“Securitizing” the Internet – A Socio-Political Analysis Oxford Internet Institute Summer Doctorate Program July 2004 Nimrod Kozlovski

Slides:

Advertisements

Similar presentations

Secure Internet Solutions Geoff Huston Chief Scientist, Internet Telstra.

Advertisements

May 2 nd, 2001, page n° 1 The Invisible Network. May 2 nd, 2001, page n° 2 List of contents Introduction The invisible network: an example Some trends.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Group #1: Protocols for Wireless Mobile Environments.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Peer-to-Peer is Not Always Decentralized …when Centralization is Good Nelson Minar

Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,

Copyright © 2004 Pearson Education, Inc. Slide 5-1 E-commerce Kenneth C. Laudon Carol Guercio Traver business. technology. society. Second Edition.

1 Next-Generation Secure Internet: Security Overview and Context Adrian Perrig in collaboration with Steven Bellovin, David Clark, Dawn Song.

1 Version 3.0 Module 8 Virtual LANs. 2 Version 3.0.

Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.

Cognitive Radio Networks Breakout GENI Wireless Workshop 28 March 2007.

The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.

Tussle in cyberspace: Defining tomorrow ’ s internet D.Clark, J.Wroclawski, K.Sollins & R.Braden Presented by: Ao-Jan Su (Slides in courtesy of: Baoning.

Future Research Directions Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays 1:30pm-2:50pm.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.

Botnets Abhishek Debchoudhury Jason Holmes. What is a botnet? A network of computers running software that runs autonomously. In a security context we.

(Geneva, Switzerland, September 2014)

ACCEPTABLE An acceptable use policy (AUP), also known as an acceptable usage policy or fair use policy, is a set of rules applied by the owner or manager.

An Overview Zhang Fu Outline What is DDoS ? How it can be done? Different types of DDoS attacks. Reactive VS Proactive Defence.

N. GSU Slide 1 Chapter 04 Cloud Computing Systems N. Xiong Georgia State University.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

SAFE AND SOUND. INTRODUCTION Elements of Security Auditing Elements of Security Auditing Applications to Customers Network Applications to Customers Network.

Denial of Service A Brief Overview. Denial of Service Significance of DoS in Internet Security Low-Rate DoS Attacks – Timing and detection – Defense High-Rate,

Social Media Jeevan Kaur, Michael Mai, Jing Jiang.

2002 Symantec Corporation, All Rights Reserved The dilemma European Security Policy and Privacy Ilias Chantzos Government Relations EMEA Terena Conference,

Introduction to Information Technology, 2 nd Edition Turban, Rainer & Potter © 2003 John Wiley & Sons, Inc. 7-1 Introduction to Information Technology.

IP5. Allocation of Spectrum Spectrum as property – sold on the market Spectrum as commons – E2E.

Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.

Vulnerabilities in peer to peer communications Web Security Sravan Kunnuri.

Information Warfare Playgrounds to Battlegrounds.

Internet and Intranet RMUTT, Course Outline 1 st half –Internet overview –TCP/IP protocol –Applications in TCP/IP network 2 nd half –JSP programming.

Toward a Culture of Cybersecurity Research Aaron Burstein TRUST & ACCURATE Research Fellow Samuelson Clinic & BCLT, Boalt Hall UC Berkeley.

A Paradigm Shift in Policing – From Law Enforcement to CyberPolicing Nimrod Kozlovski PORTIA Project CS, Yale University April 2005.

Neo-Liberalism, Regulatory Capitalism and the Future of Consumer Policy Iain Ramsay Osgoode Hall Law School York University Toronto.

Virtual Private Ad Hoc Networking Jeroen Hoebeke, Gerry Holderbeke, Ingrid Moerman, Bard Dhoedt and Piet Demeester 2006 July 15, 2009.

Chapter 9 Networking & Distributed Security. csci5233 computer security & integrity (Chap. 9) 2 Outline Overview of Networking Threats Wiretapping, impersonation,

Law Online: An Introduction Richard Warner Chicago-Kent College of Law

International Strategy Hitt, Ireland, and Hoskisson

CSCE 201 Open Source Information Privacy. CSCE Farkas2 Reading List Recommended reading: – Open Source Intelligence: Private Sector Capabilities.

Resilient Overlay Networks Robert Morris Frans Kaashoek and Hari Balakrishnan MIT LCS

An Analysis of IPv6 Security CmpE-209: Team Research Paper Presentation CmpE-209 / Spring Presented by: Dedicated Instructor: Hiteshkumar Thakker.

Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.

The information contained in this document is confidential, for internal use only, and may not be distributed outside Ministry of Transport and Communications.

Security in Wireless Ad Hoc Networks. 2 Outline  wireless ad hoc networks  security challenges  research directions  two selected topics – rational.

TCP/IP Model & How it Relates to Browsing the Internet Anonymously BY: HELEN LIN.

DASC_Network_Theory.ppt1 Network Theory Implications In Air Transportation Systems Dr. Bruce J. Holmes, NASA Digital Avionics Systems.

Information Warfare Playgrounds to Battlegrounds.

Emergency Services Workshop, 21th-24 th of October, Vienna, Austria Page 1 IP-Based Emergency Applications and Services for Next Generation Networks PEACE.

