Transcript Här skriver du rubrik

Strategy to improve Internet Security in Sweden
ITU-T SG 17
Geneva Dec 12, 2006
Christoffer Karsberg
Network Security Department
National Post and Telecom Agency (PTS)
[email protected]
04-06-17
Purpose of this presentation
-Point out important strategic positions and action points
-Food for thought to SG17 work with security issues
-Incourage other countries to bring forth strategies regarding
Internet robustness
04-06-17
Assignment from the Government
Strategy to improve Internet security in Sweden,
including an action plan,
division of responsibility and
the management of the strategy.
Delivery July 30, 2006
The strategy in English may be downloaded from:
http://www.pts.se/Archive/Documents/EN/Strategy_Internet_
security_2006_12_July_2006.pdf
04-06-17
Aim
The aim of the strategy is to facilitate and clarify future work
to secure the infrastructure of the Internet in Sweden.
04-06-17
Scope of the Strategy:
The infrastructure used by the Internet
Application level
User's equipment,
services, information
IP level (Internet)
Internet operator's
network – service to user
R
R
R
R
Transmission level
Several logical connections
for data communications
and telecommunications
Cable level
Cables (for example
'optical fibre', copper wire)
and antennae
Ducting level
Pipes for cables and masts
for antennae
04-06-17
Vision
The vision is that in ten years the Internet will be secure,
rapid and have high accessibility
04-06-17
Goal
To secure critical functions in the Internet infrastructure that,
if not maintained,
would cause substantial disruption or interruption and in this
way
impede or prevent the use of the Internet
for large groups of individual users or for vital public
businesses, authorities or organisations.
04-06-17
Why a national strategy for Internet Security?
Internet is becoming crucial for national society
Important to have a regional feel and heading for the area
Several national strategies could constitute building blocks
for international strategies
04-06-17
Trends and threat profiles
Society is becoming increasingly dependent on the
Internet
Society is becoming increasingly vulnerable to IT
attacks
Vulnerabilities in protocols and programs are
increasingly being discovered
Laws, legal proceedings and policies do not keep in
pace with developments and globalisation
04-06-17
Trends and threat profiles
Convergence in networks, terminals and services is
continuing to increase
Inadequate security in user environments constitutes
an ever-increasing risk
The competence gap is widening in pace with
increased complexity
Developments in the market involve increased
internationalisation
More wireless networks and services
04-06-17
Strategic positions adopted
1. The physical infrastructure of the Internet should be
protected against accidents, disruption, wiretapping and
manipulation of information during transmission
2. Resistance to disruption in the domain name system
should be increased
3. Resistance to disruption to the exchange of traffic
between Internet operators should be increased
4. Users and buyers should be trained and informed to
enhance security awareness
04-06-17
Cont’d Strategic positions adopted
5. The assumption of responsibility for user security should
increase among Internet operators and the providers of
software and equipment
6. National awareness of Internet infrastructure should be
promoted. This should be done in a broader context regarding
information security. The comprehensive approach and
coordination of research should be improved
7. Swedish participation in international fora should be increased.
This should be done in collaboration between the private and
public sector
8. Crisis management regarding the Internet infrastructure should
be improved
04-06-17
Action Plan
23 actions/suggestion in total
Within the framework of the strategic positions
04-06-17
Measure 5, 3 and 1, ongoing and planned
Produce recommendations to:
Users
AS
Content providers
Image courtesy of Computer History Museum
04-06-17
Consequences if Inter-domain routing fails
ISP network unreachable, customers unable to reach the rest of
the Internet
Larger part of the Internet unreachable
Traffic could be redirected to wrong network or to a ”black hole”
04-06-17
Why pay attention to BGP?
 Border Gateway Protocol (BGP) is the basis for all routing
between Autonomous Systems that makes the Internet
 BGP is highly vulnerable to human errors, as well as a wide
range of malicious attacks
 ISPs need improved Best Common Practices and make use of
them on a global level
 Threats will increase – serious attacks will happen
 We need a comprehensive security solution!
04-06-17
Measure 2, planned: Promote the use of
DNSSEC in name servers
04-06-17
Why DNSSEC?
The use and dependence of DNS will increase
DNSSEC is a feasible way to achieve increased trust
to the DNS and the Internet as a whole.
DNSSEC must be implemented in TLDs and Second
Level Domains in the first place
When this has happened, enterprises, organisations
and authorities can get security aware servers for
secure address resolving
04-06-17
Measure 11, Suggestion: Provide the Internet
operators with a legal possibility to prevent the
spreading of harmful traffic
04-06-17
The change of the law would mean that
ISP:s get a legal possibility to take emergency measures
in the form of filtering of electronic messages
that jeopardise the service or the function of the network
for instance dDOS-attacks
Should be combined with an obligation to inform the
affected subscriber
Today there must be a consent by the subscriber
04-06-17
Measure 4, ongoing: Provide information about
vulnerabilities
The Swedish IT incident Centre (SITIC)
Provides information
about vulnerabilities
and threats to the
public and business
sector
04-06-17
Measure 7,
suggestion:
Educate trainee
teachers in
Internet security
04-06-17
Measure 8, suggestion: Further develop PTS’s
website for Internet security
04-06-17
Measure 12, suggestion: Investigate the
requirements for increased responsibility for
providers of equipment and software
04-06-17
Measure 21, planned: Produce a coordinated
continuity plan for the Internet infrastructure in
Sweden
04-06-17
The management of the Strategy
Changes in the strategic positions
are decided upon by the Government
are updated by PTS
Updates in the action plan
are decided upon by PTS
are done by PTS every second year
Status in the action plan
is reported together with the annual report
04-06-17
Discussion Points
In what way could this strategy be beneficial to your work
with security?
In what way does you work correspond with the thoughts of
the strategy? –Security baseline?
Are there any thoughts regarding the measures?
Could secure inter domain routing be of interest?
How is the society perspective represented in your
standardisation work?
04-06-17