DB43/T 1840-2020 区块链网络安全技术测评标准

ICS35.240

L70

DB43

湖南省地方标准

DB43/T1840—2020

信息安全技术

区块链网络安全技术测评要求

Informationsecuritytechnology-Evaluationrequirements

forblockchainnetworksecuritytechnology

2020-09-30发布2020-12-30实施

湖南省市场监督管理局发布

DB43/T1840—2020

目次

前言························································································································································Ⅲ

1范围····················································································································································1

2规范性引用文件·································································································································1

3术语和定义········································································································································1

4等级测评概述·····································································································································2

4.1等级测评方法·····························································································································2

4.2单项测评·····································································································································2

5第一级测评要求·································································································································2

5.1物理网络测评要求·····················································································································2

5.2组网机制测评要求·····················································································································3

5.3数据传播机制测评要求··············································································································4

5.4数据验证机制测评要求··············································································································4

5.5网络路由机制测评要求··············································································································5

5.6跨链通信测评要求·····················································································································5

6第二级测评要求·································································································································6

6.1物理网络测评要求·····················································································································6

6.2组网机制测评要求·····················································································································7

6.3数据传播机制测评要求··············································································································8

6.4数据验证机制测评要求··············································································································9

6.5网络路由机制测评要求··············································································································9

6.6跨链通信测评要求···················································································································10

7第三级测评要求·······························································································································11

7.1物理网络测评要求···················································································································11

7.2组网机制测评要求···················································································································12

7.3数据传播机制测评要求············································································································13

7.4数据验证机制测评要求············································································································14

7.5网络路由机制测评要求············································································································14

7.6跨链通信测评要求···················································································································15

8第四级测评要求·······························································································································16

8.1物理网络测评要求···················································································································16

8.2组网机制测评要求···················································································································17

8.3数据传播机制测评要求············································································································18

8.4数据验证机制测评要求············································································································19

I

DB43/T1840—2020

8.5网络路由机制测评要求············································································································20

8.6跨链通信测评要求···················································································································20

9测评结论··········································································································································21

9.1风险分析和评价·······················································································································21

9.2等级测评结论···························································································································21

参考文献················································································································································22

II

DB43/T1840—2020

前言

本文件按照GB/T1.1—2020给出的规则起草。

本文件由中共湖南省委网络安全和信息化委员会办公室提出。

本文件由湖南省区块链和分布式记账技术标准化技术委员会（筹）归口。

本文件起草单位：湖南链信安科技有限公司、湖南天河国云科技有限公司、湖南省东方区块链安全

技术检测中心、湖南省人民政府发展研究中心、湖南天河云链科技有限公司。

本文件主要起草人：聂璐璐、梁琪、陈昕、谭林、杨征、李财、梁亮、聂朗、尹海波、黄帅、汪武、

柳兴、郭慧、殷新文、丁雅琪、沈浪、张祥、宋姝、姜载乐、刘齐平、郑婷婷、胡钦、邹曼瑜等。

III

DB43/T1840—2020

IV

DB43/T1840—2020

信息安全技术区块链网络安全技术测评要求

1范围

本文件规定了区块链网络安全技术测评指标要求。包括第一级、第二级、第三级、第四级区块链网

络安全技术测评要求。

本文件适用于测评机构对区块链网络安全进行的测评工作，也适用于区块链技术开发者参考使用。

2规范性引用文件

下列文件中的内容通过文中的规范性引用而构成本文件必不可少的条款。其中，注日期的引用文件，仅

该日期对应的版本适用于本文件；不注日期的引用文件，其最新版本（包括所有的修改单）适用于本文件。

GB/T5271.18—2008信息技术词汇第18部分：分布式数据处理

GB/T25069—2010信息安全技术术语

GB/T31491—2015无线网络访问控制技术规范

GB/T22239—2019信息安全技术网络安全等级保护基本要求

3术语和定义

GB/T5271.18.2008、GB/T25069—2010界定的下列术语和定义适用于本文件。

3.1

对等网络peer-to-peernetwork

一种仅包含对控制和操作能力等效的节点的计算机网络。

[GB/T5271.18—2008]

