摘要
网络安全作为国家安全的一部分,其安全检查与评估所依循的规章制度分布在国家安全审查或网络空间管理的政策制度中。本文着眼于国际上现行的网络安全审查相关制度,重点分析各国在信息技术产品和服务安全评估、关键信息基础设施安全评估与管理、供应链安全和背景安全调查等方面的做法,从法律法规、组织体系、运行模式、审查方法和支撑技术等方面研究建立我国的网络安全审查制度。
Cybersecurity is part of national security. The rules and regulations for security testing and evaluation are distributed as policies for national security review or cyberspace management. This paper focuses on the current international systems related to cybersecurity review, and analyzes governments' practices in the aspects of information technology product and service security evaluation, critical information infrastructure security evaluation and management, information and communication technology (ICT) supply chain security, and background security investigation. Based on the above, this paper discusses how to establish a cybersecurity review system in the fields of law and regulation, organization framework, operation mode, review approach, and supporting technology.
出处
《中国工程科学》
北大核心
2016年第6期39-43,共5页
Strategic Study of CAE
基金
中国工程院重大咨询项目"网络空间安全战略研究"(2015-ZD-10)
关键词
网络安全审查
信息技术产品和服务
关键信息基础设施
供应链安全
背景安全
cybersecurity review
information technology product and service
critical information infrastructure
supply chain security
background security
