China Unicom and its partners release the Trusted Network White Paper

On July 9, 2023, China United Network Communications Group Co., Ltd. (hereinafter referred to as China Unicom), China Academy of Information and Communications Technology (hereinafter referred to as CAICT), and Huawei Technologies Co., Ltd. (hereinafter referred to as Huawei) officially released the "Trusted Network White Paper" in Beijing, which released the definition, target architecture, capability requirements and development ideas of trusted networks for the first time. It is hoped that through this release, consensus will be gathered among all parties in the industry, and the industry will work together to promote the development of China's trusted network industry.

The conference was themed "Building a Trusted Network Standard System and Strengthening the National Network Security Barrier". Miao Shouye, General Manager of China Unicom's Network and Information Security Department, Ao Li, Chief Engineer of China Academy of Information and Communications Technology, Zhang Yong, Chairman of China Unicom Zhongxun Post and Telecommunications Consulting and Design Institute Co., Ltd., and Wang Zhigang, Vice President of Huawei's Data Communication Product Line, attended the conference and delivered speeches. The conference also invited experts from China Unicom and the industry to share their themes and introduce the research ideas and achievements related to trusted networks.

In recent years, with the acceleration of digital transformation of enterprises, the exposure of network security boundaries has continued to expand, greatly increasing the complexity of network security protection. At the same time, network security incidents have occurred frequently among domestic and foreign operators, enterprises and governments, causing significant economic losses and serious international impacts. Under this situation, network security has risen to the national strategic level, and network security management requirements have been put forward at the legal level, from the "Cybersecurity Law" to the "Cybersecurity Level Protection System 2.0 Standard" and "Critical Information Infrastructure Security Protection Regulations". However, the current CT security standards are relatively lagging behind, and the CT security industry still applies the IT management model, with weak scenario adaptation, which cannot meet the rapidly developing business security needs.

This white paper clarifies that "trusted network" means integrating secure and trusted technologies into network infrastructure solutions, building the network's inherent security capabilities, achieving the transmission and verification of digital entity trust relationships, continuous monitoring and control of network behavior, and tracing and handling of business anomalies, thereby achieving a network with predictable results. At the same time, the overall architecture of "trusted network" with trusted equipment, trusted network, and trusted control was formulated, and the overall goal of the development of "trusted network" was clarified:

Trusted devices: Trusted devices are the foundation for ensuring the security and trustworthiness of network infrastructure. By building key capabilities such as software and hardware, we can achieve endogenous security protection throughout the entire life cycle, with zero software tampering, zero data leakage, and self-awareness of security situations.

Network trustworthiness: Network trustworthiness is the guarantee of trust. Based on device trustworthiness, through the construction of key network capabilities, it can achieve all-round network trustworthiness in routing, services, and protocols, zero routing hijacking, zero protocol impersonation, and active identification of network attacks.

Trusted management and control: Trusted management and control is the brain of equipment and network security. By building key management and control capabilities, it can achieve integrated network security protection, full network monitoring, joint prevention and control, "zero" user trust, "zero" operation misconfiguration, and a closed-loop threat handling system.

As the leader of the cybersecurity industry chain, China Unicom is willing to work with industry chain partners to promote the development of trusted networks, establish a trusted network ecosystem, unite our efforts, carry forward the past, and make due contributions to providing a solid foundation for safeguarding the secure development of the digital economy and realizing Chinese-style modernization!