Service management

Standard id Standard Clasification
TRM.SRV.001 : Use Hypertext Transfer Protocol (HTTP) or Secured Hypertext Transfer Protocol (HTTPS) for access over Internet/ Intranet. Mandatory
TRM.SRV.002 : Use Hypertext Markup Language (HTML). Mandatory
TRM.SRV.003 : Use Extensible Hypertext Markup language (XHTML) as the markup language for creating web applications wherever possible.
XHTML is a family of XML markup languages that mirror or extend versions of the existing widely used Hypertext Markup Language (HTML). The only essential difference between XHTML and HTML is that XHTML must be well formed XML while HTML does not impose strict XML compliance.
Recommended
TRM.SRV.004 : Use Simple Mail Transfer Protocol (SMTP) as the standard protocol used for mail exchange amongst clients and servers. BCC has established the email systems for Government of Bangladesh officers and it is essential for all Government officers to leverage the infrastructure instead of using private email service providers considering information security. Mandatory
TRM.SRV.005 : Use Hypertext Transfer Protocol Secure (HTTPS) for transactions that need to be secured over the Internet. Avoid use of transactional e-services unless these e-services are authenticated and encrypted.
http://w3.org/TR/xhtm
Mandatory
TRM.SRV.006 : Use Wireless Access Protocol (WAP) as the mobile Internet technology which allows mobile phone access to Internet sites. WAP is an open international standard for application layer network communications in a wireless communication environment. Its main use is to enable access to Mobile Web from a mobile phone or PDA. Recommended
TRM.SRV.007 : Use Wireless Transport Layer Security (WTLS) for micro browsers. Recommended
TRM.SRV.008 : Support latest versions of widely adopted browser(s) including
Internet Explorer (IE) - version 6
Chrome
FireFox
Safari
Opera etc.
Mandatory
TRM.SRV.009 : The browser shall support security controls such as download Active Controls, Java permissions, cache deletion, disable cookies, HTTPS and SSL. Recommended
TRM.SRV.010 : Provide multiple modes of accessing government services (e.g. kiosks and mobile phone). Recommended
TRM.SRV.011 : Implement IVR system as an alternative to Browser for access to government services. Recommended

Platforms

Standard id Standard Clasification
TRM.PLA.001 : There is no technical standard for compliance. Use rack-optimised server for efficient space management. N.A.
TRM.PLA.002 : Use High-end servers to support critical business operations. Use Low-end servers for simple non-critical business operations. Recommended
TRM.PLA.003 : Support virtualisation technologies and allow multiple operating system instances concurrently on a single physical server. Recommended
TRM.PLA.004 : Use portable computers where possible to enhance mobility and productivity. Recommended
TRM.PLA.005 : Ensure operating system is certified and designed to run under the vendor hardware platform. Please refer to the enterprise licensing agreement for client operating system established by ITA for agencies. Recommended
TRM.PLA.006 : Support fibre channel for concurrent communication among workstations, servers and other peripherals for Storage Area Network (SAN) and Direct Attached Storage (DAS). Recommended
TRM.PLA.007 : Support Ethernet (IEEE 802.3) for NAS. Recommended
TRM.PLA.008 : Support Common Internet File System (CIFS) for file sharing for NAS. Recommended
TRM.PLA.009 : Support Network Data Management Protocol (NDMP) for controlling backup, recovery, and other transfers of data between primary and secondary storage for NAS. Recommended
TRM.PLA.010 : Support Network File System (NFS) for distributed file system for NAS. Recommended
TRM.PLA.011 : Support Internet Small Computer System Interface (iSCSI) to provide block-level access to remote devices for SAN. Recommended
TRM.PLA.012 : Support Fibre Channel over TCP/IP (FCIP) for connecting remote FC SANs. Recommended
TRM.PLA.013 : There is no technical standard for compliance. Please refer to Architecture Design Considerations or Best Practices for more information. N.A.
TRM.PLA.014 : Support Directory Enabled Networking (DEN) to map service and policy to directory. Recommended
TRM.PLA.015 : Support Desktop Management Interface (DMI) standards to collect information about a computer environment for desktop management. Recommended
TRM.PLA.016 : Support Web-Based Enterprise Management (WBEM) to enable server management through web-enabled application. Recommended
TRM.PLA.017 : Support Alert Standard Format (ASF) to define OS-absent alerting for preventive monitoring. Recommended
TRM.PLA.018 : Support hardened operating system. Recommended
TRM.PLA.019 : Support Trusted Platform Module (TPM) for authenticating mobile computing device. Recommended
TRM.PLA.020 : Use SAN for enterprise storage solution. Please refer to Paragraph 4.6.4(a) for SAN solution guidance. Recommended
TRM.PLA.021 : Implement enterprise-wide backup solution. Please refer to Paragraph 4.6.4(a) for backup solution guidance. Recommended

