行業資訊

行業報告 | 我國商用密碼服務進展

發布時間：2023-01-12 15:11 瀏覽次數：1801

密碼應用安全性評估加快落實

商(shang)用(yong)(yong)密(mi)(mi)碼(ma)應(ying)用(yong)(yong)安(an)(an)(an)全(quan)(quan)(quan)性(xing)評(ping)估（以下簡稱(cheng)密(mi)(mi)評(ping)），是(shi)指在采(cai)用(yong)(yong)商(shang)用(yong)(yong)密(mi)(mi)碼(ma)技術(shu)、產品(pin)和(he)(he)服務(wu)集成(cheng)建設的網絡和(he)(he)信(xin)息(xi)系(xi)統中，對其密(mi)(mi)碼(ma)應(ying)用(yong)(yong)的合(he)規(gui)性(xing)、正確(que)性(xing)和(he)(he)有(you)(you)效(xiao)性(xing)進行評(ping)估。一(yi)方面，開展(zhan)密(mi)(mi)評(ping)工作是(shi)落實《密(mi)(mi)碼(ma)法(fa)》《計算機信(xin)息(xi)系(xi)統安(an)(an)(an)全(quan)(quan)(quan)保護條例》和(he)(he)《信(xin)息(xi)安(an)(an)(an)全(quan)(quan)(quan)等(deng)級保護管理辦法(fa)》等(deng)有(you)(you)關法(fa)律(lv)法(fa)規(gui)和(he)(he)標準規(gui)范(fan)的必然要求，是(shi)網絡安(an)(an)(an)全(quan)(quan)(quan)運(yun)營(ying)者的法(fa)定責(ze)任(ren)和(he)(he)義務(wu)；另一(yi)方面，開展(zhan)密(mi)(mi)評(ping)工作是(shi)商(shang)用(yong)(yong)密(mi)(mi)碼(ma)應(ying)用(yong)(yong)正確(que)、合(he)規(gui)、有(you)(you)效(xiao)的重(zhong)要保證，是(shi)檢驗(yan)網絡和(he)(he)信(xin)息(xi)系(xi)統安(an)(an)(an)全(quan)(quan)(quan)性(xing)的重(zhong)要手(shou)段，也是(shi)應(ying)對網絡安(an)(an)(an)全(quan)(quan)(quan)嚴峻形勢(shi)的迫切需(xu)要。

《密碼(ma)法(fa)》第二十七條規定，法(fa)律、行(xing)(xing)政(zheng)法(fa)規和國家有關(guan)規定要(yao)求(qiu)使用(yong)(yong)商用(yong)(yong)密碼(ma)進(jin)行(xing)(xing)保(bao)護(hu)的(de)關(guan)鍵信息(xi)(xi)基礎設施(shi)，其(qi)運營者應當使用(yong)(yong)商用(yong)(yong)密碼(ma)進(jin)行(xing)(xing)保(bao)護(hu)，自行(xing)(xing)或者委(wei)托商用(yong)(yong)密碼(ma)檢測機(ji)構開(kai)展商用(yong)(yong)密碼(ma)應用(yong)(yong)安(an)全性評估(gu)。《商用(yong)(yong)密碼(ma)應用(yong)(yong)安(an)全性評估(gu)管(guan)理辦(ban)法(fa)（試行(xing)(xing)）》第三條、第二十條規定，涉及(ji)國家安(an)全和社會公共利益的(de)重要(yao)領域網(wang)絡(luo)和信息(xi)(xi)系(xi)(xi)(xi)統(tong)(tong)(tong)的(de)建設、使用(yong)(yong)、管(guan)理單位應當健全密碼(ma)保(bao)障體系(xi)(xi)(xi)，實(shi)施(shi)商用(yong)(yong)密碼(ma)應用(yong)(yong)安(an)全性評估(gu)。其(qi)中，重要(yao)領域網(wang)絡(luo)和信息(xi)(xi)系(xi)(xi)(xi)統(tong)(tong)(tong)包括基礎信息(xi)(xi)網(wang)絡(luo)、涉及(ji)國計民生(sheng)和基礎信息(xi)(xi)資源的(de)重要(yao)信息(xi)(xi)系(xi)(xi)(xi)統(tong)(tong)(tong)、重要(yao)工業(ye)控(kong)制(zhi)系(xi)(xi)(xi)統(tong)(tong)(tong)、面向(xiang)社會服務的(de)政(zheng)務信息(xi)(xi)系(xi)(xi)(xi)統(tong)(tong)(tong)、關(guan)鍵信息(xi)(xi)基礎設施(shi)、網(wang)絡(luo)安(an)全等(deng)級保(bao)護(hu)第三級及(ji)以(yi)上(shang)信息(xi)(xi)系(xi)(xi)(xi)統(tong)(tong)(tong)等(deng)。

