1 / 6

Changed Internet Security Environment

Protecting Internet Infrastructure Michael M. Roberts [ mmr@darwin.ptvy.ca.us ] MS&E 237 July 11, 2002 Stanford University. Changed Internet Security Environment. • Terrorist threat Terrorist employment of advanced technology Public expectation/demand for govt response

arnav
Download Presentation

Changed Internet Security Environment

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Protecting Internet InfrastructureMichael M. Roberts [ mmr@darwin.ptvy.ca.us ]MS&E 237July 11, 2002Stanford University

  2. Changed Internet Security Environment • Terrorist threat • Terrorist employment of advanced technology • Public expectation/demand for govt response • Recognition within net community before 9/11 that security tools and deployment are not adequate

  3. Dimensions of Internet Security Problem • Network Size - 750 Million Clients & Growing • Diversity of Physical Facilities/Locales • Vulnerability of Open Architecture • Complexityof Users/Uses • Mastery of Security Technology = Zero to ? % • Management Will/Capacity to Allocate Resources ?

  4. Security Action Framework • Make IT Security higher and more visible priority • Do better job with existing security tools incl policies • Design, develop & deploy better security for future • Raise level of collaboration among Govt/Industry/Education • Train human resources for security jobs

  5. Security Policy Issues • Balancing individual vs organizational responsibilityand accountability • What level of security breach/damage is tolerable? • Sanctions for security “misbehavior” • Civil liberties vs law enforcement, e.g. ‘Patriot’ Actand client scanning for holes • Entitlement to due process

  6. Security Implementation Issues • Managing large number of players and creating consistent set of expectations • Obtaining resources for security when risk is always relative (success=nothing happens!) • Preventing quick technical solutions that haveadverse long term impact on net • Fending off federal demands for command &control accountability • Monitoring/reporting/getting credit for improved security

More Related