talks about network security
2022 on the occasion of Guangdong Provincial Network Sanior Publicity Weekly, Yang Pengfei, director of the Guangdong Provincial Government Service Data Administration, accepted an exclusive interview with the Southern Metropolis Daily, explaining the exploration and innovation of the Guangdong digital government network security construction.
is understood that this year the Guangdong Provincial Network Security Propaganda Week is led by the Provincial Party Committee's Propaganda Department, the Provincial Party Committee Editors, the Provincial Public Security Department, the Provincial State -owned Assets Supervision and Administration Commission, the Provincial Radio, Film and Television Bureau, and the Provincial Government Service Data Management The Bureau, the Provincial Federation of Trade Unions, the Provincial Party Committee of the Communist Party of China, the Provincial Women's Federation, and the Communications Administration of the Provincial and the Guangzhou Branch of the People's Bank of China will continue from September 5 to September 11.
four levels guarantee digital government network security
In the process of deepening the construction of the digital government 2.0, how will it better guarantee Network security?
Yang Pengfei: Guangdong Digital Government Construction mainly builds a network security guarantee architecture system from four levels.
is first to strengthen the top -level design and clarify the division of responsibilities. Clarify the security responsibilities of the Provincial Government Service Data Administration, the Provincial Party Committee's Network Information Office, the Provincial Confidentiality Bureau, the Provincial Public Security Department, the Provincial Communications Administration, and other provincial departments and other provincial departments, and the provincial digital government construction and operation center. Confidentiality, public security, and political numbers participating in the joint prevention joint control and safety inspection mechanisms, and strengthen the standardized management of participating in digital government construction and operating enterprises.
The second is to build a "three horizontal and four vertical" network security system. Specifically, including the construction of the four major security systems of "safety management, safety technology, safety operations, and safety supervision", it runs through the entire process of digital government cloud platforms, big data centers, and government affairs applications. The various tasks involved in the framework of the network security system, the overall implementation plan is formed according to the severity.
Three is to establish a deep network security protection system. Build a provincial unified identity management platform and realize "one registration, universal network". Prepare security standards for networks, cloud platforms, hosting, applications, data and other aspects, and build a network, cloud platform, host, application, data security service capacity pool. Build a unified security situation platform, realize the analysis of the internal security situation of the digital government network and the Internet threat intelligence intelligence, and strengthen the warning and discovery capabilities of large -scale network security incidents, online leakage events and discovery. Carry out activities such as risk assessment, deep penetration test , actual combat offensive and defensive drills, and timely discover hidden safety hazards to comprehensively improve the digital government defense capabilities.
is then carried out by supervision and inspection. The Provincial Government Service Data Administration Joint Provincial Party Committee's Network Information Office, the Provincial Confidentiality Bureau, the Provincial Public Security Department, the Provincial Communications Administration and other departments, through regularly carrying out the "Cantonese" actual offensive and defensive drills, the confidentiality inspection of the government information system, the key information infrastructure of security inspection and other activities, timely discover and rectify hidden dangers to ensure the closed -loop management of vulnerabilities.
Nandu: So what are the highlights of Guangdong in the construction of digital government network security?
Yang Pengfei: Guangdong has focused on solving four types of problems such as "what to do", "who do", "how to do" and "how to evaluate the effect" in the digital government network security construction.
Specifically, relying on network security "national team" and the capacity of top domestic security enterprises, compile the overall planning of the nation's first provincial digital government network security system construction, clarify the security supervision department, system supervisor unit, and digital government construction and operation center Safety responsibilities have clarified 22 specific tasks of coordination, organizational management, technical protection, monitoring and early warning and emergency treatment, safety confidentiality supervision, training and education and evaluation. At the same time,
has also promoted the establishment of a multi -dimensional network security joint control mechanism participated in multi -dimensional network security joint prevention and control mechanisms participating in multi -departments such as network information, confidentiality, public security, communication management, and government services.Organize the Five Electronics of the Ministry of Industry and Information Technology and believe that the domestic leaders such as are convinced by the four dimensions of security management, safety construction, safety operations, and security effects. Tens of thousands of related data such as big data monitoring, emergency, offensive and defensive drills, etc., form the first systematic and land -level provincial digital government network security index, effectively promote the continuous improvement of network security defense systems in various regions, and promote network security work. " Quantitative and evaluation. " In order to test the overall protection capacity of the digital government's network security in
, Guangdong also organized the "Cantonese" digital government network security actual combat and anti -defense drills covered by the "Guangdong -Dun" digital government covered by the entire field to conduct a comprehensive "physical examination" of the online government affairs system. Invite the nation's top cyber security attack team, to carry out more than 100 core important government affairs systems, cloud platforms and big data centers for more than 10,000 government information systems in the province, carry out actual soldiers, real networks, actual offensive and defensive drills, discover and clear up Various types of network security risks. At present,
is currently an important source of the "Cantonese" offensive and defensive drill. The network security index has also become an important basis for the performance assessment of the network security work of the city. The "Cantonese" offensive and defensive drills, network security index and network security assessment form a "support" and "three -party linkage", which jointly promote the good effect of the overall level of network security in the digital government.
establishes a unified data security protection system
Nandu: Guangdong issued public data management measures last year.
Yang Pengfei: Guangdong has accelerated the establishment of a unified digital government data security protection system. , Safety risk monitoring and emergency response disposal, as well as standardized management of data resource development and utilization.
