IoT Security Policy and Regulation Initiatives in China. Fan Dongyang, Huawei

Similar documents
China IoT New Developments and EU- China Cooperation

Development Progress and OEM Perspective of C-V2X in China

Benefits of Open Cross Border Data Flows

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

China ITS Standardization

National program of digital transformation

CYBERSECURITY INITIATIVES IN VANUATU

ICT Policy Perspective for APEC. Ministry of Internal Affairs and Communications March 2015

Discussion on MS contribution to the WP2018

System and Practice of Information Security Certification for IT products in China

The EU Digital Single Market Roadmap

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

Angela McKay Director, Government Security Policy and Strategy Microsoft

Green California Summit. Paul Clanon Executive Director California Public Utilities Commission April 19, 2011

Legal framework of ensuring of cyber security in the Republic of Azerbaijan

SESEC III. China IT/ICT Standardization Newsletter. January, February, March 2018

Role of CAICT in promoting ICT research, stakeholder cooperation and capacity building. Dr XIE, YI. Vice President, CAICT

China and International Governance of Cybercrime

Regional and subregional approaches to the Digital Economy: Lessons from Asia-Pacific and Latin America

5G Progress in China. May, 2017

European Union Agency for Network and Information Security

Information Technology Branch Organization of Cyber Security Technical Standard

How UAE is Driving Smart Sustainable Cities: key Achievements and Future Considerations

REALISING JORDAN S MOBILE FUTURE 28 APRIL 2014 AMMAN, JORDAN

WORKSHOP CYBER SECURITY AND CYBERCRIME POLICIES FOR AFRICAN DIPLOMATS. Okechukwu Emmanuel Ibe

Commonwealth Cyber Declaration

JOINT MEDIA STATEMENT

Cybersecurity Strategy of the Republic of Cyprus

ICTs AND SUSTAINABLE ENERGY: Realizing the Full Potential

Doug Couto Texas A&M Transportation Technology Conference 2017 College Station, Texas May 4, 2017

World Telecommunication Development Conference (WTDC- 14) Dubai, 30 March 10 April 2014

11th Annual WCO PICARD Conference Manila, Philippines September 2016 Transforming China ecustoms and E-Port into National Single Window

Recommendations for Small and Medium Enterprises. Event Date Location

Forum. Ningbo, China 25 February

WORLD TELECOMMUNICATION STANDARDIZATION ASSEMBLY Hammamet, 25 October 3 November 2016

Environment Report,

International Conference on Automation, Mechanical Control and Computational Engineering (AMCCE 2015)

Smart infrastructure: unleashing ICT and road synergies

Protecting Critical Information Infrastructure in times of increasing cyber conflict

Data Protection Regulations and International Data Flows: Implications for Trade and Development

eheath and mhealth China Unicom s experience and view

Diana Korka Economic Affairs Officer, ICT Policy Section UNCTAD

Chinese Server Market Development and Major Brand Analysis

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

Fundamentals of Cybersecurity/CIIP. Building Capacity: Using a National Strategy & Self-Assessment

RWANDA S APPROACH TOWARDS EMERGING TECHNOLOGIES, opportunities and challenges

Netherlands Cyber Security Strategy. Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice

Thailand Digital Government Development Plan Digital Government Development Agency (Public Organization) (DGA)

NATIONAL GUIDELINES ON CLOUD COMPUTING FOR GOVERNMENT, MINISTRIES, DEPARTMENTS AND AGENCIES

ICT and Disaster Risk Reduction Division ESCAP

How Cybersecurity Initiatives May Impact Operators. Ross A. Buntrock, Partner

Poland: Initiative for Polish Industry 4.0 The Future Industry Platform

Smart Sustainable Cities. Trends and Real-World Opportunities

INDUSTRY 4.0 Summit 2018

Cyber Security in Europe and CEER s new PEER initiative

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Digital Security Risks to Transport Infrastructure: Automated Vehicles February, 2018

U.S. Japan Internet Economy Industry Forum Joint Statement October 2013 Keidanren The American Chamber of Commerce in Japan

Procuring Telecommunications and ICT Solutions in China. Neil Gallagher Director of Sales - Europe 31 st October 2018

Economic and Social Council

Critical Information Infrastructure Protection. Role of CIRTs and Cooperation at National Level

DIGITIZING INDUSTRY, ICT STANDARDS TO

Harmonizing of EU and EaP Digital Markets: HDM Initiative

Building digital societies in Asia: mobile government and m-services

OPTIMIZING CONNECTIVITY: Updated Recommendations to Improve China s Information Technology Environment

Since the 1980s, a new generation of

ENISA EU Threat Landscape

Singapore: Your Gateway to ASEAN*

2010/TELMIN/011 Benefiting Socio-Economic Activities Through the Application of ICT

CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT APRIL, SKOPJE

IT POLICY AND PROJECTS THAILAND

Cyber-physical systems - a Key Enabler for the Digitalisation of European Industry

A European Perspective on Smart Grids

Shaping smarter and more sustainable cities from WSIS to Habitat III

Quality Assurance and esecurity

Harmonisation of Digital Markets in the EaP. Vassilis Kopanas European Commission, DG CONNECT

QBPC s Mission and Objectives

Promoting Global Cybersecurity

EU policy on Network and Information Security & Critical Information Infrastructures Protection

Japan s Cyber Diplomacy

The Arab ICT Organization

Welcome to China NCPC!

E Government in Tonga

Cybersecurity Policy in the EU: Security Directive - Security for the data in the cloud

Hannover Declaration

Controlling traffic In a Connected world

2017/SOM3/DIA/007 Digital Trade Building Blocks

Cyber Security Law --- Are you ready?