THE LEGAL ENVIRONMENT OF BUSINESS © 2006 Prentice Hall Ch. 6-1 A Critical Thinking Approach Fourth Edition Nancy K. Kubasek Bartley A. Brennan M. Neil.

Peer to Peer Computing. What is Peer-to-Peer? A model of communication where every node in the network acts alike. As opposed to the Client-Server model,

A Critical Analysis on the Security of IoTs

NCP Info DAY, Brussels, 23 June 2010 NCP Information Day: ICT WP Call 7 - Objective 1.3 Internet-connected Objects Alain Jaume, Deputy Head of Unit.

Data Security in Local Network Using Distributed Firewall Presented By- Rahul N.Bais Guide Prof. Vinod Nayyar H.O.D Prof.Anup Gade.

Overview of Network Security. Network Security2 New Challenges 1.Security does not focus on a “product” only; it is a process and focuses on the whole.

1 Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Architecture Technology Corporation Odyssey Research Associates DARPA OASIS PI.

IS3220 Information Technology Infrastructure Security

t What is VoIP? t How this technology is changing business model in telecom industry?  How this theme has been discussed in the world ? t What are the.

Botnets: Measurement, Detection, Disinfection and Defence Dr Giles Hogben ENISA.

Topologies and behavioral properties of the network Yvon Kermarrec Based on tml.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.

Barracuda NG Firewall ™

Chapter 1: Explore the Network

Chapter 1: Explore the Network

ETHICAL & SOCIAL IMPACT OF INFORMATION SYSTEMS

Munich Intellectual Property Law Center (MIPLC)

Intrusion Detection system

Next-generation Internet architecture

Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham

Presentation transcript:

“Securitizing” the Internet – A Socio-Political Analysis Oxford Internet Institute Summer Doctorate Program July 2004 Nimrod Kozlovski Post-Doc Associate, Yale CS Department, PORTIA Project

“Securitizing” the Internet – A Socio- Political Analysis The internet model of communication The political economy of Information - the Internet model – type of discoursetype of discourse Security on the Internet (TCP/IP-based network) Survivability and take-over resistance – through redundancy and distributed system (Lack of) security with TCP/IP Integrity Confidentiality Availability (information availability vs. node/ server availability) Brief Background introduction

… Attacks on the Internet Layers of attack – physical, logical, semantic Targets – integrity, confidentiality, availability Methods of attack – Intrusion – Hacking, Defacement, Spoofing, Malicious code Disruption – Dos, DDos, Hijacking, Rerouting

… Security responses Technological Social/ Business Legal CyberCrime Law – towards securitization of the internet Cybercrime 1.0 – criminal legislation adaptation Cybercrime 2.0 – procedural and evidentiary Cybercrime the current battlefield Negotiating the security theory Policy choices for a communication medium

Negotiating the security theory Security through obscurity/ confidentiality vs. Security through openness e.g. Code openness – choice in IP regimes (copyright vs. patent); reverse engineering regulation e.g. Vulnerabilities reporting requirements End to End design vs. In- network control Security by diversity vs. Security by homogeneity Peer security vs. Owners’ control e.g. port scanning; trespass Zero Tolerance vs. Failures management False positive/ False negative calibration

Security-informed policy choices for the emerging virtual world Notions of space vs. Notions of flow (of information) Identity playfulness vs. Controlling identity Routing policy – Open road vs. Property rules Downstream liability vs. No-liability (virtual pollution laws) Enforcement – Public vs. Self help Service providers’ role – Liability vs. Immunity {Fair information practices vs. Contractual freedom}

Policy choices – the trends Security-informed policy choices for the emerging virtual world – the trends Notions of space vs. Notions of flow (of information) Identity playfulness vs. Controlling identity e.g. Spoofing, names duplication Routing policy – Open road vs. Property rules Downstream liability vs. No-liability (virtual pollution laws) Enforcement – Public vs. Self help (corporate – ISP, IP owner, conditional) Service providers’ role – Liability vs. Immunity (vis-à-vis user, but regulated) {Fair information practices vs. Contractual freedom}

Political economy in CyberCrime 3.0 Discussion – Cybercrime 3.0 – implications on the political economy of information – rethinking discourse dynamics and power Who controls the design of the communication process? What uses are possible? What and who decides whether new applications and services will be available? Who can shut off the conversation? Control the flow? Channel traffic? Favor speakers? How is the topology of the social network determined? (emergence or structured) What determines how the user can be presented in a conversation? Who defines who you are in a conversation?

Further socio-political dimensions of securitization implications Innovation – what innovation enabled/ limited? Cultural exploration Social organization Political mobilization

Towards normative security discourse Discussion – From security to securitization (See: Helen Nissenbaum) Security policy as a political discourse Revealing the biases in security policy Understanding the dynamics of regulation Political economy analysis as normative guidelines to securitization

Background slides to follow

The Internet Model for Communication and Information Network Internet Model Network Open network Decentralized Parity among users Interactive Neutral among applications Anonymous Linked Easy and cheap to use Lack central control (and central failure point) Inter-connected (to other systems, networks)

The discourse in an Internet Model Network Vivid, robust and unmediated public discourse from diverse and antagonistic sources The Individual controls the type, mode and scope of communication/ interaction From consumers (of information) to producers and distributors of information Dynamic and modular modes of communication to accommodate needs-tailored-communication Emerging design of the network (social, technological, information linkage)