ietf
[Top] [All Lists]

Re: what is a threat analysis?

2005-08-12 02:07:39
At 00:10 12/08/2005, Bill Sommerfeld wrote:
So an effort to come up with a consensus threat analysis sounds like a
very good idea.  It might even be worthy of a working group of its own
as it would likely be useful as a base for more than just the MASS/DKIM
work.

Agree. After 9/11 ICANN changed all its priorities towards security. I proposed the BC (Business Constituency) to work on an "ICP-4 Network Security" proposition (ICPs are the ICANN documents). Several large operators, manufacturers contributed to the project which went to an end rather quickly for Layer 8/9 reasons. The first things we tried to do was:

- to list all the possible types of threads on the conceptual network (this does not include the user security by itself). - all the motivations for attacks - from war down to employee retaliation or flooding, etc.

We saw it was an iterative process. Motivations helping identifying threats, and vice versa. I am not sure I still have a copy of the work we carried (it was privately made in the paranoia of security which was the mood), but I established a method to help it. Anyway from this experience I would suggest the Charter of such a group should be discussed with an enlarged committee including Steve Crocker's ICANN security committee, people from Govs, Military and Commercial Intelligence, people from GAC, people from targeted industries (Banks, Airlines, critical infrastructures, life depending solutions).

I used this experience when considering the network security aspects in the dot-root test-bed, carried in 2002/2003, and for the resulting "national vulnerability to the internet" meetings I organised for France in 2003/2004. This lead to the identification of the need of a compartmentalisation of the internet for risk containment, intelligence protection, community development, service innovation, spaces of exhanges, trust and services, etc. and of the need to analyse, organise and run its intergovernance. We incorporated the AFRAC as a national internet community effort to work and test on the matter.

We observed that it was the best way to achieve the necessary virtual partitionning of the internet while preventing the grassroots balkanisation which develops. Basically it means that the unicity and the unity of the global network will be supported and stenghtened by a myriad of well established, suited and protected externets (virtual external network look-alike). Security of a distributed network is to be distributed.

Also, one has to consider the external implications of the security failures and understand that threats can be to second, third etc. degree, the implication can be major and concern (due to the today implication of the Internet in the world's life) the life of millions. This was the first study, which served as basis for the thinking, and the most important one todate due to its implications: http://whitehouse.gov/pcipb and its preparation is certainly a basic input to consider in that area. Question is: is that IETF? IETF is probably more interested in the resulting specifications? The implications on the current internet structure and vision are important.

jfc



_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf



<Prev in Thread] Current Thread [Next in Thread>