two thousand and seventeen year eight month fifteen Day, Measures for the Implementation of the Network Security Responsibility System of the Party Committee (Party Group) (hereinafter referred to as the Implementation Measures) Issued for implementation 。 Over the past five years, the State Encryption Administration has fully implemented the spirit of the Implementation Measures , Combined with the actual work , Continue to study, publicize and implement the Password Law.
1、 Do a good job of the Code Law Study publicity
According to different subjects, we should distinguish between the social and institutional aspects, the public and party members and cadres, and focus on the popularity and common sense knowledge of passwords for targeted publicity. People's Daily, Xinhua News Agency and other central media released interpretative articles such as Answering Questions from Journalists by the Head of the State Password Administration. Focus Interviews and Legal Lectures produced and broadcast special promotional videos. Major national news media carried out in-depth interpretation, which set off a nationwide upsurge of learning and implementing the Password Law.
two thousand and twenty From to now, the State Encryption Administration has organized and carried out the publicity and education activities on the rule of law and password security on the National Security Education Day for the whole nation for three consecutive years. We adhere to the combination of online and offline, traditional media and emerging media, flexibly use forum discussions, expert interviews, public lectures and other forms, fully utilize Password management department portal “ Password horizon ” study Powerful Account, WeChat Official Account and other platforms produce and broadcast propaganda and education special pages, authoritative propaganda articles, short videos, audio, diagrams and other content, and constantly improve the communication, attraction and coverage of password rule of law publicity and security education. adopt Publicity and education activities effectively popularized password security knowledge, policies and regulations, further enhanced the password security awareness of party and government organs, enterprises and public institutions and the public, and promoted in-depth password security publicity and education activities.
On the anniversary of the promulgation of the Code Law, the implementation of the Code Law was systematically summarized and sorted out. People's Daily, Xinhua News Agency and other central authoritative media published “ Building the National Password Security Line on the Track of Rule of Law ” 、 “ Password, make people's life more secure ” In the two years since the promulgation of the Password Law, China's password industry has flourished, the password work has steadily progressed on the track of the rule of law, and has built a password defense line to safeguard national security, as well as the important impact of passwords on people's daily life.
2、 Study and formulate the supporting laws and regulations system with the Password Law as the core
Accelerate the construction of a password laws and regulations system with the Password Law as the core, the Commercial Password Management Regulations and other administrative regulations as the backbone, and a number of core passwords, ordinary passwords, commercial passwords, as well as regulations and normative documents defining the administrative functions of password management departments as the branches, with clear rights and responsibilities, complementary functions, and coordination. Article 42 of the Password Law clearly stipulates that “ The State Password Administration Department shall, in accordance with the provisions of laws and administrative regulations, formulate regulations on password administration ” , giving the State Password Administration the right to formulate regulations. In order to implement the provisions of laws and regulations such as the Legislative Law, the Password Law, and the Regulations on the Procedure for the Formulation of Rules, and to prepare for the formulation of rules after the introduction of the newly revised Regulations on the Administration of Commercial Passwords, two thousand and twenty-one year twelve month sixteen Day, Principal comrades in charge of the bureau Sign the State Password Administration's one Order No., promulgating the Provisions on the Regulation Formulation Procedure of the State Password Administration, from two thousand and twenty-two year two month one Effective from. The Regulation is the first departmental regulation formulated by the State Encryption Administration separately. It is necessary to standardize the work of formulating regulations by the State Encryption Administration, streamline the work process of formulating regulations, clarify work responsibilities, and ensure the high-quality and efficient promotion of legislative projects.
III advance Commercial password management takes the lead in transformation
Focusing on the management of commercial passwords in accordance with the law, we accelerated the transformation of functions, paid close attention to the implementation of laws and regulations, formulated and issued a series of departmental rules, normative documents and management directories together with relevant national departments, and smoothly connected various management measures of commercial passwords. At present, the main systems of commercial password management determined by the Password Law have been fully implemented, and all aspects of society have responded well.
