Beijing, China — Feb. 28, 2003 — Representing China government, China Information Technology Security Certification Center (CNITSEC) signed an agreement with Microsoft at the Sate Developing & Planning Commission (SDPC) office to participate in the recently announced Government Security Program (GSP). Mr. Wang Chunzheng, Vice Chairman of the SDPC presided over the signing ceremony. Microsoft Chairman and Chief Software Architect Bill Gates briefed Microsoft's sharing of source code access with China and signing of the GSP agreement with the related agency in China to Chinese President Jiang Zemin, during his reception of Bill Gates. The CNITSEC was authorized by SDPC to sign the GSP with Microsoft. Dr. Wu ShiZhong, Director of the CNITSEC reaffirmed that information technology security as part of the process of information transfer was a key issue for the government. “Microsoft’s GSP provides us with the controlled access to source code and technical information in an appropriate way. It also establishes cooperation between China and Microsoft. Microsoft has taken a great step forward to let us understand its product security.” Bill Gates, Chairman and Chief Software Architect of Microsoft said: “As part of Microsoft's commitment to creating a Trustworthy Computing environment, we are pleased to have signed this agreement. As a government customer and trusted partner, we are committed to providing the Chinese government with information that will help them deploy and maintain secure computing infrastructures. We see this agreement as a significant step forward in Microsoft's relations with the Chinese government.” The GSP is a global initiative that provides national governments with controlled access to Microsoft® Windows® source code and other technical information they need to be confident in the security of the Windows platform. The China Government is one of the first governments around the globe to sign the agreement. Russia, NATO and the UK announced GSP agreements with Microsoft last month. Microsoft is in discussions with more than 30 countries, territories and organizations about their interest in the program. The signing of the GSP is also a deliverable of the Memorandum of Understanding On Strengthening Software Industry Cooperation Microsoft signed with SDPC in June 2002. The Government Security Program is tailored to the specialized security requirements of governments. The program is a no-fee initiative that provides program participants the ability to review Windows source code using a smart-card based secure online access and subject to certain license restrictions. Under the GSP master agreement, the government agency can also authorize the sponsored agencies to undertake research projects in the field of information security. In addition to source access, the GSP provides for the disclosure of technical information about the Windows platform, enhancing governments’ ability to build and deploy computing infrastructures with strong security technologies in place. The program also promotes increased communication and collaboration between Microsoft security professionals and program participants, providing opportunities to visit Microsoft development facilities in Redmond and review various aspects of Windows source-code development, testing and deployment processes; discuss existing and potential projects with Microsoft security experts; and generally interact with and provide feedback directly to Microsoft staff.The Government Security Program also supports and builds on the Common Criteria (CC) certification. Windows 2000 achieved CC certification — a globally accepted, independent standard for evaluating the security features and capabilities of information technology products — last October for the broadest set of real-world scenarios yet achieved by any operating system as defined by the Common Criteria for Information Technology Security Evaluation (CCITSE). Common Criteria was adopted by China State Bureau of Technical and Quality Supervision (CSBTQS) as information security standard by the name GB/18336 in 2001. CNITSEC is a Chinese Government’s authority designed to fulfill national IT security certification responsibilities. In accordance with China laws of product quality certification and IT security management, CNITSEC operates and maintains National Evaluation and Certification Scheme for IT Security. For more information ,please visit http://www.itsec.gov.cn.