China will soon start rating the trustworthiness of cloud computing service providers, especially for government procurement contracts, a move that could potentially shut the doors to foreign companies, a leading expert involved in drafting the policy told China Daily on Friday.
“The basic idea of the security rating mechanism is to find trustworthy hardware, software and service providers to ensure that the government has total control of the entire ecosystem,” Zuo said. He said the country is building a cloud security assessment, authorization and monitoring system similar to the Federal Risk and Authorization Management Program adopted by the United States two years ago.
The new policy, however, poses a threat to the market share of overseas companies in the sector although they will be allowed to take the assessment. China may ask cloud providers to hand over key operating data and source codes for security reasons, but no overseas company has publicly agreed to disclose such information to the government.
Increasing IT safety concerns are pushing China to hire more local cloud technologies. A number of projects even abandoned overseas providers for made-in-China products
Turnover of the Chinese public cloud market is expected to exceed 6.2 billion yuan ($1 billion) this year, a 30 percent growth over the corresponding period in 2013, according to figures from the China Academy of Telecommunication Research under the Ministry of Industry and Information Technology.