网络安全作为国家安全的一部分,其安全检查与评估所依循的规章制度分布在国家安全审查或网络空间管理的政策制度中。本文着眼于国际上现行的网络安全审查相关制度,重点分析各国在信息技术产品和服务安全评估、关键信息基础设施安全评估与管理、供应链安全和背景安全调查等方面的做法,从法律法规、组织体系、运行模式、审查方法和支撑技术等方面研究建立我国的网络安全审查制度。%Cybersecurity is part of national security. The rules and regulations for security testing and evaluation are distributed as policies for national security review or cyberspace management. This paper focuses on the current international systems related to cybersecurity review, and analyzes governments’ practices in the aspects of information technology product and service security evaluation, critical information infrastructure security evaluation and management, information and communication technology (ICT) supply chain security, and background security investigation. Based on the above, this paper discusses how to establish a cybersecurity review system in the fields of law and regulation, organization framework, operation mode, review approach, and supporting technology.
展开▼