Networks

Standard id Standard Clasification
TRM.NW.001 : Use TCP/IP as standard network protocol for all government agencies. Mandatory
TRM.NW.002 : All devices in LAN and WAN infrastructure shall support IPv6 standards (128 bits for addressing). Recommended
TRM.NW.003 : Support Open Shortest Path First (OSPF, OSPF2, Multi-path OSPF) for core switch. Recommended
TRM.NW.004 : Support Internet Protocol Security (IPSec) for secure exchange packets at IP layer and IKE (Internet Key Exchange) for key exchange. Recommended
TRM.NW.005 : Support Secure Sockets Layer (SSLv3) for mutual authentication between a client and server. Recommended
TRM.NW.006 : Support SSH for secure remote login, secure file transfer and secure TCP/IP and X11 forwarding. Recommended
TRM.NW.007 : Support IEEE 802.11i to enhance 802.11 Medium Access Control (MAC) for higher security and authentication mechanisms. Recommended
TRM.NW.008 : Certified to Common Criteria EAL-4 (Evaluation Assurance Level) for firewall. Recommended
TRM.NW.009 : Authenticate using two factor authentication methods such as Token or One-time Password (RFC 2289). Recommended
TRM.NW.010 : Support Multi-Protocol Label Switching (MPLS). Mandatory
TRM.NW.011 : Support H.320 for audio, video and graphical communications. Recommended
TRM.NW.012 : Support any of the following:
(a) IEEE 802.3u-100Base T (for Fast
Ethernet over twisted pair cables)
(b) IEEE 802.3u-100BaseFx (for fast Ethernet over optical fibre)
(c) IEEE 802.3ab (1 Gbps over Cat5e/6 cabling system)
(d) IEEE 802.3z (for Gigabit Ethernet over fibre and cable).
Mandatory
TRM.NW.013 : Support Dynamic Host Configuration Protocol (DHCP) for dynamic IP addresses assignment to devices. Mandatory
TRM.NW.014 : Support IEEE 802.1w (Rapid Spanning Tree Protocol) to provide rapid reconfiguration capability. Recommended
TRM.NW.015 : Support IEEE 802.3ad for link aggregation for edge switch. Recommended
TRM.NW.016 : Support IEEE 802.3x to define full duplex operation and flow control on 100Mbps Ethernet network for edge switch. Recommended
TRM.NW.017 : Support Virtual Router Redundancy Protocol (VRRP) to eliminate the single point of failure inherent in the static default routed environment for core switch. Recommended
TRM.NW.018 : Support Differentiated Service (DiffServ) to provide QoS to the traffic for core switch. Recommended
TRM.NW.019 : Support IEEE 802.1q for Virtual LAN (VLAN). Recommended
TRM.NW.020 : Support 1000Base-LH (Long Haul) to provide gigabit speed over distance between 70 and 100km. Recommended
TRM.NW.021 : Support IEEE802.3af for edge switches supporting devices which require twisted pair cables (e.g. IP Phone Clients and wireless LAN access points). Recommended
TRM.NW.022 : Support IEEE 802.3ae to support operating speed of 10Gbps Ethernet over fibre for core switch. Recommended
TRM.NW.023 : Use Unshielded Twisted Pair (UTP) Category 6 for Structured Cabling System based on ANSI/TIA/EIA-568-B.2-1. Recommended
TRM.NW.024 : Use fibre cables to interconnect network devices and backbone connections for Structured Cabling system as described by TIA/EIA 568. Multimode fibre is used for short distance transmissions with LED based fibre optic equipment. Single-mode fibre is used for long distance transmissions with laser diode based fibre optic transmission equipment.
Physical layer standards for optical fibre are:
(a) Support 1000Base-SX (short wavelength laser) to provide gigabit speed over maximum distance of 220m (for 62.5 micron multimode fibre) and 550m (for 50 micron multimode fibre).
(b) Support 1000Base-LX (long wavelength laser) to provide gigabit speed over maximum distance of 550m (for 50 and 62.5 micron multimode fibre). upto five km single mode with 9 micron fibre
Recommended
TRM.NW.025 : Use Commercial Building Telecommunications Cabling Standard 2001 based on ANSI/TIA/EIA 568-B. Recommended
TRM.NW.026 : Use Generic Cabling for Customer Premises (International Standards) 2002 based on ISO/IEC 11801. Recommended
TRM.NW.027 : Use Generic Cabling Systems (CENELEC Standards) 2002 based on EN 50173. Recommended
TRM.NW.028 : Use Generic Universal Cabling Infrastructure with support voice and data applications based on ISO/IEC 11801, ISO/IEC 11801, 14763-1, 14763-2, 14763-3, IEC 61935-1, TIA/EIA 568-B, EN50173, TIA/EIA 606-A, IEC332-1 Recommended
TRM.NW.029 : Use Commercial Building Standard for Telecommunications Pathways and Spaces 2004. Recommended
TRM.NW.030 : Build and install cables based on ISO/IEC 18010 standards of Information Technology - Pathways and Spaces for Customer Premises Cabling. Recommended
TRM.NW.031 : Test cables after installation based on TIA/ EIA-568-B and IEC 61935 standards. Recommended
TRM.NW.032 : Support Class 1 or Class 3 (excluding Class 3B) laser for FSO. Recommended
TRM.NW.033 : Implement WLAN that supports any of the following standards:
(a) Wi-Fi Protected Access (WPA)
(b) WPA2
(c) Advanced Encryption Standard (AES)
(d) Mobile Virtual Private Networks (VPNs).
Mandatory
TRM.NW.034 : Support IEEE 802.11a for 54 Mbps high speed wireless LAN and 5 GHz range. Recommended
TRM.NW.035 : Support IEEE 802.11g for 54 Mbps high speed wireless LAN and 2.4 GHz range. Recommended
TRM.NW.036 : Support IEEE 802.11n for 54 Mbps high speed wireless LAN up to 600 Mbps (with 2.4 GHz and 5 GHz range). Recommended
TRM.NW.037 : Support H.323 for converting between voice and data transmission formats and for managing connections between telephony endpoint and Real-Time Transport Protocol (RTP). Recommended
TRM.NW.038 : Support H.248 for controlling media gateways on Internet Protocol (IP) network and Public Switched Telephone Network (PSTN). Recommended
TRM.NW.039 : Support RTP for end-to-end network transmission of real-time data, such as audio, video or simulation data, over multicast or unicast network services. Recommended
TRM.NW.040 : Support Real Time Streaming Protocol (RTSP) for control over the delivery of data with real-time properties. Recommended
TRM.NW.041 : Support H.263 for compression algorithm and optimization for lower data rates. Recommended
TRM.NW.042 : Use Session Initiation Protocol (SIP) to manage IP telephony sessions. SIP is an application-layer control (signalling) protocol for creating, modifying, and terminating sessions with one or more participants. These sessions include Internet telephone calls, multimedia distribution, and multimedia conferences. Recommended
TRM.NW.043 : Use Simple Network Management Protocol (SNMP) v2 and above as the main management protocol suite. Recommended
TRM.NW.044 : Use IP Telephony where possible. Recommended
TRM.NW.045 : Use video conferencing system for collaboration where possible. Recommended
TRM.NW.046 : Use network management tools to manage LAN. Recommended