Specifically, the Provincial Government Service Data Administration is responsible for supervising and managing the security of provincial information system data, organizing provincial departments to strengthen the protection of industry data, guiding public data circulation security protection work; Responsibilities of public data security supervision in the field; Digital source units bear the data security management responsibilities of public data collection, approval and providing processes, and data security management responsibilities of data security use of data usage. In order to promote the orderly development and utilization of data resources, compile the "Administrative Measures for Public Data Security in Guangdong Province" and "Code for Desens of Public Data from Guangdong Province", etc., promote the standardization and standardization of data security management, and explore the commitment system of data security. At the same time,
, relying on the network security protection capabilities of the provincial government cloud platform to provide basic security guarantee for data security. The provincial "one network sharing" platform application system is planned in the design, development, operation, operation and maintenance simultaneous planning, simultaneous implementation, and the operation of various data security technology protection measures. Strengthen the protection of the entire life cycle. The platform development, operations, and operation and maintenance personnel must sign the confidentiality agreement . The relevant personnel account password shall be managed by the provincial unified identity certification platform and uniformly authorized. Among them, the data access permissions give users minimum operating permissions in accordance with the principle of "application on demand and minimum authorization".
In addition, the uniform data resources are connected to the provincial "one network sharing" platform. After the approval of data sharing and open demand, the corresponding data services are provided in the form of API interface to ensure that the data is "available and invisible" to avoid data sharing at will and data out of control. At the same time, relying on third -party normalized security assessment services, data security management systems and logs in the log, the data security normalization risk assessment and monitoring mechanism is established to actively discover data security risks. Carry out actual combat exercises on a regular basis, "attack and defense" to improve the ability of emergency response and emergencies.
Nandu: Since this year, Guangdong has regarded the market -based configuration reform of data factor. What are the practices of Guangdong data element marketization reform in implementing security responsibilities?
Yang Pengfei: Guangdong builds a two -level data factor market, always adheres to the "one game of the whole province", promotes the empowerment of data elements in various fields, and promotes orderly circulation transactions in accordance with the law in accordance with "data security, innovation leadership, integration and empowerment". In terms of implementation of security responsibilities, we have taken the following measures:
First is to establish a Guangdong data circulation trading platform system. Based on the digital government public support platform, the Guangdong data circulation trading platform system with "unified rules, efficient services, and supervision specifications" is constructed to build a "one network" of data circulation transactions in the province.
Two is to improve the public support capabilities of data circulation transactions. Relying on the public support system such as Guangdong Province , it provides public support and comprehensive technical guarantee for the province's data circulation transactions. Promote the application of electronic certificates , data asset vouchers, digital space, electronic seal, etc. in data circulation transactions, to achieve data circulation transactions unified identity certification, unified electronic deposit certificate, unified data use authorization, unified electronic signature, and realize data circulation The transaction is efficient and convenient, interconnected, and effective supervision.
Third is to strengthen the security support capabilities of data circulation transactions. Related platforms involving data circulation transactions access the data asset voucher system, and practice "data available invisible, controlled measurement and measurement" data circulation trading model, and through data asset vouchers, blockchain and other technologies, realize the entire process of data circulation transactions mark.
Fourth is to strengthen the standardization of data circulation transaction standards. Focus on formulating unified technical specifications and service specifications in the fields of data resource development, data asset registration, circulation transactions, delivery implementation, data authorization, and supervision and management.
Five is to build data circulation networks, data operation institutions, data trading venues and other data circulation trading hubs such as new data circulation infrastructure, data operation institutions, and data trading venues. Build data circulation trading infrastructure, support the construction of various platforms such as data registration, transaction circulation, dispute arbitration, supervision and management, etc., to ensure that the data is clear in circulation, trading, use reasonable purpose, clear scene authorization, fair and transparent process, in order to establish the province in this province Data factor markets and circulation transaction mechanisms provide technical and security support.
Six is to strictly implement the " Personal Information Protection Law ", build a digital space of individuals and legal persons in Guangdong Province, and strengthen the number of data main authority. The user can enter the digital space to access the data after the face recognition is strongly certified. After the second face recognition and the electronic signature authorization, the corresponding number of authorization code can be generated, and related data is used by the number of units according to the authorization information. The data storage and transmission processes adopt a high -level domestic password plus encryption algorithm. The authorized data content, and the use of digital systems and other information to generate licensed vouchers for authorization through the Guangdong data asset voucher platform and deposit certificates through the blockchain to ensure that the authorization records cannot be changed and traceable. At the same time, all authorized vouchers and data call records are open to the data subject through digital space. The data use is more transparent and more assured.
61 units joined the digital government network security industry alliance
Nandu: What are the ideas and actions in the cultivation of network security social ecology and industrial ecology?
Yang Pengfei: Guangdong initiated the establishment of the first digital government network security industry alliance to create a digital government network security co -construction and sharing platform. At present, the alliance has gathered 61 Internet companies, security companies, universities, research institutions, research institutions and application units that actively devoted themselves to the development of the digital government's network security industry. Six professional committees including the committee, the planning and standard committee, and the market and investment committee.
In addition, the alliance also set up a network security exchange platform to regularly hold a series of "industry network security and data security exchange meeting" series of exchange meetings to help the development of the network security industry; assist in the formulation of digital government data security governance, data security technology, data security management, and data security management, and data security management, and data security management, and data security management. Data security operations and other standards guide all localities and departments to strengthen the security management and technical protection of the entire life cycle of data, promote the application of security, reliable technology and products, and further improve the overall security protection level of the digital government.
Produced: Southern Metropolis Daily Nandu Big Data Research Institute
Plan: Rongmingchang Liu Jiangtao
Coordinating: Zou Ying Ling Huishan
Writing: Nandu reporter Yuan Jiongxian Design: Liu Yinshan