Perspectives and research progress on 5G standard. MIIT, CHINA October 20, 2015

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

China s Digital Economy: Innovation Policies and Reflections

IEEE World Forum on Internet of Things December, 2015 Milan, Italy. Impact of IoT on 5G: Benefits and Challenges. 5G Special Generation

MOTION FOR A RESOLUTION

Digital Single Market Strategy for Europe

Package of initiatives on Cybersecurity

Connecting the Connectivities Symposium 11 June Thailand

Laws and Regulations & Data Governance

Orange Smart Cities. Smart Metering and Smart Grid : how can a telecom operator contribute? November

DIGITAL AGENDA FOR EUROPE

Transcription:

IoT Security Policy and Regulation Initiatives in China Fan Dongyang, Huawei

China Economy Facilitating High-quality Growth The new norm Going digital GDP Growth Rate Supply-side reform E-commerce is on the rise between 2006 and 2014,shipping leapt tenfold from 1 billion to 10 billion packages delivered. $14,3b sales Nov.11 2015 in Alibaba platform, 60% increase from 2014 2

The National Strategies Internet + Develop e-commerce, industry networks, and online banking, and raise the profile of Internet companies on the world stage. Boosting growth by infusing mobile Internet, cloud computing, big data, and IoT into manufacturing and others. Manufacture 2025 Enhance industry base, quality and brand, break through in main areas. Promoting green production, streamline industry structure, transformation to services and globalization Platform, Application, Technology, Security, Mechanism Action Plan for Promoting Development of Big Data Previous: Special Action Plan for M2M Development (2013-2015) 3

Cybersecurity Internet benefit for the country and people To proceed together with development Protection system for critical information infrastructure Core technologies Innovation, harmonization, green, open, and sharing 4

Industry and Ministries MIIT (Ministry of Industry and Information Technologies) Telecom + other about 20 industries CAC (Cyberspace Administration of China, Office of the Central Leading Group for Cyberspace of CCCP) Cybersecurity and Informationization NDRC (National Development and Reform Commission) MOST (Ministry of Science and Technology) SAC (Standardization Administration of China) 5

Industry Alliances Industry 4.0 Group IIC China Team Others Strategy Alliance for M2M Industry Technology Innovation M2M Standardization Group Smart City Standardization Group 29 8 11 6 10 AII Members Industry(225) ICT(29) University(8) 225 Research(11) Security(6) Abroad(10) 6

Non-governmental Organizations for Policies Self-regulation of data flow Industry IOT Cloud Service and Terminal standards Industry 4.0 public policy Internet + Car + Traffic Summit Energy Internet opportunities and challenges How to protect information security in the Big Data time Information security impact on China economy Digital Forum Security of social network Way of China Cybersecurity legislation IT industry Cybersecurity best practices Industry control system security workshop 7

Available Law and Regulations 2015 State Council - China Computer Information System Security Protection Regulation (first in 1994) 2007 MPS - Management Method for Information Security Protection for Classified Levels 2001 NPC Standing Committee Resolution about Protection of Internet Security 2012 NPC Standing Committee Resolution about Enhance Network Information Protection July 2015: National Security Law - secure and controllable systems and data security in critical infrastructure and key areas 2014 MIIT Guidance on Enhance Telecom and Internet Security 2013 MIIT Regulation about Telecom and Internet Personal Information Protection 2014 China Banking Regulatory Commission - Guidance for Applying Secure and Controllable Information Technology to Enhance Banking Industry Cybersecurity and Informatization Development 8

Law and Regulations in the Pipe Line CAC: Administrative Measures on Internet Information Services CAC Rules on Security Protection for Critical Information Infrastructure Cybersecurity Law - second read June 2016 Cyber Sovereignty Security of Product and Service Security of Network Operation (Classified Levels Protection, Critical Infrastructure) Data Security (Category, Personal Information) Information Security 9

Standardization - CCSA TC10 Ubiquitous Networks Security Requirements for Ubiquitous Networks M2M Technical Specification (Release 1) - Security Solutions Baseline for classified protection of IOT perception communication system Research on Physical layer security technology of Ubiquitous Network Perceived Extension Layer Terminal embedded operating system security requirements of the M2M Secure technology requirements for protocols of sensor layer of M2M Research on the security of communication between vehicle and Infrastructure TC8 Network and Information Security Requirement for classified level security protection of M2M information system Security framework and technical requirement for logistics information service General requirement for M2M node authentication TC11 Mobile Internet Application and Terminal Research on information security problems and key technologies of mobile internet vehicle Information security research for on-board intelligent terminal Security Requirements Analysis for Smart City 10

Standardization TC260 (IT Security) 11 Framework for critical information infrastructure Industrial control system security network security Management requirements Technical requirement for Industrial network Audit guidance protocol Classification guidance General reference model and requirements for Classification system security design guidance M2M security Protection technical requirement and test method Technical requirement for M2M data Specified firewall technical requirements transmission security Isolation and information exchange system security technical Technical requirement for M2M sensor gateway requirement Technical requirement for M2M sensor device Vulnerability detection technical requirement and test method Technical requirement for information security of Supervision security technical requirement and test method smart connected devices

Standardization Smart Manufacture Information Security Software, Device, Network, Data and security Protection Information Security Management Management and Supervision Industrial control network security, and information security Security requirement for industrial automatic product Distributed Control System security protection, management, audit, risk and vulnerability detection Security requirement for the programmable logic controller Network security specification of EPA(Ethernet for Plant Automation) for industrial measurement and control system Secure and controllable information system Electrical Power System Sensor network security: general technical specification, network transmission security technical and test specification, etc. 12

Summary The regulations for IoT Security are yet to come Intentions are for critical infrastructure, classified levels of security protection, information security and core technologies 13 13

Thank You Open, Transparent, Cooperative 14

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback