Standard id | Standard | Clasification |
---|---|---|
TRM.SRV.001 | : Use Hypertext Transfer Protocol (HTTP) or Secured Hypertext Transfer Protocol (HTTPS) for access over Internet/ Intranet. | Mandatory |
TRM.SRV.002 | : Use Hypertext Markup Language (HTML). | Mandatory |
TRM.SRV.003 | : Use Extensible Hypertext Markup language (XHTML) as the markup language for creating web applications wherever possible. XHTML is a family of XML markup languages that mirror or extend versions of the existing widely used Hypertext Markup Language (HTML). The only essential difference between XHTML and HTML is that XHTML must be well formed XML while HTML does not impose strict XML compliance. |
Recommended |
TRM.SRV.004 | : Use Simple Mail Transfer Protocol (SMTP) as the standard protocol used for mail exchange amongst clients and servers. BCC has established the email systems for Government of Bangladesh officers and it is essential for all Government officers to leverage the infrastructure instead of using private email service providers considering information security. | Mandatory |
TRM.SRV.005 | : Use Hypertext Transfer Protocol Secure
(HTTPS) for transactions that need to be secured over the Internet.
Avoid use of transactional e-services unless these e-services are authenticated and encrypted. http://w3.org/TR/xhtm |
Mandatory |
TRM.SRV.006 | : Use Wireless Access Protocol (WAP) as the mobile Internet technology which allows mobile phone access to Internet sites. WAP is an open international standard for application layer network communications in a wireless communication environment. Its main use is to enable access to Mobile Web from a mobile phone or PDA. | Recommended |
TRM.SRV.007 | : Use Wireless Transport Layer Security (WTLS) for micro browsers. | Recommended |
TRM.SRV.008 | : Support latest versions of widely adopted browser(s) including Internet Explorer (IE) - version 6 Chrome FireFox Safari Opera etc. |
Mandatory |
TRM.SRV.009 | : The browser shall support security controls such as download Active Controls, Java permissions, cache deletion, disable cookies, HTTPS and SSL. | Recommended |
TRM.SRV.010 | : Provide multiple modes of accessing government services (e.g. kiosks and mobile phone). | Recommended |
TRM.SRV.011 | : Implement IVR system as an alternative to Browser for access to government services. | Recommended |
Standard id | Standard | Clasification |
---|---|---|
TRM.PLA.001 | : There is no technical standard for compliance. Use rack-optimised server for efficient space management. | N.A. |
TRM.PLA.002 | : Use High-end servers to support critical business operations. Use Low-end servers for simple non-critical business operations. | Recommended |
TRM.PLA.003 | : Support virtualisation technologies and allow multiple operating system instances concurrently on a single physical server. | Recommended |
TRM.PLA.004 | : Use portable computers where possible to enhance mobility and productivity. | Recommended |
TRM.PLA.005 | : Ensure operating system is certified and designed to run under the vendor hardware platform. Please refer to the enterprise licensing agreement for client operating system established by ITA for agencies. | Recommended |
TRM.PLA.006 | : Support fibre channel for concurrent communication among workstations, servers and other peripherals for Storage Area Network (SAN) and Direct Attached Storage (DAS). | Recommended |
TRM.PLA.007 | : Support Ethernet (IEEE 802.3) for NAS. | Recommended |
TRM.PLA.008 | : Support Common Internet File System (CIFS) for file sharing for NAS. | Recommended |
TRM.PLA.009 | : Support Network Data Management Protocol (NDMP) for controlling backup, recovery, and other transfers of data between primary and secondary storage for NAS. | Recommended |
TRM.PLA.010 | : Support Network File System (NFS) for distributed file system for NAS. | Recommended |
