Absrtact: Recently, a message about information security has aroused the attention of everyone again. 22nd, the National Internet Information Office issued a message that, in order to maintain national network security, safeguard the legitimate interests of Chinese users, China will launch a network security review system. According to
Recently, a message about information security has aroused concern again.
22nd, the National Internet Information Office issued a message that, in order to maintain national network security, safeguard the legitimate interests of Chinese users, China will launch a network security review system. It is understood that the network review system will primarily review important information technology products and services used by systems that relate to national security and public interest. Product safety and controllability will be the focus of the review to prevent product providers from using the convenience of providing products, illegal control, interference, interruption of user systems, illegal collection, storage, processing and use of user-related information, do not meet safety requirements of products and services, will not be used in China.
System good domestic hardware and software manufacturers
After the "Snow Snowden incident", the inter-State network security issues have aroused wide concern from all walks of life. Pretend to be a geek recently visited NI academician and some related manufacturers in the industry, from their point of view can be seen, the state to implement the "Network Security Review System" for domestic hardware and software manufacturers, is undoubtedly a major good news.
NI, a member of the company, said the country's measures would mainly affect foreign multinationals, especially those that have been involved in monitoring programmes such as the Prism Gate. The role they play in such schemes suggests that their technical products and services introduce security risks. For domestic enterprises, if its technology products and services are indeed developed by themselves and conform to the relevant national safety regulations, then, generally speaking, it should be possible to pass a security review system, so the system will not have an impact on the innovation of domestic enterprises. In general, it will help domestic enterprises to play the advantages of independent control and cost-effective, and facilitate the promotion of domestic substitution of foreign technology products and services.
Ni said that the implementation of the network security review system can change the past China's backbone network, important information systems, the large number of foreign multinationals to use technology products and services. The network security review system will be a system guarantee to implement the national security strategy of enhancing cyberspace.
In the domestic enterprise security market share of more than 50% of rising, the country issued this system also welcomed the attitude.
Rising security expert Tangwei to Sohu it said that the vast majority of people, network practitioners, government office personnel, civil servants, etc., is not equipped with professional information security level and knowledge. One common problem is that security awareness is poor. It is unrealistic to expect these people to have a high level of safety awareness and protection in purchasing and daily office. Therefore, it is necessary to establish such a security system, which may touch on the information security of the definition of good, standardized. Under the restriction of this system and stipulation, our safety consciousness will gradually develop and gradually improve.
From the "Network Security Review System" news, there have been further news that the State in the key part of hardware procurement began large-scale use of domestic equipment. Some hardware manufacturers have announced a high profile in the key departments using domestic hardware to replace the original foreign equipment plans.
It is understood that IBM's share of the banking system in the previous 90%, and Cisco's domestic network equipment in the share of more than 80%.
Operating system and software completely localized unrealistic
It is well known that after the hardware is set up, software is needed to complete various applications. At present, a lot of software key technologies are in the hands of foreign companies, the development of fully independent intellectual property rights of the domestic operating system how difficult is it?
NI to Sohu it said, the operating system is very good to use depends on its ecological environment is perfect. Overall, it is far more difficult to build a perfect ecological environment than to develop an excellent operating system.
The competitiveness of domestic operating system will also depend on its ecological environment to a large extent, in order not to be subject to the software of foreign manufacturers, the future needs to vigorously build the ecological environment of domestic operating system, only in this way, the domestic operating system to achieve market success.
Open source software has become a mainstream in the current software industry, the development of cloud computing has promoted the development of open source software, domestic operating system based on open source Linux technology to meet the trend of the times. Generally speaking, mature open source software vulnerabilities are less, there is a "backdoor" the possibility is very few.
If you can really master the open source software rather than simply take the "doctrine", then the development of domestic software based on open source software can improve the efficiency of development, but also reduce the vulnerability and the risk of "backdoor". Non-autonomous development and use of foreign companies software, if not open source, of course, there is a "backdoor" risk, some open source also does not help; only fully open source, and allow users to analyze, refactor, it is possible to reduce the "backdoor" risk. Even in this case, if the source code is large, the level of analysis and time is not enough, there is still no guarantee that there is no "backdoor". According to the above considerations, ni to Sohu it said that the development of software based on open source software, should be a realistic way. In other areas, it has always been the accumulation of science and technology in the history of mankind, not to reinvent the wheel, do not think of Newton's laws and other scientific knowledge is "foreign".
In the software industry, open source software is also the accumulation of human software wealth, can not think of open source software is "foreign". If you require that every line of code be written by yourself, it is often unrealistic and not necessary; If you write a code that is immature, it may not be more vulnerable than open source software.
Personal users are almost unaffected
Tencent security experts to Sohu it said that the audit system is more from the national level. For individual users, almost no direct impact on the system. In the long run, however, the use of security audits by key institutions will reduce the likelihood of data being intercepted and analyzed by foreign vendors when ordinary netizens surf the Internet.
Because it is a national level system, for the only personal security products manufacturers, will not be the forthcoming "Network Security Review System" impact.
International security firms hold a wait-and-see attitude
In order to protect the safety of key sectors of the state, the State has in fact already had similar provisions. Key departments in the procurement of international manufacturers of hardware and software products, there is a strict access system.
An international security company disclosed to Sohu it that the state will launch a network security review system has not been too direct impact on them. There is no feedback from their salespeople about the impact.
It was alleged that, as a result of prior state regulations, foreign software was difficult to access for sensitive industries or sectors, and that, for the new system, their successor would assess the impact on their operations in accordance with national requirements.