G巳 ICS 35.040 L 80 中华人民共和国国家标准 GB/T 25070一2019 代替 GB/T 25070— 2010 信息安全技术 网络安全等级保护安全设计技术要求 In formation security technology— Technical requirements of security design for classified protection of cybersecurity 2019-05-10发布 2019-12-01实施 国 家市场监督管 理总局 中国国家标准化管理委员会 发 布 GB/T 25070—2019 目 U 次 ························································································································ ill 月、．、 舌 弓 I 言 ．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．．． 八「 1 范围 ...... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 1 2 规范性弓！用文件 ...................................................................................................... 1 3 术 语和定义 ...... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 1 4 缩略语 .................................................................................................................. 3 5 网络安全等级保护安全技术设计概述 ........................................................................... 4 5.1 5.2 通用等级保护安全技术设计框架 ··········································································· 4 云计算等级保护安全技术设计框架 ........................................................................ 4 5.3 移动互联等级保护安全技术设计框架 ..................................................................... 5 5.5 工业控制等级保护安全技术设计框架 ..................................................................... 7 5.4 6 物联网等级保护安全技术设计框架 ........................................................................ 6 第一级系统安全保护环境设计 .................................................................................... 8 6.1 设计目标 ......................................................................................................... 8 6.3 设计技术要求 ................................................................................................... 9 6.2 7 设计策略 ....................................... ··········••.•··................................................... 8 第二级系统安全保护环境设计.................................................................................... 11 7.1 设计目标......................................................................................................... 11 7.3 设计技术要求................................................................................................... 12 7.2 8 设计策略...... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 11 第三级系统安全保护环境设计.................................................................................... 16 8.1 设计目标......................................................................................................... 16 8.3 设计技术要求................................................................................................... 17 8.2 9 设计策略......................................................................................................... 17 第四级系统安全保护环境设计.................................................................................... 25 9.1 设计目标......................................................................................................... 25 9.3 设计技术要求................................................................................................... 25 9.2 设计策略......................................................................................................... 25 10 第五级系统安全保护环境设计 .......................................... ······................................. 34 11 定级系统互联设计 ................................................................................................ 34 11.1 11.2 11.3 设计目标 ...................................................................................................... 34 设计策略 ...................................................................................................... 34 设计技术要求 .......................................... ······................................................ 35 附录 A (资料性附录） 访问控制机制设计 ........................................................................ 36 I GB/T 25070一2019 附录B (资料性附录） 第三级系统安全保护环境设计示例……………………………………………38 附录C (资料性附录） 大数据设计技术要求......…... …......... …... …......... …......... ……......... 42 参考文献 ........................... ·········......................................................................