"Under the new infrastructure, the Internet of Everything network attack will extend from the digital space to the physical space, posing a severe challenge to network security, and it is necessary to effectively deal with the hegemonic deterrence of monopoly cyberspace and build a solid network security defense line." At the "Cyber Security under Digital Transformation" sub-forum of the first Central Enterprise Digital Transformation Summit held in Beijing recently, Shen Changxiang, academician of the Chinese Academy of Engineering, consultant of the Expert Advisory Committee of the Central Cyberspace Administration, member of the National Integrated Circuit Industry Development Advisory Committee, and member of the National Three-Network Integration Expert Group, delivered a speech on "Creating a New Ecosystem for Safe and Trustworthy Digital Transformation".
Shen Changxiang is giving a speech.
Starting from the opportunities and challenges of the digital age, Shen Changxiang focused on the importance of network security and strategic planning and institutional requirements, and proposed to build a guarantee system for active immune protection with safe and trusted network products and services based on basic principles, core technologies and engineering application innovations.
"Big data is a diamond mine." Shen Changxiang pointed out that big data refers to a massive and complex collection of data that cannot be processed with existing software tools, with the characteristics of multi-source heterogeneity, unstructured, low value, and fast processing. "We assume that there are no diamonds in the mine, that is, there is no ready-made data, so we have to collect and mine." This is equivalent to the collection and treatment of data waste and garbage, to discover knowledge and essential laws from it.
Shen Changxiang said that the reprocessing and reprocessing of big data produces new products, that is, digital industrialization. With the further concentration of massive data and the further development of information technology, information security has become a bottleneck for the rapid development of big data. The fragility of cyberspace is presented before our eyes, and it has become a perpetual proposition to exploit computer systems for profit due to the use of logical flaws, which is the essence of network security. This is equivalent to the human body without an immune system can not defend against virus invasion.
At the forum, Shen Changxiang once again mentioned the "WannaCry" ransomware virus that broke out in 2017, a famous example of a cyber attack. By encrypting the data information in the system, the virus makes the data unavailable and takes the opportunity to extort money, the virus has swept through nearly 150 countries, and the education, transportation, medical, and energy networks have become the hardest hit areas of this round of attacks.
"How are we going to deal with it?" Shen Changxiang said that it is necessary to build a trusted computing system that is actively immune, so as to build a solid infrastructure network security defense line.
What is Active Immune Trusted Computing? Shen Changxiang explained that the "old three things" such as virus killing, firewall, and intrusion detection that we usually understand are not scientific network security concepts, which are difficult to deal with human attacks and are easy to be exploited by attackers. The trusted computing of active immunity is a new computing mode that operates and protects security at the same time, and implements functions such as identity recognition, state measurement, and confidential storage with cryptography as a genetic antibody, and identifies "self" and "non-self" components in a timely manner, thereby destroying and repelling harmful substances entering the body, which is equivalent to cultivating immunity for network information systems.
This mode builds a two-wheel drive architecture of "computing + protection" parallel, forms a dynamic pattern, conducts nuclear research on the correctness of the calculation process, and finds abnormal problems and deals with them in time to achieve active protection effects. Shen Changxiang pointed out that the information system security protection system will be protected from three layers of system resources, security strategies, and audits, so as to establish a three-fold protection framework for active immunity, so as to achieve the "six noes" protection effects such as attackers cannot enter, important information of non-authorized persons cannot be obtained, theft of confidential information cannot be understood, system and information cannot be changed, system work cannot be paralyzed, and attack behavior cannot be relied upon.
It is reported that trusted computing is the mainstream technology of world network security, China's trusted computing originated from the 1992 formal research on immunization of the comprehensive security protection system (intelligent security card), and at the end of February 1995 through the evaluation and identification, after a long-term military-civilian integration research application, the development and release of the national and military trusted computing series of standards and patents, the formation of independent innovation security and credibility system, and stepped into the active immune trusted computing 3.0 new era.
At present, trusted computing is widely used in important national information systems, such as: value-added tax anti-counterfeiting, lottery anti-counterfeiting, second-generation resident ID card security system, it is impossible to counterfeit, nor can it be tampered with, has become a national law, strategy, hierarchical protection system requirements, promotion and application. Relying on the active immunity trust technology system, it lays a solid foundation for network security credibility in modern information systems such as traditional application fields, industrial control systems and cloud computing, Internet of Things, big data, and mobile intelligent networks.
"Implementing the requirements for hierarchical protection of critical infrastructure will ensure the healthy development of digital transformation." Shen Changxiang said that the complete trusted computing 3.0 product chain will also form a huge emerging industrial space.
Nandu trainee reporter Chen Qiuyuan was sent from Beijing
![Is "Omi kerong" a "big flu"? How to deal with it? Chamberlain said so[fig]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)