Data center

Standard id Standard Clasification
TRM.DC.001 : Design data center in accordance to TIA 942 standards. Recommended
TRM.DC.002 : Design data center with ample space for expansion to meet the growing demands. Locate the data center at a physically safe area. Recommended
TRM.DC.003 : Implement 24/7 physical security monitoring through CCTV Surveillance Monitoring (e.g. Closed-circuit television (CCTV) /Automated Security Intrusion Alarm/Biometric/Motion Detector) with minimally an intrusion response exercise annually. Recommended
TRM.DC.004 : Standardize use of 19-inch 42U racks which aids better cabling management and for cold/ hot air aisle efficiency. All racks should have perforated doors for front and back for front-in and back-out cross-air movement. Mandatory
TRM.DC.005 : Install man-trap access to computer room as an additional barrier to prevent unauthorized access to the computer room. Recommended
TRM.DC.006 : Conduct a risk assessment before building or implementing a data center. Implement appropriate controls to mitigate identified risks. Mandatory
TRM.DC.007 : Separate the location of disaster recovery site from the primary data center. Mandatory
TRM.DC.008 : Ensure smoke detection and fire suppression systems are in place and tested on periodic basis. Mandatory
TRM.DC.009 : Design data center with ample space for growth. Recommended
TRM.DC.010 : Locate the data center at a physically safe area. Recommended
TRM.DC.011 : Use Fibre Optic Cable (FOC) for backbone cabling. Recommended
TRM.DC.012 : Use Category 6 for horizontal cabling. Recommended
TRM.DC.013 : Design and operate at minimum Tier II and where possible to have Tier III data center or higher. Recommended
TRM.DC.014 : Carry out a detailed capacity requirements study for space, power and cooling. Recommended
TRM.DC.015 : Implement “hot” and “cold” aisle setup for effective cooling. Recommended

