信息技術已經成為應 用面極廣、滲透性很強的戰略性技術。信息安全產品和信息系統固有的敏感性和特殊性，直接影響國家的安全利益和經濟利益。各國政府紛紛采取頒布標準，實行測 評和認證制度等方式，對信息安全產品的研制、生產、銷售、使用和進出口實行嚴格、有效的控制。美、英、德、法、澳、加、荷、韓等國家先后建立了國家信息安 全測評認證體系。
China Information Technology Security Evaluation Center
2017-08-02 09:02 來源： 中國信息安全測評中心
The China Information Technology Security Evaluation Center (CNITSEC), approved and authorized by the Chinese central government, is an authoritative security evaluation facility with the mission of providing security evaluation services to assure the security of information technology and advance relevant researches.
By the mandate of the central government, the responsibility of CNITSEC is the integration of the following aspects:
- Information security vulnerability analysis and risk assessment
- Security evaluation of IT product, system and engineering project
- Qualification evaluation of information security service providers and professional
- Information security technology consultation, engineering supervision and development service
- Theoretical and technical researches on cyber-security technology and standardization
- Publication of the magazine“China Information Security”
As the integral part of the national infrastructure of cyber security assurance system, CNITSEC is well-funded with various national dedicated projects which foster the construction of national engineering laboratories and technical facilities, including the fundamental China National Vulnerability Database (CNNVD), three national engineering laboratories with different technical orientations, known as respectively the National Engineering Laboratory for Mobile security, the National Engineering Laboratory for Industrial Control Systems Security Technology, and also the National Engineering Laboratory for Big Data Collaborative Security Technology. Over the years, dozens of professional technical platforms and systems, as the witness of our achievement, have been constructed to help us to adapt to the ever changing needs from national informatization strategy and cyber security evolution process.
Since established in 1998, CNITSEC has devoted itself to the technical assurance of the national cyber-security under relevant laws and regulations. We have successfully accomplished hundreds of national information security review missions and tailored a specific risk assessment framework and procedure for the CPC and government departments, national critical infrastructures and major state-owned enterprises. Moreover, we have over the past years offered a range of various services to the public, such as the security evaluation services to thousands of domestic and overseas IT products and application systems with varied forms of hardware, software and their integration, technical training service to 100 thousands of information security professionals, and qualification evaluation service to thousands of information security vendors and service providers. Furthermore, we have developed all-round strategic partnership by signing cooperation agreements with more than 40 industry and government sectors to provide integration service of security testing, vulnerability disclosure, security advisory, intrusion detection, emergency response and all types of technical support as a whole.