Keywords
safety standards
cyberspace
commercial defense
IT infrastructure
How to Cite
Abstract
The scientific considerations presented in this article concern the threat of the cyber security quality system resulting from the unclear security standards introduced by China. Over the past few years, the Chinese government has issued nearly 300 new national standards related to cyber security. These standards cover a range of Information and Communications Technology (ICT) services as well as products, including software, routers, switches and firewalls. These standards contribute to the threat to the cyber security quality system, The situation becomes more difficult the more the United States exerts pressure on the Western world towards Chinese companies investing outside of China and for Western companies investing in China. The purpose of the analysis is to identify those threats, which are also difficulties encountered by Western companies trying to develop business in China in order to minimize them. The study was designed as an analysis of Chinese standardization policy documents in the area of cybersecurity and their confrontation with the practice of applying to foreign enterprises, as well as analysis of international standardization and standardization reports and documents in the field of cybersecurity. The theoretical research methods used in this study are: synthesis, analysis, abstraction and generalization.
References
Chinese Prime Minister Report, 2019, http://www.xinhuanet.com/politics/2019lh/2019-03/09/c_1124211687.htm.
China invites Microsoft to join Technical Committee 260 (TC260) to draft cybersecurity rules, August 2016, https://mspoweruser.com/china-invites-microsoft-to-join-technical-committee-260-tc260-to-draft-cybersecurity-rules.
China Releases Draft Encryption Law for Public Comment, https://www.cov.com/-/media/files/corporate/publications/2017/05/china_releases_draft_encryption_law_for_public_comment.pdf.
CII Security Protection Regulations, draft for public comment, July 2017, https://chinacopyrightandmedia.wordpress.com/2017/07/10/critical-information-infrastructure-security-protection-regulations.
Drljevic N., Aranda A., Stantchev V., (2020), Perspectives on risks and standards that affect the requirements engineering of block-chain technology, Computer Standards & Interfaces, Volume 69, pp. 10-17, DOI: 10.1016/j.csi.2019.103409.
Internationally, the Chinese government also stressed the importance of playing a greater role in standard set-ting (for example in areas such as 5G), which are international protocols or guidelines on design and interoperability. See: https://www.newamerica.org/cybersecurity-initiative/digichina/blog/chi-nese-interests-take-big-seat-ai-governance-table.
Introduction of the Framework of the Series of Standards on Cybersecurity Multi-Level Protection Scheme by Ma Li from MPS MLPS Evaluation Center. http://www.djbh.net/webdev/web/AcademicianColumnAc-tion.do?p=getYszl&id=8a8182565deefd0d015e799ea2040094.
ISO/IEC 24759:2014, Security Test Requirements for Cryptographic Modules, https://www.sis.se/api/document/preview/921732/.
Kuczabski M., Środowisko przyszłej wojny stymulowane technologiami – wyzwania i zagrożenia (ang. Technolo-gy-driven Environment of the War of the Future – Challenges and Threats). In R. Bielawski, J. Solarz and D. Mi-szewski (Eds.), Współczesne i przyszłe zagrożenia bezpieczeństwa cz. I (pp. 175-196). Warszawa: Akademia Sztuki Wojennej.
Sacks S., Li M.K., 2018, How Chinese Cybersecurity Standards Impact Doing Business In China,
https://www.csis.org/analysis/how-chinese-cybersecurity-standards-impact-doing-business-chinam.
Schuster S., Berg M., Larrucea X., Slewe T., Kostic P. (2017), Mass surveillance and technological policy options: Improving security of private communications, Computer Standards & Interfaces, Volume 50, pp. 76-82, DOI: 10.1016/j.csi.2016.09.011.
Seconded European Standardization Expert in China Report, 2019, https://www.sesec.eu/tag/cyber-security-digital-identity/, Ministry of Public Security Material on "Regulation of network security level protection (draft for comment)", Public Notice of Comments, http://www.mps.gov.cn/n2254536/n4904355/c6159136/content.html.
USITC Publication 4199 (amended) November 2010, https://www.usitc.gov/publications/332/pub4199.pdf.
WTO/FTA, China Quality News Net-work, (2017) http://chinawto.mofcom.gov.cn/article/i/ac/201704/20170402545384.shtml.
Xiaomeng Lu, Paul Triolo, Samm Sacks, Rogier Creemers, and Graham Webster, Progress, Pauses, and Power Shifts in China’s Cybersecurity Law Re-gime, https://www.newamerica.org/cybersecurity-initiative/digichina/blog/progress-pauses-power-shifts-chinas-cybersecurity-law-regime.
Xiaomeng Lu, Manyi Li, Sacks S., 2018, CSIS Report: What the Facebook Scan-dal Means in a Land without Facebook: A Look at China’s Burgeoning Data Protection Regime, https://www.csis. org/analysis/what-facebook-scandal-means-land-without-facebook-lookchinas-burgeoning-data-protection.
Xu B., SESEC IV China Cybersecurity Standardization Monthly Newsletter, Report, June 2018, Seconded European Standardization Expert in China Project (SESEC),https://www.sesec.eu/app/uploads/2019/01/SESEC-IV-China_-Cybersecurity_Newsletter_2018_11.pdf.
Yi Fan Y., Lu M. C., Luo H. H., Sung Ch. (2017), Standardization and Trade Barrier Issues Regar-ding the ICT Market in China: A Study of the Wi-Fi Industry, Journal of Computers, Volume 28, pp. 35-42; DOI: 10.3966/199115592017062803004.
This work is licensed under a Creative Commons Attribution 4.0 International License.