為(wei)規(gui)范(fan)密(mi)(mi)評(ping)(ping)(ping)(ping)(ping)工作(zuo)(zuo)，2017年(nian)(nian)9月(yue)，國家(jia)密(mi)(mi)碼(ma)管(guan)理局制定印發了(le)《商用(yong)(yong)(yong)密(mi)(mi)碼(ma)應(ying)(ying)(ying)用(yong)(yong)(yong)安(an)(an)(an)全(quan)性評(ping)(ping)(ping)(ping)(ping)估管(guan)理辦法（試(shi)行(xing)(xing)(xing)）》《商用(yong)(yong)(yong)密(mi)(mi)碼(ma)應(ying)(ying)(ying)用(yong)(yong)(yong)安(an)(an)(an)全(quan)性測評(ping)(ping)(ping)(ping)(ping)機構(gou)(gou)管(guan)理辦法（試(shi)行(xing)(xing)(xing)）》《商用(yong)(yong)(yong)密(mi)(mi)碼(ma)應(ying)(ying)(ying)用(yong)(yong)(yong)安(an)(an)(an)全(quan)性測評(ping)(ping)(ping)(ping)(ping)機構(gou)(gou)能力評(ping)(ping)(ping)(ping)(ping)審實施細則(ze)（試(shi)行(xing)(xing)(xing)）》等(deng)管(guan)理文件(jian)，對(dui)測評(ping)(ping)(ping)(ping)(ping)機構(gou)(gou)、網絡與信(xin)息(xi)系統(tong)責任單位、管(guan)理部(bu)門(men)提出要(yao)(yao)求，對(dui)評(ping)(ping)(ping)(ping)(ping)估程序(xu)、評(ping)(ping)(ping)(ping)(ping)估辦法、監督管(guan)理等(deng)進(jin)行(xing)(xing)(xing)明(ming)確，對(dui)測評(ping)(ping)(ping)(ping)(ping)機構(gou)(gou)審查認定工作(zuo)(zuo)提出要(yao)(yao)求，密(mi)(mi)評(ping)(ping)(ping)(ping)(ping)制度體系初步建立。2018年(nian)(nian)2月(yue)，國家(jia)密(mi)(mi)碼(ma)管(guan)理局發布并實施《GM/T0054-2018 信(xin)息(xi)系統(tong)密(mi)(mi)碼(ma)應(ying)(ying)(ying)用(yong)(yong)(yong)基(ji)(ji)本要(yao)(yao)求》標(biao)準(zhun)，對(dui)信(xin)息(xi)系統(tong)的(de)規(gui)劃(hua)、建設、運行(xing)(xing)(xing)三個(ge)階(jie)段的(de)密(mi)(mi)碼(ma)應(ying)(ying)(ying)用(yong)(yong)(yong)情況(kuang)進(jin)行(xing)(xing)(xing)安(an)(an)(an)全(quan)性評(ping)(ping)(ping)(ping)(ping)估。2021年(nian)(nian)10月(yue)，國家(jia)市場監管(guan)總局、國家(jia)標(biao)準(zhun)化管(guan)理委員(yuan)會在原有行(xing)(xing)(xing)業標(biao)準(zhun)《GM/T0054-2018 信(xin)息(xi)系統(tong)密(mi)(mi)碼(ma)應(ying)(ying)(ying)用(yong)(yong)(yong)基(ji)(ji)本要(yao)(yao)求》的(de)基(ji)(ji)礎(chu)上修訂(ding)完(wan)善，發布國家(jia)標(biao)準(zhun)《GB/T39786-2021 信(xin)息(xi)安(an)(an)(an)全(quan)技術信(xin)息(xi)系統(tong)密(mi)(mi)碼(ma)應(ying)(ying)(ying)用(yong)(yong)(yong)基(ji)(ji)本要(yao)(yao)求》。該標(biao)準(zhun)相對(dui)之(zhi)(zhi)前的(de)行(xing)(xing)(xing)業標(biao)準(zhun)，內容更(geng)加規(gui)范(fan)、要(yao)(yao)求更(geng)加明(ming)確、邏(luo)輯(ji)更(geng)加清晰，同時對(dui)于(yu)密(mi)(mi)評(ping)(ping)(ping)(ping)(ping)實際(ji)執行(xing)(xing)(xing)過程中遇到的(de)問題做了(le)相應(ying)(ying)(ying)的(de)修訂(ding)，隨之(zhi)(zhi)成(cheng)為(wei)密(mi)(mi)評(ping)(ping)(ping)(ping)(ping)工作(zuo)(zuo)依據的(de)主要(yao)(yao)標(biao)準(zhun)。

