60 likes | 190 Views
Protecting Internet Infrastructure Michael M. Roberts [ mmr@darwin.ptvy.ca.us ] MS&E 237 July 11, 2002 Stanford University. Changed Internet Security Environment. • Terrorist threat Terrorist employment of advanced technology Public expectation/demand for govt response
E N D
Protecting Internet InfrastructureMichael M. Roberts [ mmr@darwin.ptvy.ca.us ]MS&E 237July 11, 2002Stanford University
Changed Internet Security Environment • Terrorist threat • Terrorist employment of advanced technology • Public expectation/demand for govt response • Recognition within net community before 9/11 that security tools and deployment are not adequate
Dimensions of Internet Security Problem • Network Size - 750 Million Clients & Growing • Diversity of Physical Facilities/Locales • Vulnerability of Open Architecture • Complexityof Users/Uses • Mastery of Security Technology = Zero to ? % • Management Will/Capacity to Allocate Resources ?
Security Action Framework • Make IT Security higher and more visible priority • Do better job with existing security tools incl policies • Design, develop & deploy better security for future • Raise level of collaboration among Govt/Industry/Education • Train human resources for security jobs
Security Policy Issues • Balancing individual vs organizational responsibilityand accountability • What level of security breach/damage is tolerable? • Sanctions for security “misbehavior” • Civil liberties vs law enforcement, e.g. ‘Patriot’ Actand client scanning for holes • Entitlement to due process
Security Implementation Issues • Managing large number of players and creating consistent set of expectations • Obtaining resources for security when risk is always relative (success=nothing happens!) • Preventing quick technical solutions that haveadverse long term impact on net • Fending off federal demands for command &control accountability • Monitoring/reporting/getting credit for improved security