www.internetsociety.org

Collaborative SecurityReflections about Security and the Open Internet

27th Annual First Conference June 18, 2015

Collaborative Security | 18 June 2015

http://www.internetsociety.org/get-involved/individuals

2

independ

ent sour

ce of

leadersh

ip for I

nternet

policy,

technolo

gy

standard

s, and f

uture

developm

ent

Mission:To promote the open

development, evolution,

and use of the Internet

for the benefit of all

people throughout the

world.

Founded

in 1992

by Inter

net

Pioneers

Global and Inclusive

Independent and Not-for-Profit Org

anizat

ional

home f

or the

IETF

First a few words about who we are, the Internet society….

www.internetsociety.org

The Open InternetWhat was that about again?

Collaborative Security | 18 June 20154

We usually think of the Internet as a complex network of networks, each operated by autonomous operators whereby the services are only loosely coupled to the offered transport networks that offers a best effort service. where application providers provide their applications

Collaborative Security | 18 June 20155

When we talk about technology we have to remember that the technology is really an enabler for humans. The technology is primarily a driver for Socio economic capabilities.

(Although this picture might make you wonder if we give up other social interactions … )

But.. back to the technology for a bit.

Collaborative Security | 18 June 20156

Global R

each &

Integrit

y

http

://ww

w.in

tern

etso

ciety.

org/

inte

rnet

-inva

riant

s-wh

at-re

ally-

mat

ters

General

Purpose

Permissi

onless

Innovati

on

Accessib

le

Accessible

Interoperability& mutual agreement

Collaborat

ion

Interoperable Building Blocks

No Permanent Favorites

Global reach, integrity: Any endpoint of the Internet can address any other endpoint, and the information received at one endpoint is as intended by the sender, wherever the receiver connects to the Internet. Implicit in this is the requirement of global, managed addressing and naming services. General purpose: The Internet is capable of supporting a wide range of demands for its use. While some networks within it may be optimized for certain traffic patterns or expected uses, the technology does not place inherent limitations on the applications or services that make use of it.

Supports innovation without requiring permission (by anyone): Any person or organization can set up a new service, that abides by the existing standards and best practices, and make it available to the rest of the Internet, without requiring special permission.

Accessible – it’s possible to connect to it, build new parts of it, and study it overall: Anyone can “get on” the Internet – not just to consume content from others, but also to contribute content on existing services, put up a server (Internet node), and attach new networks.

Based on interoperability and mutual agreement: The key to enabling inter-networking is to define the context for interoperation – through open standards for the technologies, and mutual agreements between operators of autonomous pieces of the Internet.

Collaboration: Overall, a spirit of collaboration is required – beyond the initial basis of interoperation and bi-lateral agreements, the best solutions to new issues that arise stem from willing collaboration between stakeholders.

Technology – reusable building blocks: Technologies have been built and deployed on the Internet for one purpose, only to be used at a later date to support some other important function.

There are no permanent favourites: While some technologies, companies and regions have flourished, their continued success depends on continued relevance and utility, not strictly some favoured status.

Collaborative Security | 18 June 20157

Security, stupid

The economy, stupid — James Carville had coined as a campaign strategist of Bill Clinton's successful 1992 presidential campaign against sitting president George H. W. Bush.

Security is like economy.

Collaborative Security | 18 June 20158

Open Platform

Open for attack and intrusion

Permission

less

innovation

Malware

development

& deployment

Global Reach

Attacks and crime are

cross-border

Voluntary

collaboration

Hard to

mandate

Looking at these invariants to the security perspective.

Collaborative Security | 18 June 20159

Security is

not an end in

itself

There is no thing as such absolute security

Acceptable residual risks in a specific

context

Resilience

Policy measures that are premised on stopping bad things, rather than protecting what is valued, provide no guide as to how far those measures should go.

If we are not careful, the spectre of cyber threats can be used as a vehicle for control of networks and how they are used, plus pervasive monitoring

Collaborative Security | 18 June 201510 Photo credit: Allen Watkin Source: https://flic.kr/p/47zXL3 License: CC-2.0 BY-SA

Protect

the

inside f

rom

the outs

ide?

Traditional approaches to security were principally concerned with external and internal threats, and the impact they may have on one’s own assets [in other words, threat-based and self-interested]. There is, however, a growing recognition that a security paradigm for the Internet ecosystem should be premised on protecting opportunities for economic and social prosperity, as opposed to a model that is based simply on preventing perceived harm.