密(mi)(mi)(mi)(mi)(mi)(mi)(mi)評(ping)的(de)(de)(de)內(nei)容主(zhu)(zhu)要(yao)涵(han)蓋商用(yong)(yong)(yong)密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)應用(yong)(yong)(yong)安全(quan)的(de)(de)(de)合規性(xing)、正(zheng)(zheng)確(que)(que)性(xing)和(he)有(you)效(xiao)(xiao)(xiao)性(xing)。其(qi)中(zhong)(zhong)，商用(yong)(yong)(yong)密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)應用(yong)(yong)(yong)合規性(xing)評(ping)估主(zhu)(zhu)要(yao)是(shi)(shi)(shi)(shi)(shi)指(zhi)判定(ding)網(wang)絡(luo)和(he)信(xin)(xin)息(xi)(xi)系(xi)(xi)統(tong)使(shi)用(yong)(yong)(yong)的(de)(de)(de)密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)算法、密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)協議、密(mi)(mi)(mi)(mi)(mi)(mi)(mi)鑰(yao)管(guan)(guan)理(li)是(shi)(shi)(shi)(shi)(shi)否(fou)(fou)(fou)(fou)符(fu)合法律法規的(de)(de)(de)規定(ding)和(he)密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)相關國家標(biao)準、行業標(biao)準的(de)(de)(de)有(you)關要(yao)求。網(wang)絡(luo)和(he)信(xin)(xin)息(xi)(xi)系(xi)(xi)統(tong)使(shi)用(yong)(yong)(yong)的(de)(de)(de)密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)產品(pin)和(he)密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)服(fu)務是(shi)(shi)(shi)(shi)(shi)否(fou)(fou)(fou)(fou)經過(guo)國家密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)管(guan)(guan)理(li)部門核準或(huo)(huo)由具備資(zi)格的(de)(de)(de)機(ji)構認證合格。商用(yong)(yong)(yong)密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)應用(yong)(yong)(yong)正(zheng)(zheng)確(que)(que)性(xing)評(ping)估主(zhu)(zhu)要(yao)是(shi)(shi)(shi)(shi)(shi)指(zhi)判定(ding)密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)算法、密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)協議、密(mi)(mi)(mi)(mi)(mi)(mi)(mi)鑰(yao)管(guan)(guan)理(li)、密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)產品(pin)和(he)密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)服(fu)務是(shi)(shi)(shi)(shi)(shi)否(fou)(fou)(fou)(fou)使(shi)用(yong)(yong)(yong)正(zheng)(zheng)確(que)(que)，即系(xi)(xi)統(tong)中(zhong)(zhong)使(shi)用(yong)(yong)(yong)的(de)(de)(de)密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)產品(pin)是(shi)(shi)(shi)(shi)(shi)否(fou)(fou)(fou)(fou)取得商用(yong)(yong)(yong)密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)產品(pin)認證證書，或(huo)(huo)者系(xi)(xi)統(tong)中(zhong)(zhong)采用(yong)(yong)(yong)的(de)(de)(de)標(biao)準密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)算法、協議和(he)密(mi)(mi)(mi)(mi)(mi)(mi)(mi)鑰(yao)管(guan)(guan)理(li)機(ji)制是(shi)(shi)(shi)(shi)(shi)否(fou)(fou)(fou)(fou)按照相應的(de)(de)(de)國家和(he)行業密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)標(biao)準進(jin)行正(zheng)(zheng)確(que)(que)的(de)(de)(de)設(she)計(ji)和(he)實現；自定(ding)義(yi)密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)協議、密(mi)(mi)(mi)(mi)(mi)(mi)(mi)鑰(yao)管(guan)(guan)理(li)機(ji)制的(de)(de)(de)設(she)計(ji)和(he)實現是(shi)(shi)(shi)(shi)(shi)否(fou)(fou)(fou)(fou)正(zheng)(zheng)確(que)(que)，安全(quan)性(xing)是(shi)(shi)(shi)(shi)(shi)否(fou)(fou)(fou)(fou)滿(man)足要(yao)求，密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)保障系(xi)(xi)統(tong)建設(she)或(huo)(huo)改造過(guo)程中(zhong)(zhong)密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)產品(pin)和(he)服(fu)務的(de)(de)(de)部署(shu)和(he)應用(yong)(yong)(yong)是(shi)(shi)(shi)(shi)(shi)否(fou)(fou)(fou)(fou)正(zheng)(zheng)確(que)(que)。商用(yong)(yong)(yong)密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)應用(yong)(yong)(yong)有(you)效(xiao)(xiao)(xiao)性(xing)評(ping)估主(zhu)(zhu)要(yao)是(shi)(shi)(shi)(shi)(shi)指(zhi)判定(ding)網(wang)絡(luo)和(he)信(xin)(xin)息(xi)(xi)系(xi)(xi)統(tong)中(zhong)(zhong)的(de)(de)(de)密(mi)(mi)(mi)(mi)(mi)(mi)(mi)碼(ma)(ma)(ma)應用(yong)(yong)(yong)是(shi)(shi)(shi)(shi)(shi)否(fou)(fou)(fou)(fou)在網(wang)絡(luo)和(he)信(xin)(xin)息(xi)(xi)系(xi)(xi)統(tong)運行過(guo)程中(zhong)(zhong)發揮(hui)了效(xiao)(xiao)(xiao)用(yong)(yong)(yong)，是(shi)(shi)(shi)(shi)(shi)否(fou)(fou)(fou)(fou)滿(man)足了信(xin)(xin)息(xi)(xi)系(xi)(xi)統(tong)的(de)(de)(de)安全(quan)需求，是(shi)(shi)(shi)(shi)(shi)否(fou)(fou)(fou)(fou)有(you)效(xiao)(xiao)(xiao)解決(jue)了信(xin)(xin)息(xi)(xi)系(xi)(xi)統(tong)面臨(lin)的(de)(de)(de)安全(quan)問題。

