The application guide of "General Requirements for the Safety of Information Technology Equipment1(GB 4943.1-2011)" compiled by the Working Group of Electronic Product Safety Standards of the Ministry of Industry and Information Technology and China Institute of Electronic Technology Standardization, based on the standard requirements, combined with CTL resolutions related to IECEE, from the aspects of electric shock danger, overheating.
The hazard principle, corresponding safety requirements and test methods are expounded respectively, and explained one by one. For the key components, the selection, requirements and testing methods are introduced one by one in independent chapters.
Extended data:
In order to achieve the goal of information security, the use of various information security technologies must abide by some basic principles.
1, minimization principle. Protected sensitive information can only be enjoyed within a certain range. The safety subjects who perform their duties and functions meet the work needs under the premise of laws and relevant safety policies.
Only appropriate access to information is granted, which is called the principle of minimization. Sensitive information. The right to know must be restricted, which is a restrictive opening on the premise of "meeting the needs of work". Minimization principle can be subdivided into need to know principle and need to cooperate principle.
2. The principle of separation of powers. In the information system, all rights should be properly divided, so that each authorized subject can only have some rights, so as to restrict and supervise each other and ensure the security of the information system. If the authority granted by the authorized subject is too large and there is no supervision and restriction, it implies the security risks of "abuse of power" and "keeping your mouth shut".
3, the principle of safety isolation. Isolation and control are the basic methods to realize information security, and isolation is the basis of control. A basic strategy of information security is to separate the subject and object of information, and realize the access of the subject to the object under the premise of controllability and security according to certain security strategies.
Baidu Encyclopedia-Information Technology Equipment Security Part 1 General Requirements Application Guide
Baidu encyclopedia-information security