1, improve the Internet of Things safety supervision system;

2. Strengthen joint research in Industry-University-Research;

3. Establish a safety assessment and grade certification system for Internet of Things access products in key areas;

4. Accelerate the research and development of networking and communication transmission protocols of the Internet of Things with independent intellectual property rights;

5. Comply with the development trend of Internet of Things security.

Strengthen the security management of IOT cards;

First, strengthen source management and establish and improve classified management and risk assessment systems.

Two, standardize sales management, strengthen contract constraints and functional restrictions.

Three, strengthen the use of monitoring, timely disposal of illegal use.

The fourth is to strengthen supervision and management and fully implement the security responsibility of Internet of Things cards.

Strengthen the security of Internet of Things;

1, data encryption.

Before data transmission and exchange, devices can be authenticated and data can be encrypted. Cryptography ensures that data cannot be accessed in the original way even if it is stolen by hackers. By verifying the identity of the device, the device is guaranteed not to be manipulated and the trap of hacker autonomy is avoided.

2. code signing certificate.

Encoding signature certificate is similar to digital signature, which can ensure that only the verified code can run on the device, and no one can destroy or edit the code except the editor. This adds another layer of security to IOT devices, most of which run on independent platforms.

3. Safety of equipment.

It is estimated that by the end of 20021,billions of devices will be connected to the network, which means that hackers will have billions of new attack sites. Without centralized control and equipment protection, the only way out is to protect the equipment side.

4. Cloud security.

Cloud computing is the main channel of the Internet of Things, so the second peripheral protection to prevent network security must be on the cloud server. There are many cloud security rules in the market, which can be adjusted according to the Internet of Things environment to achieve the best match.

Legal basis:

decision of the standing committee of the national people's congress on strengthening the network information protection

1. The state protects electronic information that can identify citizens' personal identity and involves citizens' personal privacy.

No organization or individual may steal or obtain citizens' personal electronic information by other illegal means, and may not sell or illegally provide citizens' personal electronic information to others.

Internet service providers, other enterprises and institutions and their staff must keep the personal electronic information of citizens collected in their business activities strictly confidential, and may not disclose, tamper with or damage it, or sell it or illegally provide it to others.

Two, network service providers and other enterprises and institutions shall take technical measures and other necessary measures to ensure information security, to prevent the disclosure, damage and loss of personal electronic information of citizens collected in business activities. Once information is leaked, damaged or lost, remedial measures should be taken immediately.

Six, network service providers for users to handle website access services, fixed telephones, mobile phones and other network access procedures, or to provide users with information release services, it should sign or confirm the provision of services with users, requiring users to provide real identity information.

Seven, any organization or individual shall not send commercial electronic information to its fixed telephone, mobile phone or personal email address without the consent or request of the electronic information receiver, or the electronic information receiver explicitly refuses.

8. If a citizen discovers the disclosure of personal identity, dissemination of personal privacy and other network information that infringes on his legitimate rights and interests, or is harassed by commercial electronic information, he has the right to ask the network service provider to delete relevant information or take other necessary measures to stop it.

Nine, any organization or individual has the right to report and accuse the illegal and criminal acts of stealing or otherwise illegally obtaining, selling or illegally providing citizens' personal electronic information and other network information to others; The department that receives the report or complaint shall promptly handle it according to law. The infringed may bring a lawsuit according to law.

Eleven, in violation of this decision, be warned, fined, confiscate the illegal income, revoke the license or cancel the record, close the website, prohibit the relevant responsible personnel from engaging in network services and other penalties, recorded in the social credit file and published; Those who violate the administration of public security shall be punished according to law. If a crime is constituted, criminal responsibility shall be investigated according to law. Whoever infringes upon the civil rights and interests of others shall bear civil liability according to law.