2017年(nian)4月，國(guo)家(jia)密(mi)碼(ma)管(guan)理局正(zheng)式啟(qi)動密(mi)評試(shi)點工(gong)作。依據《密(mi)碼(ma)法》及商(shang)用密(mi)碼(ma)應(ying)用安全性評估(gu)有關(guan)管(guan)理規定，經持(chi)續培(pei)育(yu)、實戰測評和綜合考察，2020年(nian)7月，國(guo)家(jia)密(mi)碼(ma)管(guan)理局正(zheng)式公布了全國(guo)首(shou)批24家(jia)密(mi)評試(shi)點機(ji)構目錄。2021年(nian)6月，國(guo)家(jia)密(mi)碼(ma)管(guan)理局公布了更新(xin)后(hou)的《商(shang)用密(mi)碼(ma)應(ying)用安全性評估(gu)試(shi)點機(ji)構目錄》，單位已增(zeng)至48家(jia)。

電子認證服務愈發規范

電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)認(ren)證是(shi)密碼的(de)(de)(de)典型應(ying)用(yong)(yong)，其在信息化(hua)及(ji)信息安全(quan)保(bao)障方面發(fa)(fa)揮(hui)著(zhu)重(zhong)要作用(yong)(yong)。隨(sui)著(zhu)我(wo)國(guo)信息化(hua)程(cheng)度的(de)(de)(de)不(bu)(bu)斷(duan)(duan)加(jia)深，電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)認(ren)證服務發(fa)(fa)展(zhan)愈發(fa)(fa)規(gui)(gui)范(fan)，電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)數據(ju)法(fa)(fa)(fa)律效(xiao)(xiao)力(li)(li)(li)愈發(fa)(fa)受到重(zhong)視。2021年(nian)3月(yue)(yue)，交通運(yun)輸(shu)部(bu)發(fa)(fa)布(bu)《關于加(jia)快推(tui)(tui)廣(guang)應(ying)用(yong)(yong)道路運(yun)輸(shu)電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)證照(zhao)(zhao)提升(sheng)數字化(hua)服務與(yu)監管能力(li)(li)(li)的(de)(de)(de)通知(zhi)》，明(ming)確(que)指(zhi)出(chu)要組(zu)織建(jian)設“電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)印(yin)章(zhang)”系統(tong)，支撐(cheng)電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)證照(zhao)(zhao)印(yin)章(zhang)簽(qian)(qian)署功能，確(que)保(bao)電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)證照(zhao)(zhao)來源(yuan)的(de)(de)(de)真(zhen)實性(xing)、完(wan)整(zheng)性(xing)以(yi)及(ji)簽(qian)(qian)署行為(wei)的(de)(de)(de)不(bu)(bu)可否認(ren)性(xing)。4月(yue)(yue)，市(shi)場(chang)監管總局(ju)等(deng)六(liu)部(bu)門發(fa)(fa)布(bu)《關于進一(yi)步加(jia)大(da)改革力(li)(li)(li)度不(bu)(bu)斷(duan)(duan)提升(sheng)企業(ye)(ye)開辦服務水平的(de)(de)(de)通知(zhi)》，提到需不(bu)(bu)斷(duan)(duan)擴大(da)電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)營業(ye)(ye)執照(zhao)(zhao)和(he)(he)(he)電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)印(yin)章(zhang)同(tong)(tong)(tong)步發(fa)(fa)放和(he)(he)(he)應(ying)用(yong)(yong)試(shi)點范(fan)圍(wei)(wei)，為(wei)企業(ye)(ye)提供(gong)全(quan)流程(cheng)網上(shang)辦事支撐(cheng)；鼓勵(li)各(ge)地完(wan)善并推(tui)(tui)廣(guang)電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)印(yin)章(zhang)應(ying)用(yong)(yong)，大(da)力(li)(li)(li)推(tui)(tui)動(dong)(dong)企業(ye)(ye)開辦要素電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)化(hua)。