In order to implement the "Network Security Law of the People's Republic of China", "The Decision of the Standing Committee of the National People's Congress on Strengthening the Protection of Network Information," "Provisions on the Protection of Personal Information of Telecommunications and Internet Users" and other laws and regulations, effectively improve the protection of network data security in the telecommunications and Internet industries Ability to give full play to the leading and supporting role of standards in ensuring network data security and promoting the healthy and orderly development of the industry, and boosting the high-quality development of the digital economy. A few days ago, the Ministry of Industry and Information Technology drafted the "Guidelines for the Construction of Network Data Security Standard System (Draft for Comment)" (hereinafter referred to as the "Construction Guidelines").
The "Construction Guidelines" pointed out that by 2021, a network data security standard system will be initially established, effectively implement network data security management requirements, basically meet the industry network data security protection needs, promote the application of standards in key enterprises and key areas, and develop network data More than 20 safety industry standards. By 2023, complete and improve the network data security standard system, the standard technology level, application level and internationalization level will be significantly improved, effectively promote the improvement of industry network data security protection capabilities, and develop more than 50 network data security industry standards. The network data security standard system includes four major categories of standards: basic commonality, key technologies, security management, and key areas.
In important areas, the "Construction Guidelines" pointed out that on the basis of basic common standards, key technical standards, and safety management standards, combined with the development of new-generation information and communication technologies, the focus is on 5G, mobile Internet, Internet of Vehicles, Internet of Things, and Industrial Internet Layout in key areas such as, cloud computing, big data, artificial intelligence, and blockchain, combined with industry development, gradually cover other important areas.
5G
On the basis of meeting general security requirements, the 5G security mechanism provides differentiated security services for different business scenarios, adapts to multiple network access methods and new network architectures, protects users' personal privacy, and supports the provision of open security capabilities. The network data security standards in the 5G field mainly include 5G data security overall requirements, 5G terminal data security, 5G network side data security, 5G network capability opening data security, etc.
Mobile Internet
Traditional mobile Internet security mainly includes terminal security, network security, and application security. With the widespread application of mobile operating systems and the large-scale flow of data under the open ecosystem, the data security risks of the mobile Internet have become more prominent. The network data security standards in the mobile Internet field mainly include mobile application personal information protection, mobile application software SDK security, etc.
Internet of Vehicles
The Internet of Vehicles security covers the all-round connection and data interaction process of the car, the vehicle and the vehicle, the vehicle and the road, the vehicle and the person, and the vehicle and the service platform. Data security and privacy protection run through all links of the Internet of Vehicles. The network data security standards in the field of Internet of Vehicles mainly include data security of the Internet of Vehicles cloud platform, V2X communication data security, data security of intelligent connected vehicles, and data security of Internet of Vehicles mobile apps.
Internet of Things
The security of the Internet of Things covers the perception layer, transmission layer, and application layer of the Internet of Things, involving server-side security, terminal security, and communication network security. Data security runs through all aspects of it. Network data security standards in the field of Internet of Things mainly include Internet of Things cloud data security protection, Internet of Things management system data security protection, Internet of Things terminal data security protection, etc.
Industrial Internet
Industrial Internet security focuses on control systems, equipment, networks, data, platforms, application security and security management. The network data security standards in the industrial Internet field mainly include industrial Internet data security protection and industrial Internet data classification technology.
cloud computing
Cloud computing security takes cloud host security as the core, covering network security, data security, application security, security management, business security, etc. The network data security standards in the cloud computing field mainly include customer data protection, cloud service business data security, and cloud asset management.
Big Data
Big data security covers all aspects of data life cycle management, covering the security function guarantee of big data platform operation and asset management with data as the object. Network data security standards in the big data field mainly include big data platform security and big data asset management.
artificial intelligence
Artificial intelligence security covers personal information security, algorithm security, data security, network security, etc. Network data security standards in the field of artificial intelligence mainly include data security on artificial intelligence platforms and personal information protection on artificial intelligence terminals.
Blockchain
Blockchain security includes three dimensions: application service security, system design security (including smart contracts, consensus mechanisms), and basic component security (including network communication, data security, and cryptographic technology). Network data security standards in the blockchain field mainly include blockchain privacy data protection, blockchain digital asset storage and interaction protection, etc.
Source: Communication World All Media
Recommended reading
Big data becomes a new driving force to promote high-quality economic development
Data is "oil", and new production factors are written into files to release important signals
"Which industry development models will 5G change?
What will "new infrastructure" change