TRM.PLA.011 | : Support Internet Small Computer System Interface (iSCSI) to provide block-level access to remote devices for SAN. | Recommended |
TRM.PLA.012 | : Support Fibre Channel over TCP/IP (FCIP) for connecting remote FC SANs. | Recommended |
TRM.PLA.013 | : There is no technical standard for compliance. Please refer to Architecture Design Considerations or Best Practices for more information. | N.A. |
TRM.PLA.014 | : Support Directory Enabled Networking (DEN) to map service and policy to directory. | Recommended |
TRM.PLA.015 | : Support Desktop Management Interface (DMI) standards to collect information about a computer environment for desktop management. | Recommended |
TRM.PLA.016 | : Support Web-Based Enterprise Management (WBEM) to enable server management through web-enabled application. | Recommended |
TRM.PLA.017 | : Support Alert Standard Format (ASF) to define OS-absent alerting for preventive monitoring. | Recommended |
TRM.PLA.018 | : Support hardened operating system. | Recommended |
TRM.PLA.019 | : Support Trusted Platform Module (TPM) for authenticating mobile computing device. | Recommended |
TRM.PLA.020 | : Use SAN for enterprise storage solution. Please refer to Paragraph 4.6.4(a) for SAN solution guidance. | Recommended |
TRM.PLA.021 | : Implement enterprise-wide backup solution. Please refer to Paragraph 4.6.4(a) for backup solution guidance. | Recommended |
Standard id | Standard | Clasification |
---|---|---|
TRM.NW.001 | : Use TCP/IP as standard network protocol for all government agencies. | Mandatory |
TRM.NW.002 | : All devices in LAN and WAN infrastructure shall support IPv6 standards (128 bits for addressing). | Recommended |
TRM.NW.003 | : Support Open Shortest Path First (OSPF, OSPF2, Multi-path OSPF) for core switch. | Recommended |
TRM.NW.004 | : Support Internet Protocol Security (IPSec) for secure exchange packets at IP layer and IKE (Internet Key Exchange) for key exchange. | Recommended |
TRM.NW.005 | : Support Secure Sockets Layer (SSLv3) for mutual authentication between a client and server. | Recommended |
TRM.NW.006 | : Support SSH for secure remote login, secure file transfer and secure TCP/IP and X11 forwarding. | Recommended |
TRM.NW.007 | : Support IEEE 802.11i to enhance 802.11 Medium Access Control (MAC) for higher security and authentication mechanisms. | Recommended |
TRM.NW.008 | : Certified to Common Criteria EAL-4 (Evaluation Assurance Level) for firewall. | Recommended |
TRM.NW.009 | : Authenticate using two factor authentication methods such as Token or One-time Password (RFC 2289). | Recommended |
TRM.NW.010 | : Support Multi-Protocol Label Switching (MPLS). | Mandatory |
TRM.NW.011 | : Support H.320 for audio, video and graphical communications. | Recommended |
TRM.NW.012 | : Support any of the following: (a) IEEE 802.3u-100Base T (for Fast Ethernet over twisted pair cables) (b) IEEE 802.3u-100BaseFx (for fast Ethernet over optical fibre) (c) IEEE 802.3ab (1 Gbps over Cat5e/6 cabling system) (d) IEEE 802.3z (for Gigabit Ethernet over fibre and cable). |
Mandatory |
TRM.NW.013 | : Support Dynamic Host Configuration Protocol (DHCP) for dynamic IP addresses assignment to devices. | Mandatory |
TRM.NW.014 | : Support IEEE 802.1w (Rapid Spanning Tree Protocol) to provide rapid reconfiguration capability. | Recommended |
TRM.NW.015 | : Support IEEE 802.3ad for link aggregation for edge switch. | Recommended |
TRM.NW.016 | : Support IEEE 802.3x to define full duplex operation and flow control on 100Mbps Ethernet network for edge switch. | Recommended |
TRM.NW.017 | : Support Virtual Router Redundancy Protocol (VRRP) to eliminate the single point of failure inherent in the static default routed environment for core switch. | Recommended |
TRM.NW.018 | : Support Differentiated Service (DiffServ) to provide QoS to the traffic for core switch. | Recommended |
TRM.NW.019 | : Support IEEE 802.1q for Virtual LAN (VLAN). | Recommended |