6月(yue)(yue)，最高人(ren)民法(fa)(fa)(fa)院(yuan)在《人(ren)民法(fa)(fa)(fa)院(yuan)在線訴(su)訟(song)規(gui)(gui)則》中(zhong)明(ming)確(que)電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)合(he)(he)同(tong)(tong)(tong)是(shi)電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)材料的(de)(de)(de)一(yi)種表現形式，具備(bei)效(xiao)(xiao)力(li)(li)(li)且可以(yi)直(zhi)接在訴(su)訟(song)中(zhong)使用(yong)(yong)；明(ming)確(que)區塊(kuai)鏈存證的(de)(de)(de)效(xiao)(xiao)力(li)(li)(li)范(fan)圍(wei)(wei)、區塊(kuai)鏈存儲的(de)(de)(de)數據(ju)上(shang)鏈后推(tui)(tui)定未經篡改的(de)(de)(de)效(xiao)(xiao)力(li)(li)(li)以(yi)及(ji)區塊(kuai)鏈存儲數據(ju)上(shang)鏈后、以(yi)及(ji)上(shang)鏈前的(de)(de)(de)真(zhen)實性(xing)審核(he)規(gui)(gui)則，進一(yi)步規(gui)(gui)范(fan)了區塊(kuai)鏈技術的(de)(de)(de)司法(fa)(fa)(fa)應(ying)用(yong)(yong)，有效(xiao)(xiao)解決取證難、認(ren)證難問(wen)題，必將(jiang)推(tui)(tui)動(dong)(dong)電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)簽(qian)(qian)名(ming)法(fa)(fa)(fa)律效(xiao)(xiao)力(li)(li)(li)的(de)(de)(de)社(she)會認(ren)可程(cheng)度。7月(yue)(yue)，人(ren)力(li)(li)(li)資源(yuan)和(he)(he)(he)社(she)會保(bao)障部(bu)發(fa)(fa)布(bu)《電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)勞動(dong)(dong)合(he)(he)同(tong)(tong)(tong)訂立指(zhi)引》，指(zhi)導用(yong)(yong)人(ren)單位和(he)(he)(he)勞動(dong)(dong)者依法(fa)(fa)(fa)規(gui)(gui)范(fan)訂立電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)勞動(dong)(dong)合(he)(he)同(tong)(tong)(tong)，確(que)保(bao)電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)勞動(dong)(dong)合(he)(he)同(tong)(tong)(tong)真(zhen)實，完(wan)整(zheng)、準確(que)、不(bu)(bu)被篡改，電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)勞動(dong)(dong)合(he)(he)同(tong)(tong)(tong)從(cong)“鼓勵(li)采用(yong)(yong)”逐漸轉變為(wei)“指(zhi)導簽(qian)(qian)署”。11月(yue)(yue)，國(guo)務院(yuan)發(fa)(fa)布(bu)《關于開展(zhan)營商環境(jing)創新試(shi)點工作的(de)(de)(de)意見》，指(zhi)出(chu)要推(tui)(tui)進電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)證照(zhao)(zhao)、電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)簽(qian)(qian)章(zhang)在銀行開戶、貸(dai)款、貨物報(bao)關、項(xiang)目(mu)申報(bao)、招(zhao)投標等(deng)領(ling)域全(quan)面應(ying)用(yong)(yong)和(he)(he)(he)互通互認(ren)。各(ge)行業(ye)(ye)主管部(bu)門將(jiang)出(chu)臺(tai)更多相關政策以(yi)明(ming)確(que)電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)簽(qian)(qian)名(ming)的(de)(de)(de)法(fa)(fa)(fa)律效(xiao)(xiao)力(li)(li)(li)，進一(yi)步拓(tuo)展(zhan)電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)簽(qian)(qian)名(ming)的(de)(de)(de)適用(yong)(yong)范(fan)圍(wei)(wei)，促進電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)(zi)簽(qian)(qian)名(ming)廣(guang)泛(fan)應(ying)用(yong)(yong)。