Cloud

Standard id Standard Clasification
TRM.CLO.001 : RFC 5246 Secure Sockets Layer (SSL)/ Transport Layer Security (TLS) Recommended
TRM.CLO.002 : RFC 3820: X.509 Public Key Infrastructure (PKI) Proxy Certificate Profile Recommended
TRM.CLO.003 : RFC5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile Recommended
TRM.CLO.004 : RFC 5849 OAuth (Open Authorization Protocol) Recommended
TRM.CLO.005 : ISO/IEC 9594-8:2008 | X.509 Information technology -- Open Systems Interconnection -- The Directory: Publickey and attribute certificate frameworks Recommended
TRM.CLO.006 : ISO/IEC 29115 | X.1254 Information technology - Security techniques -- Entity authentication assurance framework Recommended
TRM.CLO.007 : OpenID Authentication Recommended
TRM.CLO.008 : eXtensible Access Control Markup Language (XACML) Recommended
TRM.CLO.009 : Security Assertion Markup Language (SAML) Recommended
TRM.CLO.010 : RFC 5246 Secure Sockets Layer (SSL)/ Transport Layer Security (TLS) Recommended
TRM.CLO.011 : Key Management Interoperability Protocol (KMIP) Recommended
TRM.CLO.012 : XML Encryption Syntax and Processing Recommended
TRM.CLO.013 : XML signature (XMLDSig) Recommended
TRM.CLO.014 : Service Provisioning Markup Language (SPML) Recommended
TRM.CLO.015 : Web Services Federation Language (WSFederation) Version 1.2 Recommended
TRM.CLO.016 : WS-Trust 1.3 Recommended
TRM.CLO.017 : Security Assertion Markup Language (SAML) Recommended
TRM.CLO.018 : OpenID Authentication 1. Recommended
TRM.CLO.019 : ISO/IEC WD 27035-1 Information technology -- Security techniques -- Information security incident management -- Part 1: Principles of incident management Recommended
TRM.CLO.020 : ISO/IEC WD 27035-3 Information technology -- Security techniques -- Information security incident management -- Part 3: Guidelines for CSIRT operations Recommended
TRM.CLO.021 : ISO/IEC WD 27039; Information technology -- Security techniques -- Selection, deployment and operations of intrusion detection systems Recommended
TRM.CLO.022 : ISO/IEC 18180 Information technology - Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2 (NIST IR 7275) Recommended
TRM.CLO.023 : X.1500 Cybersecurity information exchange techniques Recommended
TRM.CLO.024 : X.1520: Common vulnerabilities and exposures Recommended
TRM.CLO.025 : X.1521 Common Vulnerability Scoring System Recommended
TRM.CLO.026 : PCI Data Security Standard Recommended
TRM.CLO.027 : Cloud Controls Matrix Version 1.3 Recommended
TRM.CLO.028 : ISO/IEC 27001:2005 Information Technology - Security Techniques Information Security Management Systems Requirements Recommended
TRM.CLO.029 : ISO/IEC WD TS 27017 Information technology -- Security techniques -- Information security management - Guidelines on information security controls for the use of cloud computing services based on ISO/IEC 27002 Recommended
TRM.CLO.030 : ISO/IEC 27018 Code of Practice for Data Protection Controls for Public Cloud Computing Services Recommended
TRM.CLO.031 : ISO/IEC 1st WD 27036-4 Information technology - Security techniques - Information security for supplier relationships - Part 4: Guidelines for security of cloud services Recommended
TRM.CLO.032 : ISO/IEC 27002 Code of practice for information security management Recommended
TRM.CLO.033 : eXtensible Access Control Markup Language (XACML) Recommended
TRM.CLO.034 : ISO/PAS 22399:2007 Societal security - Guideline for incident preparedness and operational continuity management Recommended
TRM.CLO.035 : IEEE P2301, Draft Guide for Cloud Portability and Interoperability Profiles (CPIP) Recommended
TRM.CLO.036 : IEEE P2302, Draft Standard for Intercloud Interoperability and Federation (SIIF) Recommended
TRM.CLO.037 : Y.3520 Cloud computing framework for end to end resource management (ITU) Recommended
TRM.CLO.038 : OASIS Cloud Application Management Platform (CAMP) Recommended
TRM.CLO.039 : OASIS Topology and Orchestration Specification or Cloud Applications (TOSCA),Version 1.0 Committee Specification Draft 06 / Public Review Draft 01 Recommended
TRM.CLO.040 : Open Cloud Computing Interface (OCCI) Recommended

Robotics

Standard id Standard Clasification
TRM.ROB.001 Project team should follow ISO 9787 to specify robot coordinate systems, nomenclature, including notations, for the basic robot motions. This specification is intended to aid in robot alignment, testing and programming. Mandatory
TRM.ROB.002 To assist users and manufacturers in the understanding and comparison of various types of robots, team should follow ISO 9946. It covers topics such as safety, performance criteria and related testing methods, coordinate systems, terminology and mechanical interfaces. Mandatory
TRM.ROB.003 Project team should follow ISO 13482 for specification of requirements and guidelines for the inherently safe design, protective measures and information for use of personal care robots. Mandatory
TRM.ROB.004 For specification of requirements and guidelines for the inherent safe design, protective measures and information for use of industrial robots, follow ISO 10218. Mandatory