collaborative security
play

Collaborative Security Reflections about Security and the Open - PowerPoint PPT Presentation

Apr 21, 2023 •266 likes •547 views

Collaborative Security Reflections about Security and the Open Internet NLUUG Najaarsconferentie 2015 19 November 2015 www.internetsociety.org Mission: To promote the open development, evolution, f o e c and use of the Internet r u t

  1. Collaborative Security Reflections about Security and the Open Internet NLUUG Najaarsconferentie 2015 19 November 2015 www.internetsociety.org

  2. Mission: To promote the open development, evolution, f o e c and use of the Internet r u t o e s n r t e n t e n for the benefit of all d I n e r p o y e f g d o n p l i i o people throughout the n h h e s r c r e e u d t t a u f e , l y c d i n l a o p , s t d n r e a world. m d p n o a l t e s v e d Organizational 2 home for the 9 Global and 9 Independent and 1 n i d e t Inclusive d Not-for-Profit e n n u r o e F t IETF n I y s r b e e n o i P http://www.internetsociety.org/get-involved/individuals 2 Collaborative Security | NLUUG | November 2015

  3. The Open Internet What was that about again? www.internetsociety.org

  4. 4 Collaborative Security | NLUUG | November 2015

  5. https://www.flickr.com/photos/worldbank/4725033296/in/album-72157634090168746/ 5 Collaborative Security | NLUUG | November 2015

  6. l a r e n e Accessible G e Interoperable s o p r u P Building Blocks & h c a e R l a b y t o i l Interoperability G r g e t n I & mutual s agreement s e l n o i s s i n m o r i e t P a v o n n I s r e t t a m - y l l a e e r l - b Collaboration t i a s h s e w c - c s A t n a i r a v n i - t e n r e t n i / g r o . y t e i c o s t No Permanent e n r e t n i Favorites . w w w 6 Collaborative Security | NLUUG | November 2015 / / : p t t h

  7. Security, stupid 7 Collaborative Security | NLUUG | November 2015

  8. Open for Open attack and Platform intrusion Permission Malware development less & deployment innovation Attacks and Global Reach crime are cross-border Hard to Voluntary mandate collaboration 8 Collaborative Security | NLUUG | November 2015

  9. 9 Collaborative Security | NLUUG | November 2015

  10. 10 Collaborative Security | NLUUG | November 2015

  11. Fundamental g n i r e t d Properties and s n o a F e c n e d i g f n n i Values o t C c e t s o e r i t P i n u t r o p p O e v i t c Think Globally e y l t l i o l C i b i s n Act Locally o p s e R d n a n o i t u l s o u v s E n e s n o C 11 Collaborative Security | NLUUG | November 2015

  12. Where the rubber meets the road. 12 Collaborative Security | NLUUG | November 2015

  13. Orgs Development Researchers Devops OPS NSP Security OARC Ops-t SDOs 13 Collaborative Security | NLUUG | November 2015

  14. 14 Collaborative Security | NLUUG | November 2015

  15. Mutually Agreed Norms for Routing Security (MANRS) Stimulate visible improvements in security and resilience of Internet Routing by changing towards a culture of collective responsibility 15 Collaborative Security | NLUUG | November 2015

  16. common problems to be addressed incorrect routing coordination and traffic with spoofed collaboration information source IP addresses between network operators Principles 1 The organization (ISP/network operator) recognizes the interdependent nature of the global routing system and its own role in contributing to a secure and resilient Internet. 2 The organization integrates best current practices related to routing security and resilience in its network management processes in line with the Actions. 3 The organization is committed to preventing, detecting and mitigating routing incidents through collaboration and coordination with peers and other ISPs in line with the Actions. 4 The organization encourages its customers and peers to adopt these Principles and Actions. 16 Collaborative Security | NLUUG | November 2015

  17. 1 n o i t c A Prevent propagation of incorrect routing information. 2 n o i t c A Prevent traffic with spoofed source IP addresses. 3 n o i t c A Facilitate global operational communication and coordination between network operators. d e c n a v d A 4 n o i t c A Facilitate validation of routing information on a global scale. 17 Collaborative Security | NLUUG | November 2015

  18. Please have this conversation with your stakeholders http://www.routingmanifesto.org/ or http://manrs.org/ r C o u o n t i t a n g c t m a n i f e s t o @ I S O C . o r g 18 Collaborative Security | NLUUG | November 2015

  19. http://www.internetsociety.org/iot/ Collaborative Security and the Internet of Things 19 Collaborative Security | NLUUG | November 2015

