中华人民共和国国家标准：网络安全技术——生成式人工智能服务的基本安全要求

Table of Contents Preface...................................................................................................................................................3Introduction..........................................................................................................................................51Scope.............................................................................................................................................62Normative Reference Documents.........................................................................................63Terminology and Definitions..................................................................................................64Training Data Safety Requirements.....................................................................................75Model Safety Requirements................................................................................................116Safety Measure Requirements...........................................................................................13Appendix A (for Reference) Main Safety Risks of Training Data and GeneratedContent...............................................................................................................................................17Appendix B (for Reference) Safety Assessment Reference Methods...........................19References.........................................................................................................................................44 Preface This document is drafted in accordance with the provisions of GB/T1.1-2020Directives for standardization work--Part 1: Rules for the structure and drafting of Please note the possibility that some of the elements of this document may bethe subject of patent rights. The issuing bodies of this document shall not be heldresponsible for identifying any or all such patent rights. This document is proposed and Drafting organizations(单位)of this document: China Electronics StandardizationInstitute(CESI); National Computer Network Emergency Response TechnicalTeam/Coordination Center of China(CNCERT/CC); Zhejiang University; BeijingZhongguancun Laboratory(ZGC Lab); Shanghai Artificial Intelligence InnovationCenter; Fudan University; Beijing Baidu Netcom Science and Technology Co., Ltd.;Alibaba Cloud Computing Co., Ltd.; Beijing Kuaishou Technology Co., Ltd.; HuaweiCloud Computing Technologies Co., Ltd.; BeihangUniversity; Lenovo (Beijing)LimitedCompany; Ant Technology Group Co., Ltd.;iFlytekCo., Ltd.; Peking University; ChinaCybersecurity Review, Certification and Market Regulation Big Data Center(CCRC);Beijing DeepSeek Artificial IntelligenceBasicTechnology Research Co., Ltd.; Beijing Main drafters of this document: Yao Xiangzhen, Hao Chunliang, Zhang Yanting,Zhang Zhen, Ren Kui, Liu Yong, Yang Min, Qin Zhan, Hu Ying, Xia Wenhui, Chen Zhong,Wang Yingchun, He Min, Zhang Linghan, Xu Xiaogeng, Liu Jianwei, Luo Hongwei, Juntao, Gu Chen, Zheng Zimu, Wu Shaoqing, Wang Jiao, Wang Bingzheng, GuoJianling, Meng Lingyu, Xu Jia, Yang Ziqi, Wang Qinglong, Qiu Xipeng, Huang Qing, ShiLin, Zhang Zongyang, Bian Song, Zhang Zhiyong, Zhang Mi, Hong Geng, Pan Xudong,Hu Yongqi, Lin Guancheng, Liu Junhua, Qiao Yuping, Mei Jingqing, Jia Kai, Zhao Jing,Zhang Yan, Quan Gaoyuan, Tan Zhixing, Yang Guang, Yao Long, Li Qi, Wang Hui, Zhu Introduction At present, generative artificial intelligence (GenAI) technologies are undergoingcontinuous development, and related services have been widely applied, providingconvenience across various aspects of social production and daily life. At the same This document primarily targets generative AI services that possess publicopinion–shaping attributes or social mobilization capabilities, and it supports theconduct of work in areas such as filing and registration management, testing, andevaluation. When the focus is on data annotation safety, this document may be used in Cybersecurity Technology-Basic Safety Requirements for Generative Artificial 1Scope This document2specifies requirements forGenAIservices in areas includingtraining data safety, model safety, and safety measures.3 This document applies to service providers conducting activities related toGenAIservices and also serves as a reference forthe relevant main oversight departments (主 Note:The major safety risks related to training data and generated content are provided inAppendix A, and reference methods for safety assessment ofGenAIservices are provided in Appendix 2Normative Reference Documents The contents of the following documents, through normative references in thistext, constitute indispensable provisions of this document. Among them, for datedreferences, only the edition corresponding to that date applies to this document. For GB/T 25069 Information Security Technology Terminology 3Terminology and Definitions The terms and definitions defined in GB/T 25069 and listed below apply to this