Key Benefits:
(Adopted at the 25th ordinary meeting of the People's Government of Southern West Province on 7 September 2004 No. 135 of the People's Government Order No. 135 of 23 September 2004 (Act No. 135 of 1 November 2004) In order to protect the safety of computer information systems, to promote the application and development of computers, to preserve national interests and public interest, and to develop this approach in line with the relevant provisions, such as the National People's Republic of China Computer Information System Safety Protection Regulations. The computer information system referred to in Article 2 of this approach refers to the personal machine system for the collection, processing, storage, retrieval and retrieval of information by computers and their associated and accompanying equipment, facilities (including networks). Article 3. Safety protection of computer information systems within the territorial administration and application of this approach. The non-train-tranet-based approach to safety protection of micro computers is implemented in accordance with the relevant national provisions. Article IV. Safety protection of computer information systems, with a focus on maintaining the safety of computer information systems in key areas, such as national affairs, economic construction, defence-building, sophisticated science and technology: (i) National organs, defence units at the district level; (ii) Financial areas such as banking, insurance, securities; (iii) Postal, telecommunications, radio, television; (iv) Energy, transport; (v) National and provincial priority scientific research units; (vi) Focus website; (vii) Other important areas specified by the State, focus units. Article 5 Public security authorities are the competent authority for the safety and protection of computer information systems, with the primary responsibility: (i) Promotion of the law, regulations, regulations and regulations for the safety of computer information systems; (ii) Oversight, inspection and guidance on the safe protection of computer information systems; (iii) Organizing training of computer information systems safety managers; (iv) The investigation of offences against the safety of computer information systems; (v) Safety guidance on the construction of computer information systems in key areas, focus units; (vi) Management of computer and other harmful data; (vii) Supervision, inspection of sales activities for specialized computer information systems safety products; (viii) Other duties to be performed by law. The National Security Agency, the National Confidentiality Agency and other relevant Government departments are responsible for the protection of computer information systems in the context of their mandated responsibilities. The construction and application of computer information systems should be subject to the laws, regulations and other relevant national provisions. In key areas, the new computer information system established by the Focus Unit should be presented by the system-building unit within 30 days of the establishment of the same-ranking government public security authority. Article 7. Specific approaches to the division of standards and the protection of the security hierarchy are implemented in accordance with the relevant national provisions. Article 8. The International Network of Computer Information Systems is in place. Citizens, legal persons and other organizations using the International Network of Computer Information Networks should complete user-relevies when accessing units is processed. The entry units should be available within 30 days of the date of the formal contact of the network, to the processing of the units designated by the provincial public security authorities and to report on the changes of users in the network. Article 9. Computer information systems use units in key areas, focus units should establish computer information systems safety management organizations and designate security managers. Safety management organizations and security managers are responsible for checking the operation of computer information systems and the operating environment, preparing the day of operation, eliminating security shocks in a timely manner and developing emergency disposal scenarios for possible violations and damage. Security managers should participate in training in computer information systems, organized by public security agencies. Article 10 (i) The security management system of computer air fleets; (ii) The publication, registration system; (iii) Information surveillance, maintenance, clearance and backup systems; (iv) HIV testing and cybersecurity testing systems; (v) The management system for registration and operation of authority in the accounts; (vi) Security education and training systems; (vii) Reports of violations and assistance in the identification system; (viii) Other security-related management systems. Article 11. The computer information systems use units in key areas and focus units should implement the following safety and protection technical measures: (i) Over 60 days of operation of the network of systems and the user-used log-keeping measures; (ii) Safety audits and early warning measures; (iii) Mail clean-up measures; (iv) Identification and identification measures; (v) Computer HIV control measures; (vi) Restrictions on the flow of information and harmful data control measures; (vii) Other security technical measures provided by the State. Prior to the start of the Internet's operation of the Internet-based service, it is essential that the information network be reviewed in accordance with the law of the public security authorities of the people at the district level, and that the evidence issued by the relevant authorities be obtained in accordance with the law. The operating units of Internet-based service providers should comply with their computer information systems safety protection obligations under the law and should not stop the implementation of safety technology measures. No unit or individual may use the International Network for activities that endanger the safety of computer information networks: (i) Production, reproduction, publication and dissemination of harmful information; (ii) Delete, modify or increase the function of computer information networks without permission; (iii) To delete, modify or increase data and applications stored, processed or transmitted in computer information networks without permission; (iv) Decreate production and dissemination of destructive procedures such as computer viruses; (v) Other acts that endanger the safety of computer information networks. Article 14. The public security