First, deepen “ Pipe release suit ” Reform and standardize the administrative examination and approval of commercial passwords in accordance with the law. The original eight Items of administrative approval, simplified as four Item, do “ Although ”“ Put it when you want ” 。 two thousand and twenty-two year one In June, the General Office of the State Council printed and distributed the Notice on the Comprehensive Implementation of the Management of the List of Administrative Licensing Matters, and officially published the List of Administrative Licensing Matters Established by Laws, Administrative Regulations and Decisions of the State Council( two thousand and twenty-two ) It further clarifies the power boundary of the password management department and provides a clear basis for the password management department to standardize the commercial password administration according to law.
Second, Stimulate market vitality and build a commercial password detection and authentication system. Cancel the approval of commercial password product varieties and models, And General Administration of Market Supervision common Establish a commercial password authentication system, and Compulsory certification shall be implemented for commercial password products involving national security, national economy and people's livelihood, and social and public interests to ensure the organic unity of safeguarding national security and meeting social needs. two thousand and twenty year three month twenty-six The General Administration of Market Supervision 、 The State Encryption Administration jointly issued the Opinions on the Implementation of Commercial Password Detection and Authentication. thereafter also Successively We jointly released the Announcement on Publishing the Certification Catalogue of Commercial Password Products (the first batch) and the Certification Rules of Commercial Password Products, and the Announcement on Publishing the Certification Catalogue of Commercial Password Products (the second batch), so as to build a relatively complete commercial password detection and certification system.
Third, implement legal responsibilities and further promote the application of commercial passwords. All regions and departments, in accordance with the requirements of the Password Law, actively promote the application of commercial passwords in important fields such as basic information networks, important information systems, important industrial control systems and government information systems, and use commercial passwords to escort 5G , Internet of Things, cloud computing, big data, artificial intelligence, blockchain, quantum communication, digital economy and other new technologies, new business forms security development. In the fields of finance, public security, social security, transportation, energy, water conservancy, education, radio and television, taxation and other fields, the application of passwords has been expanding in depth, giving full play to password It plays a central role in safeguarding national network and information security.
In recent years, the national network security legislation has accelerated. The Data Security Law and the Regulations on the Security Protection of Key Information Infrastructure 、 Personal Information Protection Law and Administrative Measures for National Government Information Project Construction one after another Issued to further implement the Password Law on password application And safety assessment , providing a solid legal basis for giving full play to the key role of passwords in network security protection.
In order to implement the national security review system involving commercial passwords stipulated in the Password Law , two thousand and twenty-one year twelve month twenty-eight National Cyberspace Office, together with the State Password Administration, etc thirteen The departments jointly announced the newly revised Network Security Review Measures (the State Cyberspace Office, the State Password Administration, etc thirteen Department Order No eight No.). The Measures clearly stipulates that under the leadership of the Central Cyber Security and Informatization Commission, the State Cyberspace Office, together with the State Password Administration, etc thirteen The department has established a national network security review mechanism, which provides a system basis for the password management department to carry out national security review involving commercial passwords in accordance with the Network Security Law and the Password Law.
Fourth, Pay attention to the combination of regulation and supervision, and improve the supervision of commercial passwords during and after the event. Deeply promote in accordance with the unified deployment of the CPC Central Committee and the State Council “ Pipe release suit ” The reform, while canceling administrative examination and approval matters, will shift more administrative resources from pre examination and approval to in-process and post supervision, and focus on building a commercial password in-process and post supervision system with clear rights and responsibilities, fairness, transparency, simplicity and efficiency. Mainly carry out daily inspection, supplemented by special rectification Business password Random inspection and continuous promotion of administrative law enforcement “ Three systems ” We have strictly standardized the administrative law enforcement of commercial passwords and achieved good social results.
