Transcript Internet Society Presentation Template

ICT Environment: Internet Architecture, Growth,
Governance and Security Overview
EACO ICT Conference on Broadband Access for All in East Africa
15 – 17 April, Kampala, Uganda.
Michuki Mwangi <[email protected]>
Regional Development Manager for Africa
www.internetsociety.org
1. Internet Architecture:
The Internet Principles, Resources, Open
Standards and Capacity Building
2
Title of Presentation | 15 August 2012
What is your current understanding of
the Internet?
Title of Presentation | 15 August 2012
Founding Internet Principles
Open & Interoperable
– The Internet is fundamentally based on the existence of open, nonproprietary standards.
– They are key to allowing devices, services, and applications to work
together across a wide and dispersed network of networks.
– The Internets open nature is one of its key founding principles
Decentralized Architecture
– The edge-dominant end-to-end architecture of the Internet is
essential to its utility as a platform for innovation, creativity, and
economic opportunity.
– The decentralized architecture maximizes individual users’ power
to choose (or create) and use the hardware, software, and services
that best meet their needs.
– If the Internet is to continue to be a platform for innovation and
creativity, its open, decentralized nature must be preserved.
CITMC-4, Khartoum 2012
Title of Presentation | 15 August 2012
Internet Architecture: Shared Global
Resources and Infrastructure
Title of Presentation | 15 August 2012
Shared Global Resources
IP Addresses
– The fundamental identifier on the Internet is an Internet Protocol (IP)
Address
– Each Host connected on the Internet has a unique IP Address (IPv4
or IPv6) – Inter device communication on the Internet is oblivious of names
AS Numbers
– Autonomous System Numbers (ASNs) are globally unique numbers.
– ASNs are used to identify a network under a single administrative
control and routing policy
Service Names and Port Numbers
– Are used to distinguish between different services that run over
transport control protocols such as TCP, UDP, SCTP, etc
6
Title of Presentation | 15 August 2012
Shared Global Infrastructure
DNS
– Domain Name System (DNS) provides a hierarchical, scalable
distributed lookup system that translates “easy to remember”
names to IP addresses
IXP
– Internet Exchange Points (IXPs) provide physical infrastructure that
allow network operators to exchange Internet traffic between their
networks by means of mutual peering agreements
NTP
– Network Time Protocol (NTP) is a networking protocol for clock
synchronization between computer systems
– NTP uses a hierarchical, semi-layered system levels of clock
sources.
7
Title of Presentation | 15 August 2012
Internet Architecture: Open Standards
Title of Presentation | 15 August 2012
Open Standards
Definition
– Open Standards refer to standards that are publicly available and has
various rights to use associated with it.
– In most cases, Open Standards are developed through open and
transparent processes that aim to draw consensus from the
stakeholders.
Importance
– Open standards ensure the compatibility and interoperability on the
Internet
– This feature is import for the continued growth and evolution of the
Internet
Open Standard Organizations
– There are a number of organizations that focus on Open Standards
– On the Internet there are many standard organizations that play a role
to name but a few IETF, ITU-T, W3C, IEEE, ETSI, etc
9
Title of Presentation | 15 August 2012
The IETF : Rough Consensus and Running Code
Structure
– The Internet Engineering Task Force (IETF) is a international community of individual
volunteers (network designers, operators, vendors, and researchers concerned with
the evolution of the Internet architecture and the smooth operation of the Internet.
– IETF work is organized in 8 Areas headed by Area Director(s) (ADs)
– There are multiple Working Groups (WGs) within each Area. Each WG is headed by
a WG Chair(s) and are defined by a charter
Participation
– It is open to any interested individual and has no formal membership or membership
fee
– Participation is by joining any WG’s mailing list and contributing to the online
discussions
– There are 3 face-to-face meetings held annually in different regions
Standards Process
– The IETF standard documents are referred to as RFC’s or Request for Comments
– Not all RFC’s are standards some are information known as Best Current Practice
(BCPs)
– Any individual can submit a “proposed standard” known as an “draft”
– When a draft is shown to be interoperable and widely deployed it is given the
“Internet Standard” status or RFC.
