Shulou(Shulou.com)11/24 Report--

On September 15, 2023 "Financial Network Security Forum" was held in Fuzhou with the theme of "ensuring the security of the financial science and technology supply chain and improving the resilience of the financial information system", sponsored by Fujian Branch of the people's Bank of China and the Internet Information Office of the Fujian Provincial CPC Committee. Under the guidance of the Department of Science and Technology of the people's Bank of China. The forum is one of the theme activities of the 2023 National Cyber Security publicity week.

In 2023, Ant Group participated in a number of different theme activities and exhibitions, showing the ant group's innovative solutions to new network security challenges such as "Security parallel Section Technology" and "Security Privacy Protection Technology 'Golden Bell cover". In the Financial Network Security Forum, Wei Tao, vice president and chief technology security officer of Ant Group, shared the experience of "software supply chain security under the native security paradigm".

▲ figure: Wei Tao, vice president and chief technical security officer of Ant Group, gave a keynote speech, "Paradigm is the understanding of the source of the problem and the guidance of domain practice." Modern digital enterprise has become a constantly evolving and evolving digital life, and its architecture complexity will grow explosively, which brings new challenges to the security of software supply chain. Ant Group has traced back and thought on the origin of network security for many years, and put forward the 'original security paradigm'. The core idea of this paradigm is to make security the instinctive attribute and inherent ability of the system. The key point is to incorporate security into the life cycle of the whole system when building digital and networked systems, taking security into account from the initial stage. Instead of putting security behind. "

Under the core guidance of the native security paradigm, Ant Group has explored operational paradigms with practical value, including NbSP zero-crossing paradigm, OVTP traceability paradigm and ARCP attack return paradigm, providing security architecture guarantee from mechanism layer, policy layer and value layer respectively. " We look forward to using the native security paradigm as a guide to ensure the stability and continuity of business development, efficiently deal with network security events, and make the security bottom line confrontational, normal, and not afraid of unknown attacks. "

As a systematic practice of the native security paradigm, the "security parallel section" pioneered by Ant Group can help modern digital institutions achieve the efficient landing of the native security paradigm, which is located in the financial-level native security architecture and basic platform. it is a new generation of security infrastructure for enterprise digital life. "Security parallel section" has been rated as the top ten innovative directions of cyber security in China in 2023.

▲ chart: security parallel section shows on the 2023 "Network Security week" that "whether it is the primary security paradigm at the top-level architecture level or the security parallel section that has penetrated into the application level, ants always persist in innovation in tracing the source of network security problems." In the future, the core idea of the native security paradigm will provide clearer and concrete guidance for the design of enterprise security architecture, and let the native security move from macro requirements to landing practice. We also hope that under the guidance of the native security paradigm, the security prevention and control system can regularly control the complex security risks brought by the software supply chain and support the stable and continuous development of the business. Wei Tao said.

At other theme activities of Network Security week, Ant Group also shared the specific practical experience of network security. Wang Yu, general manager of the Network Security Department of Ant Group, shared some core key points of high-level security confrontation different from traditional security construction in the keynote speech at the opening ceremony of "Certification training for Security experts in critical Information Infrastructure". Gu Weiqun, head of security parallel section products of Ant Group, shared his thoughts on the security construction of enterprises with digital transformation, which brought the leading practice of Ant Group.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.