3.2

通信链路communicationlink

网络中两个节点之间的物理通道称为通信链路。通信链路的传输介质主要有双绞线、光纤和微波等。

3.3

结构化网络structurednetwork

对网络拓扑结构有着较强组织要求，对等网络中节点的放置受控制，系统中每一个数据文件所放置

位置由特定协议决定，具有查询高效和精准的特点。

3.4

帧frame

网路中传递的数据包。

3.5

校验码checkcode

校验码通常是一组数字的最后一位，由前面的数字通过某种运算得出，用以检验该组数字的正确性。

3.6

跨链技术cross-chaincommunication

1

DB43/T1840—2020

跨链技术是一种将一条链上的数据或信息安全可信地转移到另一条链，并在另一条链上产生预期效

果的一种技术。

3.7

物理访问控制physicalaccesscontrol

使用物理机制实施访问控制。例如将计算机放在上锁的房间内。

[GB/T25069—2010]

4等级测评概述

4.1等级测评方法

等级测评实施的基本方法是针对特定的测评对象，采用相关的测评手段，遵从一定的测评规程，获

取需要的证据数据，给出是否达到特定级别安全保护能力的评判。

本标准中针对每一个要求项的测评就构成一个单项测评，针对某个要求项的所有具体测评内容构成

测评实施。单项测评中的每一个具体测评实施要求项（以下简称“测评要求项”）是与安全控制点下面

所包括的要求项（测评指标）相对应的。

本标准中每个级别测评要求都包括物理网络测评要求、组网机制测评要求、数据传播机制测评要求、

数据验证机制测评要求、网络路由机制测评要求和跨链通信测评要求六部分内容。

4.2单项测评

单项测评是针对各安全要求项的测评，支持测评结果的可重复性和可再现性。本标准中单项测评包

括测评指标、测评对象、测评实施和测评判定结果构成。

5第一级测评要求

5.1物理网络测评要求

5.1.1节点设备物理环境

该测评单元包括以下要求：

a）测评指标：节点设备的物理环境应具备安全防护措施。

b）测评对象：节点设备的物理环境。

c）测评实施包括以下内容：

1）对物理设备进行访问控制，机房出入是否安排专人值守或配置电子门禁系统；

2）是否具备防盗窃和破坏、防雷击和火灾等措施。

d）测评判定：如果以上测评实施内容均为肯定，则符合本测评单元指标要求，否则不符合或部分

符合本测评单元指标要求。

5.1.2节点运维管理

该测评单元包括以下要求：

a）测评指标：应保证节点设备存放环境的安全性。

b）测评对象：节点设备。

c）测评实施包括以下内容：

2

DB43/T1840—2020

1）是否指定专员对机房安全、卫生、供配电、温湿和消防等设施进行维护管理；

2）是否将介质存放在安全环境中，实行存储环境专人管理，并定期盘点介质的目录与存档。

d）测评判定：如果以上测评实施内容均为肯定，则符合本测评单元指标要求，否则不符合或部分

符合本测评单元指标要求。

5.1.3节点间通信链路

该测评单元包括以下要求：

a）测评指标：应保证网络节点间链路连接状态正常。

b）测评对象：网络节点。

c）测评实施包括以下内容：

1）源节点在委托要求的预置时间内是否能接收到目标节点转发的检测消息。

d）测评判定：如果以上测评实施内容为肯定，则符合本测评单元指标要求，否则不符合本测评单

元指标要求。

5.1.4区域边界

该测评单元包括以下要求：

a）测评指标：应保证区域边界的安全性。

b）测评对象：访问控制策略。

c）测评实施包括以下内容：

1）是否提供受控的接口进行通信。

d）测评判定：如果以上测评实施内容为肯定，则符合本测评单元指标要求，否则不符合本测评单

元指标要求。

5.2组网机制测评要求

5.2.1组网扩展性

该测评单元包括以下要求：