– A new standard can obsolete an older Internet Standard
10
Title of Presentation | 15 August 2012
Internet Architecture: Capacity
Building
Title of Presentation | 15 August 2012
Capacity Building
NRENs
– National Research and Education Networks (NRENs), Academic
institutions play a critical role in educating students and business
people.
– They also prototype and demonstrate hardware and software solutions
that benefit the Internet
Internet Community
– Many Internet organizations and businesses encourage, train, and
invest in Internet education and capacity building
– Not-for-Profit organizations such as the RIRs, regional and national
network operators groups (NOGs) , and the Network Startup Resource
Centre (NSRC) and Internet Society (ISOC), ITSO, continue to provide
free training for Internet engineers globally and in region.
– Commercial vendors such as Afilias Limited, Alcatel-Lucent, Cisco, IBM,
and Microsoft have established various models for imparting knowledge
and training experts in their respective products.
12
Title of Presentation | 15 August 2012
INTERNET GOVERNANCE
Title of Presentation | 15 August 2012
Internet Governance
“Internet governance is the development and application by
Governments, the private sector and civil society, in their
respective roles, of shared principles, norms, rules,
decision-making procedures, and programs that shape the
evolution and use of the Internet.” – WGIG
Title of Presentation | 15 August 2012
Title of Presentation | 15 August 2012
The Internet Model
The Internet is successful in large part due to its
unique model: shared global ownership,
development based on open standards, and
freely accessible processes for technology and
policy development.
The Internet’s unprecedented success continues
to thrive because the Internet model is open,
transparent, and collaborative. The model relies
on processes and products that are local,
bottom-up, and accessible to users around the
world.
Title of Presentation | 15 August 2012
Internet Model
… describes the common set of operating
values — such as open standards, freely accessible
processes, transparent governance — shared among
many of the key communities and organisations that
have been central to the development and ongoing
evolution of the Internet.
Title of Presentation | 15 August 2012
Multi-stakeholder Partnership
Title of Presentation | 15 August 2012
Multi-stakeholder Partnership
Alliances between parties drawn from government,
business and civil society that strategically aggregate the
resources and competencies of each to resolve the key
challenges (of a selected issue), and which are founded on
principles of shared risk, cost and mutual benefit.
[http://www.unmsp.org]
Title of Presentation | 15 August 2012
Multi-stakeholder Partnership
Structures & Frameworks
– Loose partnerships for exchange of knowledge
– Formal structures (Legal Entity)
Composition
– MSPs are comprised of global, regional and local stakeholders
– They include civil society, technical experts, policy makers, industry
representative, academia, end-users, etc
Roles
– The different stakeholders bring unique value to the multi-stakeholder
process
– Finding the right balance and platform is important for meaningful
engagement at the local level.
– Local Internet development and growth depends upon the cooperation
of ALL stakeholders
20
Title of Presentation | 15 August 2012
Internet Policy Development in MSP
environment
Title of Presentation | 15 August 2012
Policy Development in MSP Environment
National Policy Development
– National multi-stakeholder Internet policy development platforms are
important for developing effective and development conscious national
policies
– The national platforms are instrumental in developing national positions
needed for regional and international policy obligations
Regional Policy Development
– Engaging with and participating at regional Governmental and Internet
policy development organizations meetings is valuable for developing
cross-border common positions
– Regional policy forums include Regional Economic Communities,
Regional Regulatory Associations, AUC, ATU, RIR meetings, Network
Operators Groups (NOGs), ITU-SGs, etc
Global Policy Development
– Engaging with and participating at global policy forums is important to
ensure that the interests of the country and region are considered at the
global level.
– Global policy forums include IGF, ITU, ICANN, OECD, etc
22
Title of Presentation | 15 August 2012
Challenges to the Internet
Title of Presentation | 15 August 2012
Challenges to the Internet
Scaling
– Ensuring that continued global addressing and the routing infrastructure can keep up
with growth.
– Supporting the diverse uses and expectations of applications, services, cultures, and
industries that the Internet supports.
Trust
– The Internet must provide channels for secure, reliable, private, communication
between entities, which can be clearly authenticated in a mutually understood
manner.
– The mechanisms that provide this level of assurance must support both the end-toend nature of Internet architecture and reasonable means for entities to manage and
protect their own identity details.
