信息技术已经成为应 用面极广、渗透性很强的战略性技术。信息安全产品和信息系统固有的敏感性和特殊性，直接影响国家的安全利益和经济利益。各国政府纷纷采取颁布标准，实行测 评和认证制度等方式，对信息安全产品的研制、生产、销售、使用和进出口实行严格、有效的控制。美、英、德、法、澳、加、荷、韩等国家先后建立了国家信息安 全测评认证体系。
China Information Technology Security Evaluation Center
2017-08-02 09:02 来源： 中国信息安全测评中心
The China Information Technology Security Evaluation Center (CNITSEC), approved and authorized by the Chinese central government, is an authoritative security evaluation facility with the mission of providing security evaluation services to assure the security of information technology and advance relevant researches.
By the mandate of the central government, the responsibility of CNITSEC is the integration of the following aspects:
- Information security vulnerability analysis and risk assessment
- Security evaluation of IT product, system and engineering project
- Qualification evaluation of information security service providers and professional
- Information security technology consultation, engineering supervision and development service
- Theoretical and technical researches on cyber-security technology and standardization
- Publication of the magazine“China Information Security”
As the integral part of the national infrastructure of cyber security assurance system, CNITSEC is well-funded with various national dedicated projects which foster the construction of national engineering laboratories and technical facilities, including the fundamental China National Vulnerability Database (CNNVD), three national engineering laboratories with different technical orientations, known as respectively the National Engineering Laboratory for Mobile security, the National Engineering Laboratory for Industrial Control Systems Security Technology, and also the National Engineering Laboratory for Big Data Collaborative Security Technology. Over the years, dozens of professional technical platforms and systems, as the witness of our achievement, have been constructed to help us to adapt to the ever changing needs from national informatization strategy and cyber security evolution process.
Since established in 1998, CNITSEC has devoted itself to the technical assurance of the national cyber-security under relevant laws and regulations. We have successfully accomplished hundreds of national information security review missions and tailored a specific risk assessment framework and procedure for the CPC and government departments, national critical infrastructures and major state-owned enterprises. Moreover, we have over the past years offered a range of various services to the public, such as the security evaluation services to thousands of domestic and overseas IT products and application systems with varied forms of hardware, software and their integration, technical training service to 100 thousands of information security professionals, and qualification evaluation service to thousands of information security vendors and service providers. Furthermore, we have developed all-round strategic partnership by signing cooperation agreements with more than 40 industry and government sectors to provide integration service of security testing, vulnerability disclosure, security advisory, intrusion detection, emergency response and all types of technical support as a whole.