TRM.NW.020 | : Support 1000Base-LH (Long Haul) to provide gigabit speed over distance between 70 and 100km. | Recommended |
TRM.NW.021 | : Support IEEE802.3af for edge switches supporting devices which require twisted pair cables (e.g. IP Phone Clients and wireless LAN access points). | Recommended |
TRM.NW.022 | : Support IEEE 802.3ae to support operating speed of 10Gbps Ethernet over fibre for core switch. | Recommended |
TRM.NW.023 | : Use Unshielded Twisted Pair (UTP) Category 6 for Structured Cabling System based on ANSI/TIA/EIA-568-B.2-1. | Recommended |
TRM.NW.024 | : Use fibre cables to interconnect network devices and backbone connections for Structured Cabling system as described by TIA/EIA 568. Multimode fibre is used for short distance transmissions with LED based fibre optic equipment. Single-mode fibre is used for long distance transmissions with laser diode based fibre optic transmission equipment. Physical layer standards for optical fibre are: (a) Support 1000Base-SX (short wavelength laser) to provide gigabit speed over maximum distance of 220m (for 62.5 micron multimode fibre) and 550m (for 50 micron multimode fibre). (b) Support 1000Base-LX (long wavelength laser) to provide gigabit speed over maximum distance of 550m (for 50 and 62.5 micron multimode fibre). upto five km single mode with 9 micron fibre |
Recommended |
TRM.NW.025 | : Use Commercial Building Telecommunications Cabling Standard 2001 based on ANSI/TIA/EIA 568-B. | Recommended |
TRM.NW.026 | : Use Generic Cabling for Customer Premises (International Standards) 2002 based on ISO/IEC 11801. | Recommended |
TRM.NW.027 | : Use Generic Cabling Systems (CENELEC Standards) 2002 based on EN 50173. | Recommended |
TRM.NW.028 | : Use Generic Universal Cabling Infrastructure with support voice and data applications based on ISO/IEC 11801, ISO/IEC 11801, 14763-1, 14763-2, 14763-3, IEC 61935-1, TIA/EIA 568-B, EN50173, TIA/EIA 606-A, IEC332-1 | Recommended |
TRM.NW.029 | : Use Commercial Building Standard for Telecommunications Pathways and Spaces 2004. | Recommended |
TRM.NW.030 | : Build and install cables based on ISO/IEC 18010 standards of Information Technology - Pathways and Spaces for Customer Premises Cabling. | Recommended |
TRM.NW.031 | : Test cables after installation based on TIA/ EIA-568-B and IEC 61935 standards. | Recommended |
TRM.NW.032 | : Support Class 1 or Class 3 (excluding Class 3B) laser for FSO. | Recommended |
TRM.NW.033 | : Implement WLAN that supports any of the following standards: (a) Wi-Fi Protected Access (WPA) (b) WPA2 (c) Advanced Encryption Standard (AES) (d) Mobile Virtual Private Networks (VPNs). |
Mandatory |
TRM.NW.034 | : Support IEEE 802.11a for 54 Mbps high speed wireless LAN and 5 GHz range. | Recommended |
TRM.NW.035 | : Support IEEE 802.11g for 54 Mbps high speed wireless LAN and 2.4 GHz range. | Recommended |
TRM.NW.036 | : Support IEEE 802.11n for 54 Mbps high speed wireless LAN up to 600 Mbps (with 2.4 GHz and 5 GHz range). | Recommended |
TRM.NW.037 | : Support H.323 for converting between voice and data transmission formats and for managing connections between telephony endpoint and Real-Time Transport Protocol (RTP). | Recommended |
TRM.NW.038 | : Support H.248 for controlling media gateways on Internet Protocol (IP) network and Public Switched Telephone Network (PSTN). | Recommended |
TRM.NW.039 | : Support RTP for end-to-end network transmission of real-time data, such as audio, video or simulation data, over multicast or unicast network services. | Recommended |
TRM.NW.040 | : Support Real Time Streaming Protocol (RTSP) for control over the delivery of data with real-time properties. | Recommended |
TRM.NW.041 | : Support H.263 for compression algorithm and optimization for lower data rates. | Recommended |
TRM.NW.042 | : Use Session Initiation Protocol (SIP) to manage IP telephony sessions. SIP is an application-layer control (signalling) protocol for creating, modifying, and terminating sessions with one or more participants. These sessions include Internet telephone calls, multimedia distribution, and multimedia conferences. | Recommended |
TRM.NW.043 | : Use Simple Network Management Protocol (SNMP) v2 and above as the main management protocol suite. | Recommended |
TRM.NW.044 | : Use IP Telephony where possible. | Recommended |
TRM.NW.045 | : Use video conferencing system for collaboration where possible. | Recommended |
TRM.NW.046 | : Use network management tools to manage LAN. | Recommended |
Standard id | Standard | Clasification |
---|---|---|
TRM.DC.001 | : Design data center in accordance to TIA 942 standards. | Recommended |
TRM.DC.002 | : Design data center with ample space for expansion to meet the growing demands. Locate the data center at a physically safe area. | Recommended |
TRM.DC.003 | : Implement 24/7 physical security monitoring through CCTV Surveillance Monitoring (e.g. Closed-circuit television (CCTV) /Automated Security Intrusion Alarm/Biometric/Motion Detector) with minimally an intrusion response exercise annually. | Recommended |
TRM.DC.004 | : Standardize use of 19-inch 42U racks which aids better cabling management and for cold/ hot air aisle efficiency. All racks should have perforated doors for front and back for front-in and back-out cross-air movement. | Mandatory |
TRM.DC.005 | : Install man-trap access to computer room as an additional barrier to prevent unauthorized access to the computer room. | Recommended |
TRM.DC.006 | : Conduct a risk assessment before building or implementing a data center. Implement appropriate controls to mitigate identified risks. | Mandatory |
TRM.DC.007 | : Separate the location of disaster recovery site from the primary data center. | Mandatory |
TRM.DC.008 | : Ensure smoke detection and fire suppression systems are in place and tested on periodic basis. | Mandatory |
TRM.DC.009 | : Design data center with ample space for growth. | Recommended |
TRM.DC.010 | : Locate the data center at a physically safe area. | Recommended |
TRM.DC.011 | : Use Fibre Optic Cable (FOC) for backbone cabling. | Recommended |
TRM.DC.012 | : Use Category 6 for horizontal cabling. | Recommended |
TRM.DC.013 | : Design and operate at minimum Tier II and where possible to have Tier III data center or higher. | Recommended |
TRM.DC.014 | : Carry out a detailed capacity requirements study for space, power and cooling. | Recommended |
TRM.DC.015 | : Implement “hot” and “cold” aisle setup for effective cooling. | Recommended |
Standard id | Standard | Clasification |
---|---|---|
TRM.CLO.001 | : RFC 5246 Secure Sockets Layer (SSL)/ Transport Layer Security (TLS) | Recommended |
TRM.CLO.002 | : RFC 3820: X.509 Public Key Infrastructure (PKI) Proxy Certificate Profile | Recommended |
TRM.CLO.003 | : RFC5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile | Recommended |
TRM.CLO.004 | : RFC 5849 OAuth (Open Authorization Protocol) | Recommended |
TRM.CLO.005 | : ISO/IEC 9594-8:2008 | X.509 Information technology -- Open Systems Interconnection -- The Directory: Publickey and attribute certificate frameworks | Recommended |
TRM.CLO.006 | : ISO/IEC 29115 | X.1254 Information technology - Security techniques -- Entity authentication assurance framework | Recommended |
TRM.CLO.007 | : OpenID Authentication | Recommended |
TRM.CLO.008 | : eXtensible Access Control Markup Language (XACML) | Recommended |
TRM.CLO.009 | : Security Assertion Markup Language (SAML) | Recommended |
TRM.CLO.010 | : RFC 5246 Secure Sockets Layer (SSL)/ Transport Layer Security (TLS) | Recommended |
TRM.CLO.011 | : Key Management Interoperability Protocol (KMIP) | Recommended |
TRM.CLO.012 | : XML Encryption Syntax and Processing | Recommended |
TRM.CLO.013 | : XML signature (XMLDSig) | Recommended |
TRM.CLO.014 | : Service Provisioning Markup Language (SPML) | Recommended |
TRM.CLO.015 | : Web Services Federation Language (WSFederation) Version 1.2 | Recommended |
TRM.CLO.016 | : WS-Trust 1.3 | Recommended |
TRM.CLO.017 | : Security Assertion Markup Language (SAML) | Recommended |
TRM.CLO.018 | : OpenID Authentication 1. | Recommended |
TRM.CLO.019 | : ISO/IEC WD 27035-1 Information technology -- Security techniques -- Information security incident management -- Part 1: Principles of incident management | Recommended |
TRM.CLO.020 | : ISO/IEC WD 27035-3 Information technology -- Security techniques -- Information security incident management -- Part 3: Guidelines for CSIRT operations | Recommended |
TRM.CLO.021 | : ISO/IEC WD 27039; Information technology -- Security techniques -- Selection, deployment and operations of intrusion detection systems | Recommended |
TRM.CLO.022 | : ISO/IEC 18180 Information technology - Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2 (NIST IR 7275) | Recommended |
TRM.CLO.023 | : X.1500 Cybersecurity information exchange techniques | Recommended |
TRM.CLO.024 | : X.1520: Common vulnerabilities and exposures | Recommended |
TRM.CLO.025 | : X.1521 Common Vulnerability Scoring System | Recommended |
TRM.CLO.026 | : PCI Data Security Standard | Recommended |
TRM.CLO.027 | : Cloud Controls Matrix Version 1.3 | Recommended |
TRM.CLO.028 | : ISO/IEC 27001:2005 Information Technology - Security Techniques Information Security Management Systems Requirements | Recommended |
TRM.CLO.029 | : ISO/IEC WD TS 27017 Information technology -- Security techniques -- Information security management - Guidelines on information security controls for the use of cloud computing services based on ISO/IEC 27002 | Recommended |
TRM.CLO.030 | : ISO/IEC 27018 Code of Practice for Data Protection Controls for Public Cloud Computing Services | Recommended |
TRM.CLO.031 | : ISO/IEC 1st WD 27036-4 Information technology - Security techniques - Information security for supplier relationships - Part 4: Guidelines for security of cloud services | Recommended |
TRM.CLO.032 | : ISO/IEC 27002 Code of practice for information security management | Recommended |
TRM.CLO.033 | : eXtensible Access Control Markup Language (XACML) | Recommended |
TRM.CLO.034 | : ISO/PAS 22399:2007 Societal security - Guideline for incident preparedness and operational continuity management | Recommended |
TRM.CLO.035 | : IEEE P2301, Draft Guide for Cloud Portability and Interoperability Profiles (CPIP) | Recommended |
TRM.CLO.036 | : IEEE P2302, Draft Standard for Intercloud Interoperability and Federation (SIIF) | Recommended |
TRM.CLO.037 | : Y.3520 Cloud computing framework for end to end resource management (ITU) | Recommended |
TRM.CLO.038 | : OASIS Cloud Application Management Platform (CAMP) | Recommended |
TRM.CLO.039 | : OASIS Topology and Orchestration Specification or Cloud Applications (TOSCA),Version 1.0 Committee Specification Draft 06 / Public Review Draft 01 | Recommended |
TRM.CLO.040 | : Open Cloud Computing Interface (OCCI) | Recommended |
Standard id | Standard | Clasification |
---|---|---|
TRM.ROB.001 | Project team should follow ISO 9787 to specify robot coordinate systems, nomenclature, including notations, for the basic robot motions. This specification is intended to aid in robot alignment, testing and programming. | Mandatory |
TRM.ROB.002 | To assist users and manufacturers in the understanding and comparison of various types of robots, team should follow ISO 9946. It covers topics such as safety, performance criteria and related testing methods, coordinate systems, terminology and mechanical interfaces. | Mandatory |
TRM.ROB.003 | Project team should follow ISO 13482 for specification of requirements and guidelines for the inherently safe design, protective measures and information for use of personal care robots. | Mandatory |
TRM.ROB.004 | For specification of requirements and guidelines for the inherent safe design, protective measures and information for use of industrial robots, follow ISO 10218. | Mandatory |