04-06-17

Strategy to improve Internet Security in Sweden

ITU-T SG 17Geneva Dec 12, 2006

Christoffer KarsbergNetwork Security Department

National Post and Telecom Agency (PTS)christoffer.karsberg@pts.se

04-06-17

Purpose of this presentation

-Point out important strategic positions and action points-Food for thought to SG17 work with security issues-Incourage other countries to bring forth strategies regarding Internet robustness

04-06-17

Assignment from the Government

Strategy to improve Internet security in Sweden,including an action plan,division of responsibility and the management of the strategy.

Delivery July 30, 2006

The strategy in English may be downloaded from:http://www.pts.se/Archive/Documents/EN/Strategy_Internet_security_2006_12_July_2006.pdf

04-06-17

Aim

The aim of the strategy is to facilitate and clarify future work to secure the infrastructure of the Internet in Sweden.

04-06-17

Scope of the Strategy:The infrastructure used by the Internet

Application levelUser's equipment, services, information

IP level (Internet)Internet operator's network – service to user

Transmission levelSeveral logical connections for data communications and telecommunications

Cable levelCables (for example 'optical fibre', copper wire) and antennae

Ducting levelPipes for cables and masts for antennae

RR

RR

04-06-17

Vision

The vision is that in ten years the Internet will be secure, rapid and have high accessibility

04-06-17

Goal

To secure critical functions in the Internet infrastructure that, if not maintained, would cause substantial disruption or interruption and in this way impede or prevent the use of the Internet for large groups of individual users or for vital public businesses, authorities or organisations.

04-06-17

Why a national strategy for Internet Security?

Internet is becoming crucial for national societyImportant to have a regional feel and heading for the areaSeveral national strategies could constitute building blocks for international strategies

04-06-17

Trends and threat profiles

Society is becoming increasingly dependent on the InternetSociety is becoming increasingly vulnerable to IT attacksVulnerabilities in protocols and programs are increasingly being discoveredLaws, legal proceedings and policies do not keep in pace with developments and globalisation

04-06-17

Trends and threat profiles

Convergence in networks, terminals and services is continuing to increaseInadequate security in user environments constitutes an ever-increasing riskThe competence gap is widening in pace with increased complexityDevelopments in the market involve increased internationalisationMore wireless networks and services

04-06-17

Strategic positions adopted

1. The physical infrastructure of the Internet should be protected against accidents, disruption, wiretapping and manipulation of information during transmission

2. Resistance to disruption in the domain name system should be increased

3. Resistance to disruption to the exchange of traffic between Internet operators should be increased

4. Users and buyers should be trained and informed to enhance security awareness

04-06-17

Cont’d Strategic positions adopted

5. The assumption of responsibility for user security should increase among Internet operators and the providers of software and equipment

6. National awareness of Internet infrastructure should be promoted. This should be done in a broader context regarding information security. The comprehensive approach and coordination of research should be improved

7. Swedish participation in international fora should be increased. This should be done in collaboration between the private and public sector

8. Crisis management regarding the Internet infrastructure should be improved

04-06-17

Action Plan

23 actions/suggestion in total

Within the framework of the strategic positions

04-06-17

Measure 5, 3 and 1, ongoing and plannedProduce recommendations to:

Image courtesy of Computer History Museum

Users AS Content providers

04-06-17

ISP network unreachable, customers unable to reach the rest of the Internet Larger part of the Internet unreachableTraffic could be redirected to wrong network or to a ”black hole”

Consequences if Inter-domain routing fails

04-06-17

Why pay attention to BGP? Border Gateway Protocol (BGP) is the basis for all routing

between Autonomous Systems that makes the Internet

BGP is highly vulnerable to human errors, as well as a wide range of malicious attacks

ISPs need improved Best Common Practices and make use of them on a global level

Threats will increase – serious attacks will happen

We need a comprehensive security solution!

04-06-17

Measure 2, planned: Promote the use of DNSSEC in name servers

04-06-17

Why DNSSEC?The use and dependence of DNS will increaseDNSSEC is a feasible way to achieve increased trust to the DNS and the Internet as a whole.DNSSEC must be implemented in TLDs and Second Level Domains in the first placeWhen this has happened, enterprises, organisations and authorities can get security aware servers for secure address resolving

04-06-17

Measure 11, Suggestion: Provide the Internet operators with a legal possibility to prevent the spreading of harmful traffic

04-06-17

The change of the law would mean that

ISP:s get a legal possibility to take emergency measuresin the form of filtering of electronic messagesthat jeopardise the service or the function of the networkfor instance dDOS-attacksShould be combined with an obligation to inform the affected subscriber

Today there must be a consent by the subscriber

04-06-17

Measure 4, ongoing: Provide information about vulnerabilities

Provides information about vulnerabilities and threats to the public and business sector

The Swedish IT incident Centre (SITIC)

04-06-17

Measure 7, suggestion:Educate trainee teachers in Internet security

04-06-17

Measure 8, suggestion: Further develop PTS’s website for Internet security

04-06-17

Measure 12, suggestion: Investigate the requirements for increased responsibility for providers of equipment and software

04-06-17

Measure 21, planned: Produce a coordinated continuity plan for the Internet infrastructure in Sweden

04-06-17

The management of the Strategy

Changes in the strategic positionsare decided upon by the Governmentare updated by PTS

Updates in the action planare decided upon by PTSare done by PTS every second year

Status in the action planis reported together with the annual report

04-06-17

Discussion Points

In what way could this strategy be beneficial to your work with security?In what way does you work correspond with the thoughts of the strategy? –Security baseline?Are there any thoughts regarding the measures?Could secure inter domain routing be of interest?How is the society perspective represented in your standardisation work?