The Password Law of the People's Republic of China (hereinafter referred to as the Password Law) will be promulgated on two thousand and twenty year one month one It was officially implemented on. In order to promote the study, publicity and implementation of the Password Law, Guangdong Provincial Password Administration Bureau two thousand and nineteen year twelve month thirty The Guangdong Province "Password Law" propaganda conference was held in Guangzhou Zhudao Hotel on July 1.
At the meeting, Li Jie, the second level inspector of the State Password Administration, interpreted the Password Law. She emphasized the significance of the Code Law from three aspects: the important measures to build the national security legal system, the important measures to safeguard the sovereign security of the national cyberspace, and the important measures to promote the high-quality development of the password cause. This paper introduces the basic principles and main contents of the Cryptography Law. The spirit of the Password Law can be summarized as "three unifications", that is, to adhere to the unity of the party's password management and legal management, to adhere to the unity of innovative development and ensuring security, and to adhere to the unity of streamlining administration and delegating power and strengthening supervision. Cryptography Law five chapter forty-four Article, including "General Provisions", "Core Password, Common Password", "Commercial Password", "Legal Liability" and "Supplementary Provisions" five Parts. The main contents can be summarized into two parts. One is the password protection of confidential information. The implementation of the Password Law provides legal system protection for effectively playing the core role of passwords in safeguarding national information security; The second is social oriented password management. The Password Law involves commercial passwords thirty-six The management ideas and major changes can be summarized as five aspects: consolidating the foundation, implementing the guarantee, encouraging innovation, promoting cooperation, streamlining administration and delegating power, changing the mode, focusing on safety, key control, industry self-discipline, and strengthening supervision. Li Jie proposed that to implement the Password Law and promote the application of passwords, we should fully understand the basic role of passwords in network security and enhance security awareness; We should closely focus on the overall situation and overall layout of the work of the Party and the state to promote strategic integration; It is necessary to accurately grasp the basic requirements of password application in the new situation and build a strong security system; We should earnestly perform the password application responsibilities specified by laws and regulations, and implement the main responsibilities; We should strengthen password innovation to drive development and improve high-quality password supply.
At the meeting, Li Dan, senior engineer of the Fifth Research Institute of Electronics of the Ministry of Industry and Information Technology, gave a demonstration of security risk analysis of cryptographic applications. Focusing on the basic security requirements of commercial password applications, this paper introduces the typical network security risks faced by information systems through case analysis and demonstration of electronic access control systems, network communications, data storage being attacked by networks, and explains the necessity of ensuring the safe and stable operation of information systems by building a secure and effective security guarantee system for password applications of information systems.
Zhang Yuanyun, senior researcher of Guoxin Guardian Cyberspace Security Research Institute of the National Information Center, introduced the role of passwords in the construction of "digital government". Data is the core resource of digital government. The password can make the data source and result data credible; Realize the security of data in the whole life cycle, and realize the data security protection chain from the aspects of data generation, transmission, storage, use, sharing, destruction, etc; Support the sharing trust chain of digital government, and realize on-demand interaction, secure interaction, and data traceability of government data resources through data identification, digital signature, and data security sharing and exchange; Realize the personnel identification service chain of digital government; Protect the data link assets of digital government, and realize data management and security sharing.
Yang Hongzhi, the director of the commercial secret laboratory of Shenzhen Network Security Company, a third-party password evaluation institution, and a cryptology doctor, introduced the requirements for security evaluation of password applications. This paper explains the necessity of the secret evaluation work as well as the basic requirements, evaluation requirements, evaluation process guidelines and other relevant technical standards for the application of information system passwords, and focuses on the content of scheme evaluation and system evaluation involved in the promotion of "synchronous planning, synchronous construction, and synchronous operation" of password applications.
Wang Hui, Deputy Secretary General of Guangdong Provincial Party Committee, made a concluding speech. He stressed that we should have a deep understanding of the significance of the promulgation and implementation of the Password Law, accurately grasp the essence of the content of the Password Law, and fulfill the obligations conferred by the Password Law with practical actions. First, we must learn and understand the Code Law in place. It is widely publicized to different groups such as party and government organs, state-owned enterprises and institutions, colleges and universities, primary and secondary schools, social practitioners, and the general public to create an atmosphere for learning the Password Law. Second, we need to complete the country's major planning and deployment to promote password applications in important areas. In accordance with the requirements of relevant documents issued by the Provincial Party Committee Office and the Provincial People's Government Office, strive to complete various tasks. Third, we need to provide human resources for the rapid development of the password industry. Set foot in the province and look at the world, actively give play to the advantages of universities, research institutes and social training forces, expand the construction of professional disciplines, and improve the talent training model. Fourth, we need to accelerate innovation in password applications and industrial development. Strengthen the construction of commercial password detection and authentication capacity. For key information infrastructure information systems, we need to "plan, construct, operate synchronously, and evaluate regularly" the commercial password security system. Increase the ability of independent innovation in key key technologies of cryptography, and integrate the cryptography industry with the blockchain 5G The new generation of information technology, artificial intelligence, intelligent manufacturing and other advantageous industries in the province are integrated to form a password application industry cluster as soon as possible, providing password service guarantee for the high-quality development of the digital economy in our province, the construction of the Guangdong Hong Kong Macao Greater Bay Area, and the construction of the "Belt and Road".
Principals of all units directly under the provincial government, people's groups of the province, relevant units directly under the Central Government stationed in Guangdong, relevant municipal departments and relevant enterprise heads five hundred Many people attended the meeting.
