)

Confidentiality机密

Rendering a private message unintelligible to an unauthorized reader (using encryption like DES, AES, RSA, proprietary algorithms, etc.)

使非权限的读者不能理解相关的秘密信息(使用加密技术如DES、AES、RSA、四则运算)

Authorization权限

Giving approval to perform defined actions within the system (user registration, access rights assignment, free token issues, transaction reversals, access rights to records (read, write, modify), etc.)

批准在系统中执行规定的动作使用者注册、处理权限分配、发行TOKEN、交易撤消、记录的处理权读、写、更改等。

Verification检查

Checking that a claimed activity had taken place or that a reported status is true (calibration accuracy, meter audit, cash register reconciliation, bank statement reconciliation, etc.)

检查某一动作发生或报告状态是正确的校准精度、表计检查、收银机、银行结算等。

Certification证明

Giving legal and traceable standing to the results of a verification process (metrology type certification, safety, code of practice, etc.)

对检查的过程的结果给出合法的可追溯的证明(校准证明、安全、操作码等)

Validation确认

Making new information valid (token generation, etc.)

使新的信息有效化(生成TOKEN等)

Cancellation取消

Making currently valid information permanently invalid (token acceptance in meter, returned

tokens, etc.)

使现在有效的信息形成永久的无效的(表计接收TOKEN,返回TOKEN等)

Expiration期满

Making information valid for a given period of time only (cryptographic key expiry, tariff expiry, password expiry, vendor credit expiry, etc.)

给有效的信息一个时间期限(密钥到期、费率到期、密码到期、买方CREDIT到期等)

Registration注册

Keeping a register of assigned security attributes of entities within the system (public cryptographic key registry, user registration)

系统中对实体安全属性的注册(公共密钥注册、用户注册)

Rights-assignment权限分配

Trusted responsibility for administering the assignment of security rights to other entities within the system (usually performed by the highest trusted officer in the user hierarchy)

对系统中其他实体的安全权利的分配(通常是用户层次中最高层管理者执行)

Supervision管理

A level of trust and authorized security rights to monitor and control activities of other entities within the system (for example: the person in charge of one or more cashiers and who might also do the banking)

授权对系统中其他实体的监视和控制(例如管理一个或多个出纳的人也可以做BANKING)

Sealing铅封

Limiting physical access to sensitive parts within the system in such a way that renders such intrusion obvious and detectable (meter terminal seals, physical protection of secure module for storage of crypto keys, a marked seal may also be the indicator of a certification)

从物理角度限制触及系统中敏感器件,如果发生,就可以察觉和检测出来(表计端子铅封,用于储存密钥的物理保护安全模块、可以指示的被标志了的铅封)

Detection探测

Reporting of the fact when a security attribute of the system has been breached

(broken meter seals, deviations in purchase pattern analysis, energy balancing)

当系统的安全属性被破坏时破坏表计铅封、破坏购买流程、或电量平衡),要输出报告

Prosecution检举

Law enforcement processes applied to a perpetrator as a consequence of committing

fraud or breaching unauthorized security attributes of the system

因为欺骗或破坏系统的安全属性使用法律惩罚犯罪者

相关推荐
m0_7482552622 分钟前
前端安全——敏感信息泄露
前端·安全
网络安全Jack23 分钟前
什么是网络安全等级保护?
网络·安全·web安全
Dovir多多1 小时前
Python数据处理——re库与pydantic的使用总结与实战,处理采集到的思科ASA防火墙设备信息
网络·python·计算机网络·安全·网络安全·数据分析
SRExianxian2 小时前
kubernetes存储架构之PV controller源码解读
容器·架构·kubernetes
XianxinMao2 小时前
Transformer 架构对比:Dense、MoE 与 Hybrid-MoE 的优劣分析
深度学习·架构·transformer
VVVVWeiYee2 小时前
项目2路由交换
运维·服务器·网络·网络协议·信息与通信
Clockwiseee3 小时前
RCE常见姿势
安全·web安全·网络安全
denglei.3 小时前
在Nginx部署Web应用,如何保障后端API的安全
nginx·安全
小伍_Five4 小时前
透视网络世界:计算机网络习题的深度解析与总结【前3章】
服务器·网络·计算机网络
Light604 小时前
云途领航:现代应用架构助力企业转型新篇
微服务·架构·saas·paas·iaas·ipaas·apaas