protecting internet infrastructure michael m. roberts [ [email protected] ] ms&e 237 july...
TRANSCRIPT
![Page 1: Protecting Internet Infrastructure Michael M. Roberts [ mmr@darwin.ptvy.ca.us ] MS&E 237 July 11, 2002 Stanford University](https://reader036.vdocuments.net/reader036/viewer/2022083005/56649f115503460f94c23651/html5/thumbnails/1.jpg)
Protecting Internet Infrastructure
Michael M. Roberts
MS&E 237July 11, 2002
Stanford University
![Page 2: Protecting Internet Infrastructure Michael M. Roberts [ mmr@darwin.ptvy.ca.us ] MS&E 237 July 11, 2002 Stanford University](https://reader036.vdocuments.net/reader036/viewer/2022083005/56649f115503460f94c23651/html5/thumbnails/2.jpg)
Changed Internet Security EnvironmentChanged Internet Security Environment
• Terrorist threat
• Terrorist employment of advanced technology
• Public expectation/demand for govt response
• Recognition within net community before 9/11
that security tools and deployment are not adequate
![Page 3: Protecting Internet Infrastructure Michael M. Roberts [ mmr@darwin.ptvy.ca.us ] MS&E 237 July 11, 2002 Stanford University](https://reader036.vdocuments.net/reader036/viewer/2022083005/56649f115503460f94c23651/html5/thumbnails/3.jpg)
Dimensions of Internet Security ProblemDimensions of Internet Security Problem
• Network Size - 750 Million Clients & GrowingNetwork Size - 750 Million Clients & Growing
• Diversity of Physical Facilities/LocalesDiversity of Physical Facilities/Locales
• Vulnerability of Open ArchitectureVulnerability of Open Architecture
• ComplexityComplexity of Users/Usesof Users/Uses
• Mastery of Security Technology = Zero to ? %Mastery of Security Technology = Zero to ? %
• Management Will/Capacity to Allocate Resources ?Management Will/Capacity to Allocate Resources ?
![Page 4: Protecting Internet Infrastructure Michael M. Roberts [ mmr@darwin.ptvy.ca.us ] MS&E 237 July 11, 2002 Stanford University](https://reader036.vdocuments.net/reader036/viewer/2022083005/56649f115503460f94c23651/html5/thumbnails/4.jpg)
Security Action FrameworkSecurity Action Framework
• Make IT Security higher and more visible priority
• Do better job with existing security tools incl policies
• Design, develop & deploy better security for future
• Raise level of collaboration among Govt/Industry/Education
• Train human resources for security jobs
![Page 5: Protecting Internet Infrastructure Michael M. Roberts [ mmr@darwin.ptvy.ca.us ] MS&E 237 July 11, 2002 Stanford University](https://reader036.vdocuments.net/reader036/viewer/2022083005/56649f115503460f94c23651/html5/thumbnails/5.jpg)
Security Policy IssuesSecurity Policy Issues
• Balancing individual vs organizational responsibilityand accountability
• What level of security breach/damage is tolerable?
• Sanctions for security “misbehavior”
• Civil liberties vs law enforcement, e.g. ‘Patriot’ Actand client scanning for holes
• Entitlement to due process
![Page 6: Protecting Internet Infrastructure Michael M. Roberts [ mmr@darwin.ptvy.ca.us ] MS&E 237 July 11, 2002 Stanford University](https://reader036.vdocuments.net/reader036/viewer/2022083005/56649f115503460f94c23651/html5/thumbnails/6.jpg)
Security Implementation IssuesSecurity Implementation Issues
• Managing large number of players and creating consistent set of expectations
• Obtaining resources for security when risk is always relative (success=nothing happens!)
• Preventing quick technical solutions that haveadverse long term impact on net
• Fending off federal demands for command &control accountability
• Monitoring/reporting/getting credit for improved security