Collaborative Security | 18 June 201511

The Internet, with its high degree of interconnection and dependencies, brings another dimension to the management of risks. Security and resilience of the Internet depends not only on how well risks to you and your assets are managed, but also, importantly, on the management of risks that you (by your action or inaction) present to the Internet ecosystem – the “outward” risks. Additionally, some risks need to be managed by more than one actor.

This is the notion of collective and shared risk management – a notion that is well aligned with the “public interest” nature of the Internet. This latter aspect of risk management is not necessarily self-evident, especially since there is often no obviously identifiable immediate harm to the actors or their assets and, therefore, no direct business case that can be immediately associated with such effort. And, it also is human nature to seek outcomes that further our individual “self-interest”. However, such a narrow approach is counter-productive and, in the long-term, harmful to everyone’s interests – not only will it impact the security of the ecosystem, but it will also diminish the overall pool of social and economic potential that the Internet offers.

Collaborative Security | 18 June 201512

Traditional approaches to security were principally concerned with external and internal threats, and the impact they may have on one’s own assets [in other words, threat-based and self-interested]. There is, however, a growing recognition that a security paradigm for the Internet ecosystem should be premised on protecting opportunities for economic and social prosperity, as opposed to a model that is based simply on preventing perceived harm.

Collaborative Security | 18 June 201513

Fosterin

g

Confiden

ce and

Protecti

ng

Opportun

ities

Collecti

ve

Responsi

bility

Evolutio

n and

Consensu

s

Fundamental Properties and Values

Think Globally Act Locally

Fostering confidence and protecting opportunities: The objective of security is to foster confidence in the Internet and to ensure the continued success of the Internet as a driver for economic and social innovation.

Collective Responsibility: Internet participants share a responsibility towards the system as a whole.

Fundamental Properties and Values: Security solutions should be compatible with fundamental human rights and preserve the fundamental properties of the Internet — the Internet Invariants.

Evolution and Consensus: Effective security relies on agile evolutionary steps based on the expertise of a broad set of stakeholders.

Think Globally, act Locally: It is through voluntary bottom-up self-organization that the most impactful solutions are likely to reached.

Collaborative Security | 18 June 2015

Where the rubber meets the road.

14

Enough conceptual talk.. lets see where that takes us.

Collaborative Security | 18 June 2015

Researchers

15

Development

OPS

Devops

SDOs

Orgs

Collaborative security happens in may places, perhaps not even consciously. Anywhere where people get together and work towards improving trust of the Internet. No claim for completeness.

Regional Registries: Maintaining Registries Regional Operators: Best Current Practices Industry organizations like MAAWG and first coordinating Programmers that try to do the right thing by sharing code, reviewing other people code Academic conferences that work on improving security

etc…

Collaborative Security | 18 June 201516

STIX

Taxii

Examples of Standardization

One goal of the workshop is to improve mutual awareness of the participating organizations, to understand their roles, and improve communication between them.  A key outcome of the workshop is to provide greater awareness of existing efforts to mitigate specific types of attacks and greater understanding of the options others have to collaborate and engage with these efforts.  Another goal is to improve end user experience through stronger coordination between the security, operations, and research  communities.

CARIS Workshop

DOTS

An example of collaborative security are activities can be found in standardization. Here is some work that is relevant to the people in this room.

But… technology alone will not be deployed without a general acceptance of the need, and a baseline of trust.

Within OASIS there is (or has been) efforts to work on The Structured Threat Information Expression (STIX) is a language for describing cyber threat information in a standardized and structured manner. Trusted Automated Exchange of Indicator Information (TAXII) standardizes the trusted, automated exchange of cyber threat information. Both subject to another presentation this week.

In the IETF we have seen a BOF around this topic too: The aim of DDoS Open Threat Signaling (DOTS) is to develop a standards based approach for the realtime signaling of DDoS related telemetry and threat handling requests and data between elements concerned with DDoS attack detection, classification, traceback and mitigation.