在(zai)(zai)(zai)(zai)《電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)簽(qian)名法(fa)》的(de)基礎(chu)上，《密碼(ma)(ma)法(fa)》的(de)出臺進(jin)(jin)一(yi)步(bu)明確(que)了對從事電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)政務(wu)(wu)(wu)的(de)電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)認(ren)(ren)(ren)證(zheng)服(fu)(fu)(fu)(fu)務(wu)(wu)(wu)機(ji)構需進(jin)(jin)行(xing)管(guan)(guan)理，意味(wei)著(zhu)國家對電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)認(ren)(ren)(ren)證(zheng)行(xing)業(ye)(ye)監(jian)管(guan)(guan)在(zai)(zai)(zai)(zai)逐步(bu)深化。企(qi)業(ye)(ye)需要拿到國家密碼(ma)(ma)主(zhu)管(guan)(guan)部門(men)(men)頒發的(de)《電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)認(ren)(ren)(ren)證(zheng)服(fu)(fu)(fu)(fu)務(wu)(wu)(wu)使用密碼(ma)(ma)許(xu)可證(zheng)》、國家信(xin)(xin)息化主(zhu)管(guan)(guan)部門(men)(men)頒發的(de)《電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)認(ren)(ren)(ren)證(zheng)服(fu)(fu)(fu)(fu)務(wu)(wu)(wu)許(xu)可證(zheng)》和國家密碼(ma)(ma)主(zhu)管(guan)(guan)部門(men)(men)頒發的(de)《電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)政務(wu)(wu)(wu)電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)認(ren)(ren)(ren)證(zheng)服(fu)(fu)(fu)(fu)務(wu)(wu)(wu)許(xu)可證(zheng)》才能在(zai)(zai)(zai)(zai)全領域開(kai)(kai)展業(ye)(ye)務(wu)(wu)(wu)。行(xing)業(ye)(ye)主(zhu)管(guan)(guan)部門(men)(men)未來(lai)將進(jin)(jin)一(yi)步(bu)落實《電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)簽(qian)名法(fa)》《電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)認(ren)(ren)(ren)證(zheng)服(fu)(fu)(fu)(fu)務(wu)(wu)(wu)管(guan)(guan)理辦法(fa)》和國務(wu)(wu)(wu)院審改辦“雙隨機(ji)、一(yi)公(gong)開(kai)(kai)”要求，深化電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)認(ren)(ren)(ren)證(zheng)服(fu)(fu)(fu)(fu)務(wu)(wu)(wu)行(xing)業(ye)(ye)監(jian)管(guan)(guan)。以CPS（電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)認(ren)(ren)(ren)證(zheng)業(ye)(ye)務(wu)(wu)(wu)規則）符合性評估為核心，通過信(xin)(xin)息公(gong)開(kai)(kai)手段加強對電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)認(ren)(ren)(ren)證(zheng)服(fu)(fu)(fu)(fu)務(wu)(wu)(wu)機(ji)構的(de)監(jian)管(guan)(guan)。同時，大力(li)推進(jin)(jin)信(xin)(xin)用體系建設，將電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)認(ren)(ren)(ren)證(zheng)檢查(cha)與《關于在(zai)(zai)(zai)(zai)電(dian)(dian)(dian)子(zi)(zi)(zi)(zi)認(ren)(ren)(ren)證(zheng)服(fu)(fu)(fu)(fu)務(wu)(wu)(wu)行(xing)業(ye)(ye)實施守信(xin)(xin)聯(lian)合激勵和失信(xin)(xin)聯(lian)合懲戒(jie)的(de)合作備忘錄》信(xin)(xin)用評價工作相結合，推動(dong)開(kai)(kai)展行(xing)業(ye)(ye)信(xin)(xin)用評價。