  20. Living in a World of Decentralized Data Dr. Burt Kaliski, Jr. Senior Vice President and CTO, Verisign 
 NDSS Workshop on Security of Emerging Networking Technologies (SENT) February 8, 2015 20 Collaborative Security | NLUUG | November 2015

  21. f o k c t s a u L r T l a c i s y h P Establishing l Trust in the a c i t n e d I s e c Object i v e d ‘use’ beyond design criteria s d s e e v n i m L o d g n n a o ) R L r y 0 4 - 5 ( 21 Collaborative Security | NLUUG | November 2015

  22. Areas of Responsibility Examples of Problems Improved algorithms for integer Cryptographic Primitives factorization, too small key size. No end-to-end security, Protocol Specifications and complexity in specifications, Architecture insecure authentication protocols Buffer overflow attacks, poor UI Implementation or other usability problems, poor choice of hardware Enabled debug ports, missing Deployment deployment of security mechanisms Understanding the distributed nature of the development process is essential for tackling security problems. 22 Collaborative Security | NLUUG | November 2015 22 Courtesy: Tschofenig et al, IETF 92 Technical Plenary

  23. Use Cases Business Cases Device Constraints 23 Collaborative Security | NLUUG | November 2015 23 6/11/15

  24. Can you do responsible security on a € 0.04 margin device? 24 Collaborative Security | NLUUG | November 2015

  25. Re-use Internet security technologies: S o m e P r a c t i c a l R e c o m m e n d a t i o n s Use state-of-the-art key length Always use well-analysed security protocols. Use encryption to improve resistance against pervasive monitoring. ▪ Support automatic key management and per-device keys. ▪ ▪ Additional IoT relevant security aspects: Crypto agility is a hard decision and you need to think deeply about it. ▪ See RFC7452 Integrate a software update mechanism and leave enough “head room”. Include a hardware-based random number generator. ▪ Threat analysis must take physical attacks into account. ▪ Use modern operating system concepts to avoid system-wide compromise ▪ ▪ due to a single software bug. ▪ 25 Collaborative Security | NLUUG | November 2015 25 6/11/15

  26. Smart Connected Objects These objects will have a profound impact on our lives. Important Security Questions have not been answered while we deploy. The Collaborative Security Approach has properties that will help to make a positive impact Foster Confidence and Protect Opportunities Evolution and Consensus Fundamental Properties and Values Collective Responsibility Think Globally, Act Locally 26 The Internet Society 6/11/15

  27. Olaf M. Kolkman Chief Internet Technology Officer Kolkman@isoc.org twitter: @kolkman www.internetsociety.org

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Collaborative Security Collaborative Security Gene Tsudik USC/ISI 4676 Admiralty Way Marina

Collaborative Security Collaborative Security Gene Tsudik USC/ISI 4676 Admiralty Way Marina

Collaborative Security Collaborative Security Gene Tsudik USC/ISI 4676 Admiralty Way Marina del Rey, CA 90292 gts@isi.edu http://www.isi.edu/~gts 4/ 21/ 99 1 Group Communication One-to- many Single-source

264 views • 24 slides
The Internet Security Alliance The Internet Security Alliance is a collaborative effort with

The Internet Security Alliance The Internet Security Alliance is a collaborative effort with

The Internet Security Alliance The Internet Security Alliance is a collaborative effort with Carnegie Mellon University. It is a cross-sector, internationally- based trade association devoted to cyber security. ISA has individual corporate

349 views • 30 slides
The Internet Security Alliance The Internet Security Alliance is a collaborative effort between

The Internet Security Alliance The Internet Security Alliance is a collaborative effort between

The Internet Security Alliance The Internet Security Alliance is a collaborative effort between Carnegie Mellon Universitys Software Engineering Institute (SEI) and its CERT Coordination Center (CERT/CC) and the Electronic Industries Alliance

294 views • 10 slides
Security Innovation Lab: Collaborative Research Program IPM IPM Key for Green Agriculture

Security Innovation Lab: Collaborative Research Program IPM IPM Key for Green Agriculture

May 7, 2013 Feed the Future Food Security Innovation Lab: Collaborative Research Program IPM IPM Key for Green Agriculture R. Muniappan Director, Innovative Lab: CRP-IPM (IPM CRSP) Virginia Tech Office of International Research,

221 views • 18 slides
Feed the Future Food Security I nnovation Lab: Collaborative Research Program I PM I PM Key

Feed the Future Food Security I nnovation Lab: Collaborative Research Program I PM I PM Key

