11月1日起,13項網絡安全國家標準開始實施
2024-10-31 市(shi)說新(xin)語 點擊:次
11月1日起,《網絡安(an)全技術信息技術安(an)全評(ping)估準則》等(deng)13項網絡安(an)全國家標(biao)準開始實施,將(jiang)為引領(ling)網絡安(an)全產業高質(zhi)量(liang)發展(zhan),增強廣大人(ren)民群眾的獲(huo)得(de)感、幸(xing)福感和安(an)全感提供標(biao)準支撐。
《網絡(luo)安(an)(an)(an)(an)(an)全(quan)技(ji)術(shu)(shu)信(xin)息(xi)技(ji)術(shu)(shu)安(an)(an)(an)(an)(an)全(quan)評(ping)(ping)(ping)估(gu)(gu)準則(ze)第1部分(fen)(fen):簡介和一般模(mo)(mo)型》(GB/T 18336.1—2024)、《網絡(luo)安(an)(an)(an)(an)(an)全(quan)技(ji)術(shu)(shu)信(xin)息(xi)技(ji)術(shu)(shu)安(an)(an)(an)(an)(an)全(quan)評(ping)(ping)(ping)估(gu)(gu)準則(ze)第2部分(fen)(fen):安(an)(an)(an)(an)(an)全(quan)功(gong)(gong)能組(zu)(zu)件(jian)》(GB/T 18336.2—2024)、《網絡(luo)安(an)(an)(an)(an)(an)全(quan)技(ji)術(shu)(shu)信(xin)息(xi)技(ji)術(shu)(shu)安(an)(an)(an)(an)(an)全(quan)評(ping)(ping)(ping)估(gu)(gu)準則(ze)第3部分(fen)(fen):安(an)(an)(an)(an)(an)全(quan)保(bao)(bao)障(zhang)組(zu)(zu)件(jian)》(GB/T 18336.3—2024)、《網絡(luo)安(an)(an)(an)(an)(an)全(quan)技(ji)術(shu)(shu)信(xin)息(xi)技(ji)術(shu)(shu)安(an)(an)(an)(an)(an)全(quan)評(ping)(ping)(ping)估(gu)(gu)準則(ze)第4部分(fen)(fen):評(ping)(ping)(ping)估(gu)(gu)方(fang)法(fa)和活動的(de)(de)規范框(kuang)架》(GB/T 18336.4—2024)、《網絡(luo)安(an)(an)(an)(an)(an)全(quan)技(ji)術(shu)(shu)信(xin)息(xi)技(ji)術(shu)(shu)安(an)(an)(an)(an)(an)全(quan)評(ping)(ping)(ping)估(gu)(gu)準則(ze)第5部分(fen)(fen):預定(ding)義的(de)(de)安(an)(an)(an)(an)(an)全(quan)要求包(bao)》(GB/T 18336.5—2024)、《網絡(luo)安(an)(an)(an)(an)(an)全(quan)技(ji)術(shu)(shu)信(xin)息(xi)技(ji)術(shu)(shu)安(an)(an)(an)(an)(an)全(quan)評(ping)(ping)(ping)估(gu)(gu)方(fang)法(fa)》(GB/T 30270—2024)等(deng)6項推薦性國家標準,是對軟件(jian)、硬件(jian)、固件(jian)形式的(de)(de)IT產品(pin)及其組(zu)(zu)合進(jin)行安(an)(an)(an)(an)(an)全(quan)測評(ping)(ping)(ping)的(de)(de)基礎標準,為產品(pin)消費者、開(kai)發(fa)者、評(ping)(ping)(ping)估(gu)(gu)者提(ti)供(gong)了(le)基本的(de)(de)安(an)(an)(an)(an)(an)全(quan)功(gong)(gong)能和保(bao)(bao)障(zhang)組(zu)(zu)件(jian),內(nei)容吸納了(le)國際網絡(luo)安(an)(an)(an)(an)(an)全(quan)評(ping)(ping)(ping)估(gu)(gu)領域模(mo)(mo)塊化評(ping)(ping)(ping)估(gu)(gu)、多重保(bao)(bao)障(zhang)評(ping)(ping)(ping)估(gu)(gu)、供(gong)應鏈分(fen)(fen)析(xi)等(deng)最新(xin)理念,將為我國具(ju)有安(an)(an)(an)(an)(an)全(quan)功(gong)(gong)能IT產品(pin)的(de)(de)開(kai)發(fa)、評(ping)(ping)(ping)估(gu)(gu)以及采購(gou)過程提(ti)供(gong)指(zhi)導。
《網(wang)(wang)(wang)絡安(an)全(quan)(quan)技術(shu)無線(xian)局(ju)域(yu)(yu)網(wang)(wang)(wang)客戶(hu)(hu)端安(an)全(quan)(quan)技術(shu)要求》(GB/T 33563—2024)、《網(wang)(wang)(wang)絡安(an)全(quan)(quan)技術(shu)無線(xian)局(ju)域(yu)(yu)網(wang)(wang)(wang)接(jie)入(ru)系統(tong)安(an)全(quan)(quan)技術(shu)要求》(GB/T 33565—2024)兩項(xiang)推薦性國家標準,規定(ding)了(le)無線(xian)局(ju)域(yu)(yu)網(wang)(wang)(wang)客戶(hu)(hu)端與接(jie)入(ru)系統(tong)的(de)(de)安(an)全(quan)(quan)功能要求和(he)安(an)全(quan)(quan)保障要求,給出了(le)無線(xian)局(ju)域(yu)(yu)網(wang)(wang)(wang)客戶(hu)(hu)端與接(jie)入(ru)系統(tong)面(mian)臨安(an)全(quan)(quan)問題(ti)的(de)(de)說明,能夠為無線(xian)局(ju)域(yu)(yu)網(wang)(wang)(wang)客戶(hu)(hu)端產品與接(jie)入(ru)系統(tong)的(de)(de)測(ce)試、研制和(he)開(kai)發提供指導。