Fifth, Continuous progress has been made in the innovation of cryptography technology. According to the Password Law “ Establish and improve commercial password standard system ” We will accelerate the standardization of commercial passwords. by two hundred and two two year eight In September, the National Standards Commission issued the national standard for commercial passwords forty-three The State Password Administration has issued the commercial password industry standard one hundred and twenty-nine It covers many fields such as commercial password technology, products, services, applications, detection and management, and has formed a relatively complete and complete commercial password standard system. Actively promote the international standardization of commercial passwords, promote China's password standards to become international standards, and promote the transformation and application of commercial passwords between Chinese standards and foreign standards. In recent years, major breakthroughs have been made in the international standardization of commercial passwords 。 two thousand and twenty-one year ten Month, ISO/IEC JTC1/SC27 The meeting announced that China SM9 Key exchange protocol as an international standard ISO/IEC 11770-3 : two thousand and twenty-one Information Technology Key Management three Part: Mechanisms for the Use of Asymmetric Technologies, part of the International Organization for Standardization ISO/IEC Officially released. It marks the independent development of SM2 Elliptic curve public key cryptography signature algorithm SM3 Cryptographic hash algorithm SM4 Block cipher algorithm ZUC Sequence cipher algorithm SM9 Identity encryption algorithms have become international standards, which is of great significance to promote the development of China's commercial password industry and enhance the international influence of China's commercial passwords 。
Sixth, Strengthen personnel training and actively promote cryptography discipline major build 。 two thousand and twenty-one year two In June, the Ministry of Education issued an announcement, officially “ Cryptography Science and Technology ” Listed in the undergraduate specialty catalog of ordinary colleges and universities, approved Beijing Institute of Technology University, Beijing Institute of Electronic Science and Technology, Nankai University, Shandong University, Huazhong University of Science and Technology, Hainan University, Xi'an University of Electronic Science and Technology etc. Newly established universities “ Cryptography Science and Technology ” Undergraduate major. At present, there are thirteen Universities offer undergraduate programs in cryptography, nine Cryptography colleges (departments) were established in three universities. two thousand and twenty-one year three month seventeen The Ministry of Education released the Professional Catalog of Vocational Education( two thousand and twenty-one ), which has been added to higher vocational education “ Application of Cryptography ” Professional. Same year three The Ministry of Human Resources and Social Security, together with the General Administration of Market Supervision and the National Bureau of Statistics, issued the eighteen The password technology application staff was officially identified as a new occupation. The new profession of cryptographer has been released, becoming the first profession in the field of cryptology to enter the Code of Occupational Classification of the People's Republic of China. The national professional skill standards for cryptographers jointly formulated by the Ministry of Human Resources and Social Security and the State Password Administration have been issued on two thousand and twenty-two year seven month six It was officially promulgated and implemented on July. The above measures will further improve the training quality of password professionals, standardize the evaluation of password talents, effectively meet the application needs of social password talents, and provide solid talent support for promoting high-quality development of the password cause.
Seventh, the academic ecology of cryptography has continued to flourish. All kinds of cryptographic academic research have been actively developed, academic exchange platforms have been continuously improved, and major academic activities such as seminars, lectures and forums have become increasingly rich. The brand influence of cryptographic academic conferences and the level of cryptographic academic journals have been significantly improved. The Cryptographic Society of China focuses on new achievements and new directions of cryptography technology, builds an industry university research exchange platform, holds an international academic conference on cryptography, and issues the Report on the Development of Chinese Cryptography. The research on the rule of law in cryptography has yielded fruitful results, with a number of outstanding experts in cryptography law and research institutions on the rule of law emerging, and research results such as articles and journals on cryptography law have been published continuously.
Approved by the State Password Administration, two thousand and twenty-two year six month one The first think tank and service platform in China dedicated to the rule of law of passwords to promote the application and innovative development of passwords —— The practice and innovation base of password rule of law was officially inaugurated in Suzhou, Jiangsu Province. The base provides decision-making consultation, compliance guidance and other services for the party and government organs, the password industry and all sectors of society in major password strategies, policies and regulations, and gives full play to the basic and supportive role of password rule of law in promoting the development of the password industry, Provide a solid intellectual support for the high-quality development of cryptographic work.
Editor in charge:
