1. Overview of MLPS 2.0
In 1994, the "Regulations of the People's Republic of China on the Security Protection of Computer Information Systems" (Decree No. 147 of the State Council) first proposed the concept of "level security protection for computer information systems". and the exploration phase. In 2008, GB/T 22239-2008 "Basic Requirements for Leveled Protection of Information Security Technology Information System Security" clarified the basic requirements for the security protection of information systems at all levels, marking the standardization of the level protection system, level protection 1.0 (hereinafter referred to as level protection) 1.0) The era has officially arrived.
On November 7, 2016, the 24th meeting of the Standing Committee of the 12th National People's Congress passed the "Network Security Law of the People's Republic of China". The legal status of the network security level protection system. In May 2019, the core standards of network security graded protection "Information Security Technology Network Security Graded Protection Evaluation Requirements", "Information Security Technology Network Security Graded Protection Basic Requirements", "Information Security Technology Network Security Graded Protection Security Design Technical Requirements" were officially released, and It was officially implemented on December 1, 2019, marking that China's hierarchical protection system has entered the 2.0 era (hereinafter referred to as graded protection 2.0).
The establishment and implementation of a network security graded protection system is compelled by the situation and required by national conditions. With the overall acceleration of China's informatization process, the whole society, especially important industries and important fields, is increasingly dependent on basic information networks and important information systems. The security of basic information networks and important information systems is directly related to national security. , public safety, and public interest. Network security graded protection is a basic national policy implemented by the Party Central Committee and the State Council in the field of network security. Both policy and standard system levels have entered the 2.0 era.
Network security level protection is a common practice in today's developed countries to protect critical information infrastructure and ensure network security. It is also a summary of China's network security work experience over the years. Through the development of network security level protection work, limited financial, material and human resources are invested in the security protection of national key information infrastructure