同(tong)(tong)(tong)時，為進一(yi)步優(you)化營(ying)商環境、降低企業負擔，全(quan)(quan)(quan)國(guo)(guo)一(yi)體(ti)化在(zai)線(xian)政(zheng)(zheng)務(wu)服務(wu)平臺實現了(le)(le)“一(yi)網通辦”，原有(you)的(de)(de)單(dan)個領域(yu)(yu)、不同(tong)(tong)(tong)證(zheng)(zheng)(zheng)(zheng)書(shu)的(de)(de)模式將被打(da)破，有(you)效實現了(le)(le)數(shu)字證(zheng)(zheng)(zheng)(zheng)書(shu)全(quan)(quan)(quan)國(guo)(guo)范(fan)(fan)圍互通互認(ren)(ren)，電子(zi)(zi)政(zheng)(zheng)務(wu)領域(yu)(yu)證(zheng)(zheng)(zheng)(zheng)書(shu)市(shi)場(chang)需求(qiu)大幅減少，促使(shi)電子(zi)(zi)認(ren)(ren)證(zheng)(zheng)(zheng)(zheng)服務(wu)機構進行調整優(you)化、轉型(xing)升級，從(cong)單(dan)純發(fa)放證(zheng)(zheng)(zheng)(zheng)書(shu)向(xiang)提供電子(zi)(zi)簽(qian)名服務(wu)轉型(xing)。2021年4月國(guo)(guo)務(wu)院頒(ban)布的(de)(de)《關鍵信(xin)息基礎設施(shi)安(an)(an)全(quan)(quan)(quan)保(bao)護條例》中明確提出安(an)(an)全(quan)(quan)(quan)保(bao)護措施(shi)應當與(yu)關鍵信(xin)息基礎設施(shi)同(tong)(tong)(tong)步規劃、同(tong)(tong)(tong)步建(jian)設、同(tong)(tong)(tong)步使(shi)用。在(zai)《數(shu)據安(an)(an)全(quan)(quan)(quan)法》正(zheng)式實施(shi)以(yi)后，政(zheng)(zheng)府、企業用戶也愈(yu)發(fa)重視數(shu)據運營(ying)的(de)(de)安(an)(an)全(quan)(quan)(quan)性(xing)和合規性(xing)問題，利用區塊鏈技(ji)術、電子(zi)(zi)簽(qian)名技(ji)術、產品和服務(wu)保(bao)障數(shu)據安(an)(an)全(quan)(quan)(quan)的(de)(de)需求(qiu)愈(yu)發(fa)旺盛。在(zai)政(zheng)(zheng)策環境與(yu)市(shi)場(chang)需求(qiu)的(de)(de)共同(tong)(tong)(tong)作(zuo)用下，電子(zi)(zi)認(ren)(ren)證(zheng)(zheng)(zheng)(zheng)服務(wu)將逐(zhu)步深入并規范(fan)(fan)發(fa)展。