Multi-lingulism
– Content - Attaining a critical mass of content in a given language is essential to
attracting new and existing Internet users.
– Tools and standards - Measures to ensure that use of a language online is not
impeded by technology (or lack thereof).
– Capacity building - It is easy to underestimate the degree to which capacity building is
essential to enabling a sustainable multilingual presence on the Internet.
24
Title of Presentation | 15 August 2012
Future of the Internet
Scenario 1: Common Pool
–
–
–
–
Positive “generative” and “distributed & decentralised” properties.
Opportunity and growth abound, with no insurmountable barriers to entry for those wishing to take part.
Constant evolution and features a healthy ecosystem of interlinked network operators, developers,
infrastructure providers, resource management organisations, etc.
The “win” for the Internet is that it remains able to react and respond to new requirements.
Scenario 2: Boutique Networks
–
–
–
–
Envisions a future in which political, regional and large enterprise interests fail to maximise the social and
economic potential of a shared, global set of richly connected networks (the Internet)
It carries the weight of self-interest brought by factions seeking to optimise control in small sectors
(political and otherwise).
It also suggests these fractionalised networks will continue to leverage the benefits of existing Internet
standards and technology.
Each proprietary provider draws as much as possible from the common pool while giving little back.
Scenario 3: Moats and Drawbridges
–
–
–
–
–
–
25
Suggests the world of the Internet would be heavily centralised, dominated by a few big players with their
own rules in “big-boys’ clubs.”
Conflicts would be resolved through negotiation, not competition.
There would likely be strong regulation as governments seek to impose some public interest obligations
and perhaps even controls on the equipment users can connect to the network.
Much content would be proprietary and protected by strong intellectual property rights.
Governments would control the behaviour of networks and network users through legal mechanisms and
sanctions.
All players would have close political links to their mutual benefit.
Title of Presentation | 15 August 2012
What is your understanding of the
Internet thus far?
Title of Presentation | 15 August 2012
2. Internet Growth and Impact:
Developing Countries Online and Upcoming
27
Title of Presentation | 15 August 2012
Africa Internet Statistics
Penetration
– 167 Million Internet and 51 Million
Facebook users in Africa
– 29 Internet Exchange Points in 21
African countries exchanging an
aggregate of 12Gbps
– By July 2012, Africa’s total
inventory of terrestrial
transmission networks reached
732,662-km
– 313m people were within reach of
a fiber node and expected to
reach 50% of population with
completion of planned projects by
2015
– Over 50% of African have mobile
phones
– In East Africa over 350,000
Kenyans have low end smart
phones
Source: www.manypossibilities.net
28
Title of Presentation | 15 August 2012
Impact
Economic
– Internet contributes an average 1.9
percent of GDP in aspiring countries—
$366 billion in 2010 (Mckinsey.com)
Innovation
– Entrepreneurship in Content, Financial
and Back-office services
– Mobile Apps and innovation hubs are
contributing to Agricultural, health and
education development
E-Government
– Efficient revenue collection and
management
– Enhancing Service delivery
Internet Ecosystem
– Policy and regulatory reforms are
enabling the growth of the Internet
ecosystem at both local and regional
levels.
29
Title of Presentation | 15 August 2012
Opportunities
Infrastructure
– Development of Carrier Neutral Data Centers Africa has only 84,000
square meters of raised floor capacity (39% of London’s capacity as
at 2011)
– Investments in the last mile infrastructure. Africa’s last mile
technology is largely based on wireless technology
– Lack of competition on cross-border interconnection contributes to
the high cost of regional interconnection
Content & E-Services
– E-Government Services are nascent
– Research and Education content is underdeveloped
– Coordinate efforts to find a standardized solution for M-health
implementation
– E-commerce is largely dependent on the implementation of enabling
frameworks
30
Title of Presentation | 15 August 2012
3. Cyber Security:
National and Regional Certs
31
Title of Presentation | 15 August 2012
Cyber Security
Definition
 Cybercrime is a crime committed using a computer or network or hardware
device where the computer, network or device may be the agent, facilitator or
target of the crime. (Norton Symantec)
Background & Historical Incidents
– Reports of cybercrime date back to 1971 with the “blue box”
– The first Computer Emergency Response Team (CERT) was created in 1987
– In 1995, Mitnick was arrested for breaking into various computers and
downloading 20,000 credit card numbers or downloading proprietary software as
a kind of trophy to prove that his hack was successful.
