DB63/T 2020-2022 市场监管信息系统安全建设规范

ICS35.240.01

CCSL77

DB63

青海省地方标准

DB63/T2020—2022

市场监管信息系统安全建设规范

2022-03-10发布2022-04-10实施

青海省市场监督管理局发布

DB63/T2020—2022

目次

前言...............................................................................III

1范围..............................................................................1

2规范性引用文件....................................................................1

3术语和定义........................................................................1

3.1网络安全......................................................................1

3.2安全保护能力..................................................................1

3.3信息安全事态..................................................................1

3.4安全管理系统..................................................................1

3.5告警..........................................................................1

3.6定级系统......................................................................2

3.7信息系统......................................................................2

3.8系统管理员....................................................................2

3.9安全保密管理员................................................................2

3.10安全审计员...................................................................2

4物理环境安全建设..................................................................2

4.1物理位置选择..................................................................2

4.2物理访问控制..................................................................2

4.3防物理破坏措施................................................................2

4.4电力供应保障措施..............................................................3

4.5机房电磁防护..................................................................3

5通信网络安全建设..................................................................3

5.1网络架构安全..................................................................3

5.2通信传输安全..................................................................3

5.3可信验证......................................................................3

6系统安全建设......................................................................3

6.1边界防护......................................................................3

6.2访问控制......................................................................3

6.3入侵防范......................................................................4

6.4主机安全......................................................................4

6.5应用安全......................................................................4

6.6恶意代码和垃圾邮件............................................................4

6.7安全审计......................................................................4

7计算环境安全建设..................................................................4

7.1身份鉴别......................................................................5

I

DB63/T2020—2022

7.2访问权限控制..................................................................5

7.3漏洞防护......................................................................5

7.4病毒防范......................................................................5

7.5个人信息保护..................................................................5

8安全管理中心建设..................................................................5

8.1系统管理......................................................................5

8.2审计管理......................................................................5

8.3安全管理......................................................................5

8.4集中管理..................................................