中国科学院院士尹浩:5G+行业应用安全方案呈碎片化 不利于快速部署
发布时间:2026-07-08 15:24:53
12月12日消息(颜翊)5G作为新一代信息通信技术领域的集大成引领性技术,是新型基础设施的核心内容、数字经济发展的关键引擎。当前,全球5G呈现快速发展态势,我国5G融合应用多主体生态初步形成,发展态势良好,然而5G规模化应用仍然面临诸多挑战。在今日举行的中国5G发展大会上,中国科学院院士尹浩发表演讲并指出,在5G+行业应用安全保障方面,虽然5G通信网络安全和设备安全能力得到提升,5G网络“根基”安全得到一定程度保障,但是面向复杂的垂直行业安全需求,5G融合应用安全保障仍面临着一些问题。问题1:安全需求不清晰。部分行业对5G融合应用安全的风险意识及认识不足,安全需求不明确。行业安全需求与5G网络安全供给能力映射关系不清晰。问题2:解决方案碎片化。“一场景一方案一服务”,不利于安全能力快速同步部署,定制化方案成本高、实施难度大。问题3:供给能力待提升。部分行业场景对网络安全性、可靠性要求苛刻,现有5G应用安全服务及产品尚不能完全满足其需求。对此,尹浩提出,要不断增强安全技术与应用的创新能力。在传统网络安全防护、新型安全技术、安全解决方案及检测评估等方面,建议产业各方协作强化安全技术创新,提升网络安全供给能力,带动5G应用安全技术和产品供给整体能力提升。一是升级传统网络安全防护方案。巩固优化下一代防火墙、入侵检测、态势感知等安全防护技术,提升边缘计算应用平台安全等安全供给能力。二是运用新型可信接入与内生防御技术。尝试应用零信任模型、安全访问服务边缘(SASE)、可信计算、密码技术等在专网可信接入和传输安全中的应用。三是推出5G融合应用数据安全方案。基于大数据分析的数据安全风险识别、数据安全保护。解决5G应用引发的敏感数据及隐私保护、数据流转安全等问题。四是研究安全检测评估类技术。研究突破5G网络及应用的安全评测的要求、方法及技术手段。对5G融合应用安全合规性和安全防御能力有效性进行验证。尹浩强调:“发展和安全是一体之两面、相辅相成”。5G与垂直领域深度融合导致IT、CT、OT安全问题相互交织,需要通过标准化的、互信的、高效灵活的安全技术和管理手段,为5G行业应用发展提供坚实的安全保障。在融合应用安全方面,要在5G基础网络安全的基础上构建融合应用安全能力,保障5G融合应用网络安全可靠;技术产业安全方面,要研发共性安全产品及服务,安全能力同步、快速部署,保障差异化需求下安全能力快速部署;安全管理机制方面,要拉通跨行业安全管理要求,明确行业主体安全责任界限,保障跨行业安全职责清晰可溯源。
Yin Hao, academician of the Chinese Academy of Sciences: 5G+ industry application security solutions are fragmented, which is not conducive to rapid deployment. News on December 12 (Yan Yi) As a comprehensive and leading technology in the field of new generation information and communication technology, 5G is the core content of new infrastructure and a key engine for the development of the digital economy. Currently, global 5G is showing a rapid development trend. my country's 5G integrated application multi-subject ecosystem has initially taken shape and is developing well. However, large-scale application of 5G still faces many challenges. At the China 5G Development Conference held today, Yin Hao, an academician of the Chinese Academy of Sciences, gave a speech and pointed out that in terms of 5G+ industry application security, although 5G communication network security and equipment security capabilities have been improved, and the foundation security of 5G networks has been guaranteed to a certain extent, 5G converged application security still faces some problems in the face of complex vertical industry security requirements. Problem 1: Security requirements are unclear. Some industries have insufficient risk awareness and understanding of 5G converged application security, and their security requirements are unclear. The mapping relationship between industry security needs and 5G network security supply capabilities is unclear. Problem 2: Solution fragmentation. One scenario, one solution, one service is not conducive to rapid and synchronous deployment of security capabilities. Customized solutions are costly and difficult to implement. Question 3: Supply capacity needs to be improved. Some industry scenarios have strict requirements on network security and reliability, and existing 5G application security services and products cannot fully meet their needs. In this regard, Yin Hao proposed that the innovation capabilities of security technology and applications should be continuously enhanced. In terms of traditional network security protection, new security technologies, security solutions, and testing and evaluation, it is recommended that all parties in the industry collaborate to strengthen security technology innovation, enhance network security supply capabilities, and drive the overall improvement of 5G application security technology and product supply capabilities. The first is to upgrade traditional network security protection solutions. Consolidate and optimize security protection technologies such as next-generation firewalls, intrusion detection, and situational awareness, and improve security supply capabilities such as edge computing application platform security. The second is to use new trusted access and endogenous defense technologies. Try to apply the zero-trust model, Secure Access Service Edge (SASE), trusted computing, cryptography, etc. in private network trusted access and transmission security. The third is to launch a 5G converged application data security solution. Data security risk identification and data security protection based on big data analysis. Solve issues such as sensitive data and privacy protection, and data flow security caused by 5G applications. The fourth is to study security testing and evaluation technologies. Research breakthrough requirements, methods and technical means for security evaluation of 5G networks and applications. Verify the security compliance and effectiveness of security defense capabilities of 5G converged applications. Yin Hao emphasized: Development and security are two sides of the same coin and complement each other. The deep integration of 5G and vertical fields has led to the intertwining of IT, CT, and OT security issues. Standardized, mutually trustworthy, efficient and flexible security technologies and management methods are needed to provide solid security guarantees for the development of 5G industry applications. In terms of converged application security, it is necessary to build converged application security capabilities on the basis of 5G basic network security to ensure the safety and reliability of 5G converged application networks; in terms of technology industry security, it is necessary to develop common security products and services, synchronize and rapidly deploy security capabilities, and ensure rapid deployment of security capabilities under differentiated needs; in terms of security management mechanisms, it is necessary to unify cross-industry security management requirements, clarify the boundaries of security responsibilities of industry entities, and ensure that cross-industry security responsibilities are clear and traceable