Nov. 26, 2013 Feed the Future Food Security I nnovation Lab: Collaborative Research Program I PM I PM Key for Green Agriculture R. Muniappan Director, I nnovative Lab: CRP-I PM ( I PM CRSP) Virginia Tech Office of I nternational

319 views • 18 slides
Synergy: Collaborative: Security and Privacy-Aware Cyber-Physical Systems (NSF CNS-1505799 and

Synergy: Collaborative: Security and Privacy-Aware Cyber-Physical Systems (NSF CNS-1505799 and

Synergy: Collaborative: Security and Privacy-Aware Cyber-Physical Systems (NSF CNS-1505799 and the Intel-NSF Partnership for Cyber- Physical Systems Security and Privacy) Insup Lee (PI) PRECISE Center School of Engineering and Applied Science

1.11k views • 34 slides
Collaborative Deanonymization University of Cambridge Security Seminar Series, 26 May 2020 Patrik

Collaborative Deanonymization University of Cambridge Security Seminar Series, 26 May 2020 Patrik

Collaborative Deanonymization University of Cambridge Security Seminar Series, 26 May 2020 Patrik Keller, Martin Florian, Rainer Bhme https://arxiv.org/abs/2005.03535 Motivation Decentralized systems Crime Anonymity prevention Objective:

194 views • 15 slides
CRA Cyber-Security Collaborative Research Alliance: MACRO: Models for Enabling Continuous

CRA Cyber-Security Collaborative Research Alliance: MACRO: Models for Enabling Continuous

CRA Cyber-Security Collaborative Research Alliance: MACRO: Models for Enabling Continuous Reconfigurability of Secure Missions Prof. Patrick McDaniel Initial Feedback Meeting ARL - Adelphi, MD October 15th, 2013 CRA: Models for Enabling

435 views • 7 slides
Security Architecture in a Collaborative De-Perimeterised Environment: Factors of Success Yulia

Security Architecture in a Collaborative De-Perimeterised Environment: Factors of Success Yulia

Security Architecture in a Collaborative De-Perimeterised Environment: Factors of Success Yulia Cherdantseva 1 Omer Rana 1 Jeremy Hilton 2 1 Cardiff University {y.v.cherdantseva |

593 views • 28 slides
Security for smart Electricity GRIDs Project type: Collaborative project small or medium

Security for smart Electricity GRIDs Project type: Collaborative project small or medium

Security for smart Electricity GRIDs Project type: Collaborative project small or medium scale focused research project Grant agreement no: 607109 Thematic Priority: FP7-SEC-2013-1 October 1 st , 2014 Start date of project: Duration: 36

303 views • 11 slides
Safer Pass the salt 2020 Together. Open Source Collaborative Dynamic Security engine Crowd

Safer Pass the salt 2020 Together. Open Source Collaborative Dynamic Security engine Crowd

Safer Pass the salt 2020 Together. Open Source Collaborative Dynamic Security engine Crowd Sec VC deck v3.1 Rev : 28/11/2019 Why Cyber defense collaboration is the space race of our generation. Williams David Not solved, for a

523 views • 23 slides
IoT Passport: A Blockchain-Based Trust Framework for Collaborative Internet-of-Things Bo Tang ,

IoT Passport: A Blockchain-Based Trust Framework for Collaborative Internet-of-Things Bo Tang ,

IoT Passport: A Blockchain-Based Trust Framework for Collaborative Internet-of-Things Bo Tang , Hongjuan Kang, Jingwen Fan Qi Li Ravi Sandhu Information Security Laboratory, Institute for Network Institute for Cyber Security and Sichuan

1.24k views • 16 slides
Security for smart Electricity GRIDs Collaborative project small or medium scale focused

Security for smart Electricity GRIDs Collaborative project small or medium scale focused

Security for smart Electricity GRIDs Collaborative project small or medium scale focused research project Project type: Grant agreement no: 607109 Thematic Priority: FP7-SEC-2013-1 October 1 st , 2014 Start date of project: Duration: 39

494 views • 14 slides
Collaborative Security Gene Tsudik Computer Networks Division, USC/ISI gts@ics.uci.edu

Collaborative Security Gene Tsudik Computer Networks Division, USC/ISI gts@ics.uci.edu

Collaborative Security Gene Tsudik Computer Networks Division, USC/ISI gts@ics.uci.edu http://www.ics.uci.edu/~gts and Information and Computer Science Department, UC Irvine gts@isi.edu http://www.isi.edu/~gts 12/ 9/ 99

