General secretary Xi Jinping stressed that without network security, there would be no national security. It is necessary to establish a correct concept of network security and speed up the construction of key information infrastructure security system.
As the main force to maintain network security, the top priority of the public security department’s work is to guide the relevant departments to implement the network security level protection system and the key information infrastructure security protection system, improve the national network security comprehensive prevention and control system, and effectively prevent network security threats
In the activity of “rule of law theme day” of 2020 national network security publicity week, Shen Changxiang, academician of Chinese Academy of engineering, proposed “trusted computing” and “active immunity”, which provided new ideas for public security organs to build a strong network security defense line.
“Active immunization” is the trend
The rapid development of the Internet has brought opportunities and challenges to the field of public security. In the face of increasingly severe network security situation, the pressure of public security organs in maintaining social security and cracking down on network related criminal activities is increasing.
“Cyberspace is extremely fragile, absolute security does not exist, and there is no so-called” bullet proof “system – cyber threats are the eternal theme.” Shen Changxiang believes that most of the current network security systems are composed of firewalls, intrusion monitoring and virus killing, commonly known as the “old three”, but in the new situation, the “old three” should be updated. Network security protection must take “active immunity” protection measures, and constantly carry out technological innovation, so as to solve the current problems of the Internet and build a strong network security defense line.
It is understood that the establishment of “active immunity” computing architecture is equivalent to the human body’s own immune system, which takes the password as the gene, implements the functions of identity recognition and secret storage, identifies the “self” and “non self” components in time, and then destroys and repels the harmful substances invading the body.
“It is equivalent to cultivating immunity for network information system.” Shen Changxiang said that network security should focus on system, and a triple protection system of “active immunity” supported by trusted security management center should be built.
“Now that computers have basically replaced manual work, it is crucial for an organization to build a trusted computing environment to ensure network security. The computing environment is equivalent to the working environment, and security should be put first. The second is to build a credible border, which is equivalent to a “guard house”. Only those who have been approved are allowed to enter and leave. Finally, build a trusted network communication, similar to “secure express”, to ensure that the content will not be peeked at or tampered with. “
In Shen Changxiang’s view, the network system has achieved “active immunity” security protection, which means that the attacker “can’t enter”, the unauthorized person can’t get important information, “can’t understand” stealing confidential information, “can’t change the system and information”, the system can’t work “can’t be broken”, and the attack behavior “can’t be relied on”. This is of great significance to the improvement of Cyberspace Security It also has a high reference value for public security organs to maintain Cyberspace Security.
Trusted computing 3.0,Set up a security “shield” for the Internet
It is reported that China’s trusted computing originated from the research on “integrated protection system of active immunity” officially in 1992. After long-term tackling key problems and integrating military and civil affairs, it has formed independent and innovative trusted systems, many of which have been adopted by TCG. Trusted computing 3.0 marked by “active immunity” and relying on the trusted technology system of “active immunity”, has laid a solid foundation for independent and controllable network security in traditional application fields, industrial control systems and modern information systems such as cloud computing, Internet of things, big data and mobile intelligent network.
“Trusted computing 3.0 aims at the application system with known processes, and can adapt to the actual security needs by” tailor-made “according to the security requirements of the system Shen Changxiang said that without modifying the application program, it is particularly suitable for providing security for important production information systems.
China’s one belt, one road summit, was introduced in May 12, 2017, Shen Changxiang said. The day before, the extortion virus appeared, and the 150 countries swept away the virus in one day. However, the trusted production and broadcasting environment of CCTV with trusted computing 3.0 as the core has withstood the test and finally withstood the network attack. However, there are still many cases in China that test trusted computing 3.0.
2.0,Tamping the “safety base” of protection network
In the special lecture, Shen Changxiang said that from a worldwide perspective, all countries are strengthening the security protection of key information infrastructure.
With the promulgation of a series of laws and programmatic documents, such as “network security law”, “national cyberspace security strategy”, the importance of network security has been rising. In particular, on December 1, 2019, the relevant national standards of network security classified protection system were formally implemented, marking the foundation for the implementation of level protection 2.0.
In July 2020, the Ministry of Public Security issued the guiding opinions on the implementation of the network security classified protection system and the key information infrastructure security protection system, which clarified the guiding ideology, basic principles, work objectives and specific measures for the implementation of the network security classified protection system and the key information infrastructure security protection system.
As the chairman of the national network security classified protection expert committee, Shen Changxiang summarized the characteristics of the times as follows: in the level of legal support, the network security level protection system was upgraded to the national basic legal system; in the level of science and technology, the hierarchical passive protection developed to the “active immunity” protection under the framework of scientific security; in the engineering application level, it changed from the traditional protection The protection of computer information system is turning to the construction of active defense system in cyberspace under the new computing environment.
It is understood that the guiding opinions on the implementation of network security classified protection system and key information infrastructure security protection system puts forward the requirements of “three modernizations and six Preventions”, namely, “actual combat, systematization and normalization”, “dynamic defense, active defense, defense in depth, precise protection, overall protection, joint defense and joint control”, so as to build a national network security comprehensive prevention and control system It will further help the public security organs to maintain Cyberspace Security and protect the legitimate rights and interests of the people.
The establishment of “active immunity” computing architecture is equivalent to the human body’s own immune system, which takes the password as the gene, implements the functions of identity recognition and secret storage, and identifies the “self” and “non self” components in time, and then destroys and repels the harmful substances invading the body.
The characteristics of hierarchical protection 2.0: in the level of legal support, the network security level protection system is upgraded to the national basic legal system;
At the level of science and technology, it has developed from layered passive protection to “active immunity” protection under the framework of scientific security;
At the level of engineering application, the traditional protection has changed to the construction of active defense system in cyberspace under the new computing environment.
Editor in charge: GT