organs of the Government of the above-mentioned municipalities shall issue computer sanitary forecasts in a timely manner on the website or other media. No other units and individuals may in any way issue a computer virus epidemic. Article 15. Cases of violations committed in computer information systems should be promptly followed by measures to protect sites and relevant information and to report to the public security authorities at the district level over 24 hours. Immediate measures should be taken to dispose of the report by public security authorities. With regard to national security, national security authorities are treated by law. Relevant cases of violations and major security accidents in computer information systems should be communicated to the use units in a timely manner by the public security authorities of the people at the district level. Article 16 should conduct non-selective security inspections of computer information systems and, when security conceals, a letter of credit for the safety of computer information systems should be sent to the user units in a timely manner, and to provide improved advice, guidance, supervision of the replacement of the unit time frame and removal of the concealment. In order to protect the safety of computer information systems, the public security authorities, in the following emergencies, may take 24 hours of temporary suspension, suspension of networking, reserve data, etc., where relevant units and individuals should provide information and information, and provide relevant technical support and necessary assistance: (i) The malicious attacks on computer information systems have resulted in systematic paralysis; (ii) The infection of the computer information system leads to systematic paralysis; (iii) To send a large number of harmful information via computer information systems; (iv) In the course of the investigation of cases in computer information systems, evidence may be lost or otherwise difficult to obtain; (v) Other urgent measures should be taken. Prior to the urgent measures set out in the preceding paragraph by the public security authorities of the people at the district level, approval should be given to the principal heads of the body. Pre-products for the safety of computer information systems, prior to their market sales, should be granted by the Ministry of Public Safety a licence for the sale of computer information systems-specific products issued by the Ministry of Safety, and mark the “sale licence” mark in its product fixed place. No unit or individual may sell a security-specific product that does not have a “sale licence”. In the area of computer information systems security-specific products, the Government's public security authority should be reported after 30 days of business. Article 19 Supervision of licences for the sale of specialized products for the safety of computer information systems by public security authorities of the more than communes, and supervision measures such as verification inspections and sampling tests for units and individuals selling specialized products for the safety of computer information systems. The management of commercial passwords is carried out in accordance with the provisions of the Commercial Code of the Department of State. The new computer information system, established in key areas, is not available within the prescribed time frame and is being converted by the public security authority; the delay is not reproduced with a fine of 1000 dollars. Article 21, computer information systems use units in key areas and focus units violate the provisions of article 9 of this approach, which is subject to a period of time being responsibly by public security authorities, which may be discontinued within six months. The computer information systems use units in key areas, priority units violate the provisions of Articles 10 and 11 of this approach, which are subject to a period of time and warning by public security authorities; unprocessarily, the supervisors and other direct responsibilities directly responsible for the units may and shall be liable to fines of up to 5,000 dollars, which may be liable to the unit and would be liable to a fine of up to 150,000 United States dollars; in serious circumstances, and may stop the network, parking machines within six months. Article 23 uses international networking to carry out activities listed in article 13 of this approach, which is warned by the public security authorities that there is a violation of the proceeds of the law, confiscation of proceeds of the law and a fine of up to 5,000 dollars for the unit and a fine of up to 150,000 dollars; in serious circumstances, it may and shall be punished by law, in violation of the provisions of the security administration; and criminal liability. Article 24 sells security-marked products of a specialized product for computer information systems safety without a “sale licence” mark, or are not processed within the prescribed time frame, with the time limit being converted by public security authorities; and is not later commuted, with a fine of more than 5,000 dollars. Article 25 violates other acts set forth in this approach, and the State imposes additional penalties from its provisions. Article 26 Public security personnel are criminally criminalized by law in the context of the security protection of computer information systems, using their power to request, receive bribes or other violations, omissions, etc.; they do not constitute a crime and are subject to administrative disposition by law. The following wording of this approach is meaning: The computer virus refers to the production or insertion of computer processes or the destruction of data, the impact on computer use and the self-renewable set of computer directives or procedural codes. Harmful data refer to the existence and occurrence of computer information systems and their storage media, procedures that endanger the safe operation and functioning of computer information systems or information that pose a threat or potential threat to national security and social public safety. Access units refer to the computer information network operation unit responsible for accessing international networking. Computer information systems safety-specific products refer to specialized hardware and software products for the protection of computer information systems. Article 28 Safety of computer information systems in the army is implemented in accordance with the relevant legislation of the military. Article 29 regulates the confidentiality of computer information systems, in accordance with the relevant provisions of States and provinces. Article 33 |