491 views • 26 slides
NEE Urgent Treatment Service (UTS) Collaborative Morag Kirkpatrick UTS Collaborative

NEE Urgent Treatment Service (UTS) Collaborative Morag Kirkpatrick UTS Collaborative

NEE Urgent Treatment Service (UTS) Collaborative Morag Kirkpatrick UTS Collaborative Programme Lead, NEE Moragkirkpatrick@nhs.net NEE UTS Governance Structure NEE Benefits of Collaborative An Alliance Approach Same System, access

115 views • 9 slides
CS490W: What is Collaborative Filtering? Collaborative Filtering (CF): Making recommendation

CS490W: What is Collaborative Filtering? Collaborative Filtering (CF): Making recommendation

CS490W: What is Collaborative Filtering? Collaborative Filtering (CF): Making recommendation decisions for a specific CS-490W user based on the judgments of users with similar tastes Collaborative Filtering Luo Si Train_User 1 1 5 3 3 4

628 views • 6 slides
CBCN4103 It is a global collection of networks, both big and small, that connect together in

CBCN4103 It is a global collection of networks, both big and small, that connect together in

CBCN4103 It is a global collection of networks, both big and small, that connect together in many different ways to form the single entity that we know as "the Internet." Who owns it? The Internet ernet Society, a

833 views • 42 slides
Learning from the Past J. Trent Adams (adams@isoc.org) Learning from the Past: Reinvention A

Learning from the Past J. Trent Adams (adams@isoc.org) Learning from the Past: Reinvention A

W3C Identity in the Browser Workshop Learning from the Past J. Trent Adams (adams@isoc.org) Learning from the Past: Reinvention A Cautionary Tale Of course you can reinvent the wheel but it ll require new roads, too.

304 views • 5 slides
Research and Applications of Internet Measurements (RAIM) in Cooperation with ACM SIGCOMM

Research and Applications of Internet Measurements (RAIM) in Cooperation with ACM SIGCOMM

IRTF & ISOC Workshop on Research and Applications of Internet Measurements (RAIM) in Cooperation with ACM SIGCOMM Yokohama, Japan October 31, 2015 Lars Eggert (lars@netapp.com) Genesis EC looking for opportunities to bring SIG closer

543 views • 19 slides
Understanding and managing your Digital Footprint Privacy in the 21st Century Robin Wilton

Understanding and managing your Digital Footprint Privacy in the 21st Century Robin Wilton

Understanding and managing your Digital Footprint Privacy in the 21st Century Robin Wilton Technical Outreach Director Trust and Identity wilton@isoc.org www.internetsociety.org Why should we care about digital footprints? Your digital

535 views • 20 slides
IPv6 Security David Kelsey (STFC-RAL) ISGC2016, Taipei 16 March 2016 Outline Introduction

IPv6 Security David Kelsey (STFC-RAL) ISGC2016, Taipei 16 March 2016 Outline Introduction

IPv6 Security David Kelsey (STFC-RAL) ISGC2016, Taipei 16 March 2016 Outline Introduction to WLCG & IPv6 IPv6 security & threats IPv6 protocol attacks Issues for site network & security teams Issues for sys admins

501 views • 34 slides
Putting private and government CERTs to the test Stefan Frei, Martin May ETH Zurich:

Putting private and government CERTs to the test Stefan Frei, Martin May ETH Zurich:

Putting private and government CERTs to the test Stefan Frei, Martin May ETH Zurich: http://www.csg.ethz.ch Paper download: http://www.techzoom.net/risk ETH Zurich - Stefan Frei, Martin May - 20 th Annual FIRST Conference 2008 - Vancouver -

723 views • 35 slides
Measuring Decentralized Video Streaming: Background Methodology A Case Study of DTube Analysis

Measuring Decentralized Video Streaming: Background Methodology A Case Study of DTube Analysis

Motivation Measuring Decentralized Video Streaming: Background Methodology A Case Study of DTube Analysis Conclusions Trinh Viet Doan, Tat Dat Pham, Markus Oberprieler, Vaibhav Bajpai Technical University of Munich (TUM) IFIP Networking,

1.26k views • 59 slides
NETmundial Ini-a-ve: Planning Document WHERE ARE WE NOW O

NETmundial Ini-a-ve: Planning Document WHERE ARE WE NOW O

NETmundial Ini-a-ve: Planning Document WHERE ARE WE NOW O VERVIEW q Ini-a-ve was officially launched on 6 November 2014; q The community was invited to:

685 views • 15 slides

More recommend