As the fifth largest domain of sovereignty, cyberspace security is of vital importance to national security. In recent years, driven by the requirements of relevant national laws and regulations and industrial policies, secure and trusted computing-related products and services represented by active immunity have flourished and become an important force in promoting the development of China’s cybersecurity industry. The introduction of the article briefly describes the importance of promoting the development of the trusted network industry and China’s requirements for the development of the trusted network security industry. The first part introduces the definition and requirements of the security and trusted industry, and the second part describes the active immunity and trustworthy industry. The status of computing in the development of trusted computing theory is becoming more and more important. The third part gives the main content of the security and trusted innovation system based on trusted computing 3.0, and the fourth part proposes the idea of construction of cybersecurity defense system based on classified protection 2.0 and trusted computing 3.0.
Nowadays, there is an increasing number of concerns about how to ensure both usability and security of data. In this paper, we propose a trusted execution environment (TEE) based confidential computing architecture to protect the data privacy without affecting its usability. We first abstract a model for the scenarios that privacy-preserving computing applies, then design a TEE-based confidential computing architecture and analysis its security.
At present, the framework of the national data security laws system has been basically established, and the data security governance scheme has taken shape, showing a collaborative, comprehensive, fine and diversified development trend. The government, enterprises, social organizations and individuals need to work together to build a positive data security management ecology. The information and communication enterprises now attach great importance to data security management. By building management system, improving technical capability, optimizing operation mechanism and creating value ecology, CMCC actively explores data security management practice.
Starting from 3GPP release 13, UE to network relay (U2N Relay) was introduced in proximity based service (Prose). Whether or not a UE is within the coverage of the base station, the UE can connect to a relay UE via the U2N Relay mode to access the network.With the introduction of the U2N control plane in 3GPP release 17, how to guarantee the control plane security in the U2N Relay mode is becoming an urgent problem to be solved. This paper introduces the difference between the layer 2 relay and layer 3 relay in the U2N Relay mode, gives an overall security analysis of such mode, and provides some solutions to resolve the security issues of U2N Relay service.
This paper focuses on the goal of creating a high-security cloud in the communication industry, and analyzes the background and challenges faced by cloud security; It provides an overall security framework for establishing a high security cloud brand and makes cloud security being “manageable, controllable and reliable” from five aspects:advancing the planning, playing to advantages, implementation of safety measures, consolidating the qualifications and building products.Taking advantages of the industry, it provides a method of implementation called “point-line-flat-body”. Furthermore, it proposes a general idea that we can build“Two System”,strengthen “One Platform”obediencing the Regulations, and provide strong support for the healthy and sustainable development of cloud services.
Ransomware is a type of malware that has become a significant threat to network security. To protect against ransomware attacks, organizations should focus on network security and implementing the data storage policies to defend themselves. Network security consists of malware prevention, detection and removal. At the same time,the storage security should involves the policies creating and technical support. This paper tries to demonstrate the ransomware attact and introduce the network security protection architecture, to discuss the secure storage technologies and architecture.
In recent years, cyber security insurance has developed rapidly and become an important tool to transfer and prevent network security risks. Foreign cyber security insurance market has experienced more than 20 years of development practice, has formed a relatively mature upstream and downstream ecology. By studying the industry environment and development trend of cyber security insurance in foreign countries, combined with the development status and business model of domestic cyber security insurance industry, this paper analyzes the problems faced by the development of domestic industry and puts forword development suggestions.
Automated decision-making relies on data generated by users. Although it improves work efficiency, it also makes users feel snooped and manipulated. In business scenarios involving automated decision-making, it is difficult to reduce the impact of personal information security. This paper analyzes the determinants of the impact of automated decision-making on personal information security, and discusses methods to reduce the impact, so as to provide a reference for enterprises to protect personal information in the process of automated decision-making.
With the accelerated improvement of policies related to the cultivation of data production factor market, industrial practice continues to deepen. While positive progress has been made, it still faces challenges such as low data quality, insufficient data application, absence of basic rules of data property rights and trading, and inadequate implementation of data security governance. To overcome these challenges, we need to work from two aspects: to refine the rule systems and to harness the technological innovation. In addition, as the exploration of data production factor continues, it is necessary to pay close attention to the adaptability between the rule systems and technology innovation, uphold and constantly adjust and optimize to maintain the balance between efficiency and fairness, and between development and security.
The exploration of local legislation on data started very early. The local legislation actively explored innovation while taking national policy and legal provisions as the guidance. The legislative content showed a trend from comprehensive to key areas, and then to comprehensive and parallel with key areas. The level of legislation was positively correlated with the level of digital economy development. Government data opening has always been the focus of local legislation on data, but there is no consensus on the definition of the core concept, which has become an unfavorable factor for the cross-regional flow of government data. Local legislation on data is faced with the dual test of legitimacy and rationality, so it should be taken special care of the relationship between legislative authority and innovation.
Ever since the outbreak of COVID-19, China has constantly increased its policy support for internet medical treatment. Internet medical treatment in China has witnessed rapid development and continuous innovation in terms of both service content and service mode. This paper comprehensively describes the current development condition of internet medical treatment, analyzes the operating subjects and development modes of internet medical treatment in detail and proposes the future development trend of internet medical treatment in China.
Homomorphic encryption is a cryptography technology based on the computational complexity theory of mathematical problems. It supports the calculation of data under the encrypted state, and the decrypted calculation result is consistent with the plaintext calculation result. As a hot research topic in privacy preserving computation, homomorphic encryption can be used in diverse application scenarios. We first introduce the development process of homomorphic encryption and relevant technologies. We then elaborate on the use cases of homomorphic encryption in typical application scenarios, such as secure intersection, secure querying, multi-party joint computing, and multi-party joint modeling. Finally, this paper analyzes and discusses the technical challenges and some research directions of current homomorphic encryption technologies.
Facial expression recognition is a research direction involving knowledge in many fields such as machine learning, image processing, psychology, etc., and its application scenarios are also quite broad. Recently, the study of facial expression recognition technology by emotion calculation has attracted attention. Facial expression recognition tasks generally consist of four parts: obtaining facial images, image preprocessing, feature extraction, and feature classification. Facial expression images are generally obtained directly from related data sets. Therefore, the step of image preprocessing is first introduced, followed by a sequential introduction of traditional research methods and deep learning methods in feature extraction and feature classification. Finally, a comprehensive elaboration of the data sets, development trends and challenges related to facial expression recognition is described.