《網絡安(an)全技(ji)術(shu)零(ling)信(xin)任參考體(ti)(ti)(ti)系(xi)架構(gou)》(GB/T 43696—2024)、《網絡安(an)全技(ji)術(shu)證(zheng)書應(ying)用綜合服務接口規(gui)范》(GB/T 43694—2024)兩項推(tui)薦性國家標準,分別規(gui)定了零(ling)信(xin)任參考體(ti)(ti)(ti)系(xi)架構(gou)以及面向(xiang)證(zheng)書應(ying)用的(de)(de)綜合服務接口要(yao)求和(he)(he)(he)相應(ying)驗證(zheng)方法,對(dui)于采用零(ling)信(xin)任體(ti)(ti)(ti)系(xi)框架的(de)(de)信(xin)息系(xi)統的(de)(de)規(gui)劃、設計,公鑰密(mi)碼(ma)(ma)基礎設施(shi)應(ying)用技(ji)術(shu)體(ti)(ti)(ti)系(xi)下證(zheng)書應(ying)用中(zhong)間件(jian)和(he)(he)(he)證(zheng)書應(ying)用系(xi)統的(de)(de)開發(fa),以及密(mi)碼(ma)(ma)應(ying)用支撐(cheng)平臺的(de)(de)研制和(he)(he)(he)檢測具(ju)有重要(yao)意義。
《網(wang)絡(luo)安(an)(an)(an)全(quan)(quan)(quan)(quan)(quan)技術軟(ruan)件(jian)(jian)供(gong)(gong)應鏈(lian)安(an)(an)(an)全(quan)(quan)(quan)(quan)(quan)要求(qiu)》(GB/T 43698—2024)、《網(wang)絡(luo)安(an)(an)(an)全(quan)(quan)(quan)(quan)(quan)技術網(wang)絡(luo)安(an)(an)(an)全(quan)(quan)(quan)(quan)(quan)眾測(ce)服務(wu)要求(qiu)》(GB/T 43741—2024)、《網(wang)絡(luo)安(an)(an)(an)全(quan)(quan)(quan)(quan)(quan)技術軟(ruan)件(jian)(jian)產品(pin)開源代(dai)碼安(an)(an)(an)全(quan)(quan)(quan)(quan)(quan)評(ping)價(jia)(jia)(jia)方法(fa)》(GB/T 43848—2024)3項推薦性(xing)國家標準,分別確立了(le)軟(ruan)件(jian)(jian)供(gong)(gong)應鏈(lian)安(an)(an)(an)全(quan)(quan)(quan)(quan)(quan)目標,規定(ding)了(le)軟(ruan)件(jian)(jian)供(gong)(gong)應鏈(lian)安(an)(an)(an)全(quan)(quan)(quan)(quan)(quan)風(feng)險管(guan)理(li)(li)(li)(li)(li)要求(qiu)和(he)供(gong)(gong)需雙(shuang)方的(de)(de)組(zu)織(zhi)管(guan)理(li)(li)(li)(li)(li)和(he)供(gong)(gong)應活動管(guan)理(li)(li)(li)(li)(li)安(an)(an)(an)全(quan)(quan)(quan)(quan)(quan)要求(qiu),描述了(le)網(wang)絡(luo)安(an)(an)(an)全(quan)(quan)(quan)(quan)(quan)眾測(ce)服務(wu)的(de)(de)角色以及職責、服務(wu)流程(cheng)、安(an)(an)(an)全(quan)(quan)(quan)(quan)(quan)風(feng)險、服務(wu)要求(qiu),規定(ding)了(le)軟(ruan)件(jian)(jian)產品(pin)中的(de)(de)開源代(dai)碼成分安(an)(an)(an)全(quan)(quan)(quan)(quan)(quan)評(ping)價(jia)(jia)(jia)要素和(he)評(ping)價(jia)(jia)(jia)流程(cheng),對軟(ruan)件(jian)(jian)供(gong)(gong)應鏈(lian)中的(de)(de)供(gong)(gong)需雙(shuang)方開展(zhan)風(feng)險管(guan)理(li)(li)(li)(li)(li)、組(zu)織(zhi)管(guan)理(li)(li)(li)(li)(li)和(he)供(gong)(gong)應活動管(guan)理(li)(li)(li)(li)(li)具有引領(ling)和(he)促進作(zuo)用,將為網(wang)絡(luo)安(an)(an)(an)全(quan)(quan)(quan)(quan)(quan)眾測(ce)服務(wu)活動提(ti)供(gong)(gong)幫(bang)助指導,助力各(ge)方對軟(ruan)件(jian)(jian)產品(pin)包(bao)含的(de)(de)開源代(dai)碼成分進行(xing)靜態(tai)安(an)(an)(an)全(quan)(quan)(quan)(quan)(quan)評(ping)價(jia)(jia)(jia)。(來源:市(shi)說新語(yu))

掃碼投訴