GB/T 44977-2024 卫星导航定位基准站网终端定位服务安全技术规范

ICS07.040

CCSA76

中华人民共和国国家标准

GB/T44977—2024

卫星导航定位基准站网终端定位服务

安全技术规范

Specificationforsecurityofpositioningserviceterminalofreferencestations

usingglobalnavigationsatellitesystem

2024⁃11⁃28发布2025⁃06⁃01实施

国家市场监督管理总局

国家标准化管理委员会发布

GB/T44977—2024

目次

前言··························································································································Ⅲ

1范围·······················································································································1

2规范性引用文件········································································································1

3术语和定义··············································································································1

4缩略语····················································································································3

5基本原则·················································································································3

6总体框架·················································································································4

6.1安全防护技术·····································································································4

6.2安全防护架构·····································································································4

6.3安全防护流程·····································································································4

7服务信息和终端信息··································································································4

7.1服务信息···········································································································4

7.2终端信息···········································································································5

8数据传输安全通道建立·······························································································6

8.1基本要求···········································································································6

8.2证实方法···········································································································6

9终端接入认证···········································································································6

9.1基本原则···········································································································6

9.2终端身份认证·····································································································6

9.3终端服务认证·····································································································7

10数据加密和解密······································································································7

10.1基本原则··········································································································7

10.2服务信息加密与解密···························································································7

10.3终端信息加密与解密···························································································7

11运维管理···············································································································8

11.1管理制度··········································································································8

11.2人员管理··········································································································8

11.3运行管理··········································································································8

11.4应急处置··········································································································8

12终端测试···············································································································9

12.1定位服务测试····································································································9

12.2安全测试··········································································································9

12.3测试报告··········································································································9

Ⅰ

GB/T44977—2024

附录A（资料性）数据传输安全通道状态检测记录表··························································10

附录B（资料性）运维管理记录表··················································································11

附录C（资料性）定位服务测试记录表············································································12

附录D（资料性）网络和通信安全测试记录表···································································13

附录E（资料性）应用和数据安全测试记录表···································································14

参考文献····················································································································15

Ⅱ

GB/T44977—2024

前言

本文件按照GB/T1.1—2020《标准化工作导则第1部分：标准化文件的结构和起草规则》的规

定起草。

请注意本文件的某些内容可能涉及专利。本文件的发布机构不承担识别专利的责任。

本文件由中华人民共和国自然资源部提出。

本文件由全国地理信息标准化技术委员会（SAC/TC230）归口。

本文件起草单位：国家基础地理信息中心、江苏省测绘工程院、广西壮族自治区自然资源信息中

心、山西省测绘地理信息院、湖南省测绘科技研究所、辽宁省自然资源事务服务中心、辽宁省自然资源

厅、北京市测绘设计研究院。

本文件主要起草人：武军郦、王孝青、王勇、敖敏思、毕刚、朱照荣、陈香萍、罗力、陈明、曾艳艳、

张庆兰、舒鹏、姚茂华、王开锋、马勇、杨翼飞、陈春花、王峰。

Ⅲ

GB/T44977—2024

卫星导航定位基准站网终端定位服务

安全技术规范

1范围

本文件规定了卫星导航定位基准站网终端安全定位服务的基本原则、总体框架、服务信息和终端

信息、数据传输安全通道建立、终端接入认证、数据加密和解密、运维管理和终端测试等内容。

本文件适用于卫星导航定位基准站网终端研制、系统运维及服务应用等。

2规范性引用文件

下列文件中的内容通过文中的规范性引用而构成本文件必不可少的条款。其中，注日期的引用文

件，仅该日期对应的版本适用于本文件；不注日期的引用文件，其最新版本（包括所有的修改单）适用于

本文件。

GB/T28588全球导航卫星系统连续运行基准站网技术规范

GB/T35767卫星导航定位基准站网基本产品规范

GB/T35769卫星导航定位基准站网服务规范

GB/T39615卫星导航定位基准站网测试技术规范

GB/T39618卫星导航定位基准站网运行维护技术规范

GB/T39786信息安全技术信息系统密码应用基本要求

GM/T0022IPSecVPN技术规范

GM/T0024SSLVPN技术规范

GM/T0028密码模块安全技术要求

3术语和定义

下列术语和定义适用于本文件。

3.1

卫星导航定位基准站globalnavigationsatellitesystemreferencestation;GNSSreferencestation

对卫星导航信号进行长期连续观测，获得观测数据，并由通信设施将观测数据实时或定时传送至

数据中心的地面固定观测站。

[来源：GB/T39611—2020，2.1]

3.2

卫星导航定位基准站网GNSSreferencestationnetwork

由若干卫星导航定位基准站、数据中心及数据通信网络组成，用于提供数据、定位、导航、授时、位

置、气象、地震等服务的系统。

[来源：GB/T39611—2020，2.2]

3.3

数据中心datacenter

由服务器、网络设备、专业软件系统以及机房等构成，具备数据管理、数据处理分析及产品服务等

1

GB/T44977—2024

功能，用于汇集、存储、处理、分析和分发基准站数据，形成产品和开展服务。

[来源：GB/T39611—2020，3.1.3]

3.4

终端terminal

用于接入卫星导航定位基准站网实时服务的移动设备或定位模块。

3.5

业务软件professionalsoftware

部署在终端设备上，用于用户初始位置传输和高精度实时定位的模块。

3.6

安全模块securitymodule

实现密码运算、密钥管理等安全功能的软件、硬件、固件及其组合等。

[来源：GM/Z0001—2013，2.53，有修改]

3.7

密码管理系统cryptographicmanagementsystem

基于密码算法、密码协议、密码设备及相关技术，实现数据中心密码功能（如加密传输、加密存储、

鉴别认证、密钥管理等）的系统。

[来源：GM/Z0001—2013，2.56，有修改]

3.8

服务管理系统servicemanagementsystem

满足卫星导航定位基准站网运行、维护、管理和服务需求的系统，以实现对系统功能、服务信息、终

端信息和服务过程的管理。

[来源：GB/T35768—2017，3.2，有修改]

3.9

完整性dataintegrity

保证数据不会遭受以非授权方式所做的篡改或破坏的性质。

[来源：GM/Z0001—2013，2.109，有修改]

3.10

数据安全通道securitytunnels

在数据中心与终端之间的数据通信网络基础上，采用传输层安全协议建立的可为数据交换、数据

传输