– In 1998 Robert T. Morris, Jr., graduate student at Cornell University and son of a
chief scientist at the NSA, launches a self-replicating worm (the Morris Worm)
on the government's ARPAnet (precursor to the Internet). The worm gets out of
hand and spreads to over 6000 networked computers, clogging government and
university systems. Morris is dismissed from Cornell, sentenced to three years'
probation, and fined $10K.
– In 2000 the "I Love You" virus spreads quickly by causing copies of itself to be
sent to all individuals on the affected computer’s address book (by attaching
VBScript executable code to e-mails) (May).
32
Title of Presentation | 15 August 2012
Cyber Security Statistics
DOS and DDOS
–
–
–
1,875 DDOS attacks Daily (Arbor
Networks)
Over 80% of the DDOS attacks are over
HTTP flood
DNS DDOs are the least popular
SPAM
–
–
In Feb 2013 proportion of spam in emails
grew by 12.8%
Spam accounted for 71.1% of emails by
Feb 2013
Defacements
–
–
In 2010 there were 1.5 Million
defacements
Most defacements are as a result of well
known vulnerabilities
Phishing
–
–
33
93,463 unique Phishing attacks in 1st half
of 2012
Attacks involved 202 Top Level domains
Title of Presentation | 15 August 2012
34
Title of Presentation | 15 August 2012
Source: Norton Symantec 2012 Cybercrime Report
In 2012 Total cost = $110BN
Average cost per victim = $197
35
Title of Presentation | 15 August 2012
(source: Norton 2012 Cybercrime report)
CERTs in Combating Cyber-Crime
Definition:
 It is an organization or team that provides, to a defined constituency, services and support for
both preventing and responding to computer security incidents
Types of CERTS
–
–
–
Government CERT (Military, Police, Finance, etc)
Industry Specific CERT (ISPs, Banks, etc)
Academic CERT
CERT Services
 Reactive
–
–
–
–
Incident coordination and Reporting
Vulnerability Analysis and Reporting
Artifact Handling
Awareness and Capacity Building
 Proactive
–
–
–
36
Security Audits and Assessments
Development of Security tools
Intrusion detection and Penetration testing Services
Title of Presentation | 15 August 2012
CERT Strategies to Cybercrime
Technology
– Implementation of new technology features to enhance security
such as DNSSEC, PKI and IP Security
– Continued monitoring of networks and analysis of incident reports
Collaboration
– Stakeholder collaboration at both national, regional and global levels
is key to dealing with incidents
Capacity Building
– Capacity building help build the technical expertise needed to deal
with cybercrime
– Information sharing provides critical knowledge on implementation of
best practices and solutions
37
Title of Presentation | 15 August 2012
National CERT
Objective
 Serve as a trusted Point of Contact
 Develop an infrastructure for coordinating responses to computer
and network security incidents within a country
Function
 Develop the capacity to support incident reporting across a broad
spectrum of sectors within a nations boarders
 Conduct incident, vulnerability and artifact analysis to;
– Disseminate information about reported vulnerabilities and
corresponding response strategies
– Share knowledge and relevant mitigation strategies with appropriate
stakeholders and partners
38
Title of Presentation | 15 August 2012
Regional CERT
Objective
 Promote coordination and collaboration between National CERTS
in a region
 Assist with the development CERT programs and activities in a
region
Functions
– Develop and share technical information, tools, methodologies,
processes and best practices
– Encourages and promotes the development of security policies
– Provides technical assistance in the establishment of nation Incident
Response Teams
39
Title of Presentation | 15 August 2012
AfricaCERT
Mission Statement

AfricaCERT is the African forum of computer incident response teams who cooperatively handles
computer security incidents and promotes incident prevention programs.
Services
–
Announcements, Alerts and warnings
–
Incident Response Coordination
–
Consultancy and Training
Contact Information
40

www.africacert.org

[email protected]
Title of Presentation | 15 August 2012
Has your understanding of the
Internet changed?
Title of Presentation | 15 August 2012
Thank You!
42
Title of Presentation | 15 August 2012