There are a number of

Collaborative Security | 18 June 2015

{ "handle" : "2001:0DC0:2000::/35", "startAddress" : "2001:dc0:2000::", "endAddress" : "2001:dc0:3fff:ffff:ffff:ffff:ffff:ffff", "ipVersion" : "v6", "name" : "APNIC-AP-V6-BNE", "type" : "ASSIGNED PORTABLE", "country" : "AU", "parentHandle" : "2001:0DC0::/32", "objectClassName" : "ip network", "entities" : [ { "handle" : "DNS3-AP", "vcardArray" : [ "vcard", [ [ "version", { }, "text", "4.0" ], [ "fn", { }, "text", "DNS Administration" ], [ "kind", { }, "text", "group" ], [ "adr", { "label" : "6 Cordelia Street\\nSouth Brisbane\\nQLD 4101" }, "text", [ "", "", "", "", "", "", "" ] ], [ "tel", { "type" : "voice" }, "text", "+61 7 3367 0490" ], [ "tel", { "type" : "fax" }, "text", "+61 7 3367 0482" ], [ "email", { }, "text", "dns-admin@apnic.net" ] ] ], "roles" : [ "administrative" ], "objectClassName" : "entity", "remarks" : [ { "title" : "remarks", "description" : [ "DNS in-addr.arpa zone files maintainer" ] } ], "links" : [ { "value" : "http://rdap.apnic.net/ip/2001:dc0:2000::/35", "rel" : "self", "href" : "http://rdap.apnic.net/entity/DNS3-AP", "type" : "application/rdap+json" } ] }, { "handle" : "IRT-APNIC-AP", "vcardArray" : [ "vcard", [ [ "version", { }, "text", "4.0" ], [ "fn", { }, "text", "IRT-APNIC-AP" ], [ "kind", { }, "text", "group" ], [ "email", { "pref" : "1" }, "text", "security@apnic.net" ], [ "adr", { "label" : "Brisbane, Australia" }, "text", [ "", "", "", "", "", "", "" ] ], [ "email", { }, "text", "helpdesk@apnic.net" ] ] ], "roles" : [ "abuse" ], "objectClassName" : "entity", "remarks" : [ { "title" : "remarks", "description" : [ "APNIC is a Regional Internet Registry.", "We do not operate the referring network and", "is unable to investigate complaints of network abuse.", "For more information, see www.apnic.net/irt" ] } ], "links" : [ { "value" : "http://rdap.apnic.net/ip/2001:dc0:2000::/35", "rel" : "self",

17

RDAP

Restful Queries

RFC 7480-7485

Query and Response

are standardized,

structured and

parssable

JSON responses

"Registry Operator shall implement a new standard supporting access

to domain name registration data (SAC 051) no later than one hundred

thirty--five (135) days after it is requested by ICANN if: 1) the IETF

produces a standard (i.e., it is published, at least, as a Proposed

Standard RFC as specified in RFC 2026); and 2) its implementation is

commercially reasonable in the context of the overall operation of the

registry."

Currently there is no information in the bootstrap registry, that sort of indicates that there may not be a lot of operational deployment.

Collaborative Security | 18 June 201518

Mutually Agreed Norms for Routing Security (MANRS)

Stimulate visible improvements in security and resilience of Internet Routing by changing towards a culture of collective responsibility

Collaborative Security | 18 June 2015

common problems to be addressed

19

incorrec

t routin

g

informat

iontraffic with spoofed source IP addresses

coordination and collaboration between network operators

1 The organization (ISP/network operator) recognizes the interdependent nature of the global routing system and its own role in contributing to a secure and resilient Internet.

2 The organization integrates best current practices related to routing security and resilience in its network management processes in line with the Actions.

3 The organization is committed to preventing, detecting and mitigating routing incidents through collaboration and coordination with peers and other ISPs in line with the Actions.

4 The organization encourages its customers and peers to adopt these Principles and Actions.

Principles

Collaborative Security | 18 June 201520

Prevent propagation of incorrect routing information.

Prevent traffic with spoofed source IP addresses.

Facilitate global operational communication and coordination between network operators.

Facilitate validation of routing information on a global scale.

Action 1

Action 2

Action 3

Advanced

Action 4

Collaborative Security | 18 June 201521

http://www.routingmanifesto.org/

http://manrs.org/

or

Please h

ave this

conversa

tion wit

h

your sta

keholder

s

www.internetsociety.org

Collaborative Security | 18 June 2015

More Resources for Presentation

In addition to this template, the Internet Society communications team has developed a number of resources to facilitate development of new materials and ensure clear, compelling and consistent branding and design.

▪ Additional templates and resources https://wiki.tools.isoc.org/Intranet/Communications/Templates

▪ Writing styleguide https://wiki.tools.isoc.org/Intranet/Communications/Styleguide

▪ Branding and logo information https://wiki.tools.isoc.org/Intranet/Communications/Branding

23

www.internetsociety.org

Kolkman@isoc.org

Chief Internet Technology Officer

Olaf M. Kolkman

Collaborative Security | 18 June 2015

Today’s musings

25

Open Internet

time

Topi

cal F

ocus

Policy

Technology

Collaborative Security

Few Examples

Outline of the presentation….