第三方電子簽名平臺服務影響力顯著增強

第三(san)(san)方電子(zi)簽名(ming)平臺服(fu)(fu)務(wu)可以為用(yong)戶(hu)提供身份認證、電子(zi)文件(jian)簽署(shu)、數據傳輸(shu)、電子(zi)文件(jian)存儲和管理等服(fu)(fu)務(wu)，應用(yong)于用(yong)戶(hu)間的(de)買賣合同(tong)(tong)、企業間的(de)交易(yi)合同(tong)(tong)、以及勞動合同(tong)(tong)等多方面。疫情(qing)催化下(xia)加速了遠程辦公趨(qu)勢(shi)興起，為在(zai)無接觸的(de)情(qing)況下(xia)確(que)保業務(wu)正(zheng)常(chang)運行，線(xian)下(xia)應用(yong)場景迅速被線(xian)上化，大量特殊市場環境下(xia)的(de)第三(san)(san)方電子(zi)簽名(ming)服(fu)(fu)務(wu)需求被催生，推動第三(san)(san)方電子(zi)簽名(ming)平臺相關產品和服(fu)(fu)務(wu)不斷豐富。

為(wei)提(ti)(ti)升管理(li)效率、優化(hua)用戶服務(wu)體驗(yan)，第(di)三(san)方電(dian)子(zi)(zi)(zi)簽(qian)(qian)名(ming)(ming)平(ping)臺提(ti)(ti)供(gong)從(cong)電(dian)子(zi)(zi)(zi)簽(qian)(qian)名(ming)(ming)到(dao)文檔歸檔管理(li)、從(cong)存證(zheng)保(bao)全到(dao)司(si)法(fa)出(chu)證(zheng)的全產業(ye)(ye)鏈服務(wu)。其中，第(di)三(san)方電(dian)子(zi)(zi)(zi)簽(qian)(qian)名(ming)(ming)平(ping)臺引(yin)入區塊(kuai)鏈技術實(shi)時固化(hua)簽(qian)(qian)署過程中的電(dian)子(zi)(zi)(zi)數(shu)據(ju)，實(shi)現所有環(huan)節數(shu)據(ju)可溯(su)源、防抵賴和防篡改，提(ti)(ti)供(gong)各類業(ye)(ye)務(wu)場(chang)景(jing)的數(shu)據(ju)存證(zheng)能(neng)力(li)。提(ti)(ti)供(gong)存證(zheng)服務(wu)及后續(xu)法(fa)律服務(wu)，可確保(bao)糾紛發生時，能(neng)夠提(ti)(ti)供(gong)響應(ying)(ying)的司(si)法(fa)保(bao)障。同時，第(di)三(san)方電(dian)子(zi)(zi)(zi)簽(qian)(qian)名(ming)(ming)平(ping)臺與(yu)移動(dong)(dong)(dong)APP、微(wei)信、支付寶等移動(dong)(dong)(dong)終端集成(cheng)，并提(ti)(ti)供(gong)標準(zhun)化(hua)API接口，推(tui)動(dong)(dong)(dong)電(dian)子(zi)(zi)(zi)簽(qian)(qian)名(ming)(ming)企(qi)業(ye)(ye)管理(li)、運(yun)營等多(duo)環(huan)節的應(ying)(ying)用。隨著(zhu)電(dian)子(zi)(zi)(zi)簽(qian)(qian)名(ming)(ming)相(xiang)關(guan)產品和服務(wu)不(bu)斷豐富，應(ying)(ying)用場(chang)景(jing)持續(xu)拓寬，目(mu)前電(dian)子(zi)(zi)(zi)簽(qian)(qian)名(ming)(ming)應(ying)(ying)用已延伸到(dao)金融、人力(li)資源、房地產、政務(wu)、物流(liu)、醫療、醫療、教育等多(duo)個領域。

（來源：賽迪密碼信息安全以上(shang)內容節選自《2021-2022年(nian)度(du)中國商用密碼行業(ye)發(fa)展(zhan)報告(gao)》）

上一篇：密碼在高校數字化安全中的技術應用

下一篇：首個專業面向密碼應用技術的工信部重點實驗室落戶中國工業互聯網研究院

刚到房间门口就热吻扔衣服,臭氧老化试验箱,做爰视频,性色av网站,床震吃胸膜奶免费视频

行業報告 | 我國商用密碼服務進展