DNS Security and Stability Analysis Working Group (DSSA)

Slides:



Advertisements
Similar presentations
Evaluation at NRCan: Information for Program Managers Strategic Evaluation Division Science & Policy Integration July 2012.
Advertisements

ICANN Report Presented by: Dr Paul Twomey CEO and President LACNIC, Montevideo 31 March 2004.
Prepared by Corporate Affairs September ICANN Update AfriNIC9 26 November 2008 Pointe aux Piments, Mauritius Anne-Rachel Inné ICANN.
1 ICANNs Contractual Compliance Program David Giza, Senior Director, Contractual Compliance Stacy Burnette, Director, Contractual Compliance ICANN Policy.
ICANN Plan for Enhancing Internet Security, Stability and Resiliency.
The At-Large Advisory Committee (ALAC) An Introduction by Dr. Olivier MJ Crépin-Leblond ALAC Chair.
Briefing on the Draft FY11 Operating Plan and Budget Kevin Wilson, CFO 1.
Stability, Security, and Resilience Review Team Report October 2011 Alejandro Pisanty.
IDN Variant Issues Project (VIP) Project Update and Next Steps 11 April 2012.
DNS Security and Stability Analysis Working Group (DSSA) DSSA Update Prague – June, 2012.
11 Scaling Up World Bank Group Engagement with Civil Society: A Strategic Priorities Paper Civil Society Team EXTIA.
The Role of Governments Caribbean Telecommunications Union Ministerial Seminar May 29, 2012 Heather Dryden Chair - Governmental Advisory Committee, ICANN.
Draft Roadmap to Implement SAC 051 Steve Sheng, ICANN 1.
SAI Performance Measurement Framework
Gap Analysis >> Next Steps
The At-Large Advisory Committee (ALAC) An Introduction by Dr. Olivier MJ Crépin-Leblond ALAC Chair.
DSSA Update Costa Rica – March, Goals for today Update you on our progress Raise awareness Solicit your input 2.
ICANN Security and Stability Advisory Committee ICANN Meetings Rio de Janeiro March 26, 2003.
Internationalized Domain Names Status Report Prepared for: ICANN Meeting, Lisbon 29 March, 2007 Tina Dam IDN Program Director ICANN
Joint SSR-RT/DSSA meeting DSSA Progress Update Dakar – October 2011.
1 Multi-Stakeholder Models Internet Governance Sébastien Bachollet ICANN Board of Directors Kiev, Ukraine, 28 September 2012.
Glen de Saint Géry ICANN GNSO Secretariat for Theresa Swinehart Counsel for International Legal Affairs Domain Day Milan.
“ICANN and the Global Internet” ICANN Workshop Wednesday, October 9, 2002 Mexico City.
Transition of U.S. Commerce Department’s National Telecommunications and Information Administration (NTIA) Stewardship of the IANA Functions to the Global.
ICANN and the Internet Ecosystem. 2  A network of interactions among organisms, and between organisms and their environment.  The Internet is an ecosystem.
2011 – 2014 ICANN Strategic Plan Development Stakeholder Review 4 November 2010.
Revised Draft Strategic Plan 4 December 2010.
Transition of U.S. Commerce Department’s National Telecommunications and Information Administration (NTIA) Stewardship of the IANA Functions to the Global.
FY15 Operating Plan Framework Conference call Community/Staff March 12 th 2014.
Greg Rattray ICANN Chief Internet Security Advisor
DSSA-WG Progress Update Dakar – October Charter: Background At their meetings during the ICANN Brussels meeting the At-Large Advisory Committee.
Security, Stability & Resiliency of the DNS Review Team (SSR) Interaction with the Community.
ICANN Fellowship Program. 2  Program Goals  Awareness: Engage representatives from developing nations  Participation: Build capacity within ICANN community.
DSSA Update Costa Rica – March, Goals for today Update you on our progress Raise awareness Solicit your input.
CcNSO Update for APTLD New Delhi February 2012 Keith Davidson, ccNSO Councillor.
ICANN COMMUNITY STRATEGIC PLANNING DISCUSSION Brussels, June
Update from ICANN staff on SSR Activities Greg Rattray Tuesday 21 st 2010.
1 ICANN update Save Vocea APSTAR retreat, Taipei, TW 24 February 2008.
Organizations, Institutions, the Domain Name and addressing system, Internet Governance… D-day 2005 Milan, Italy 24 November 2005 Theresa Swinehart GM,
1 ICANN & Global Partnerships Baher Esmat Manager, Regional Relations Middle East ccTLD Training, Amman Nov, 2007.
JIG (Joint ccNSO-GNSO IDN Group) Update APTLD | New Delhi Feb 23, 2012.
Privacy Project Framework & Structure HIPAA Summit Brent Saunders
DSSA Update Costa Rica – March, Goals for today Update you on our progress Raise awareness Solicit your input 2.
DSSA Update Costa Rica – March, Goals for today Update you on our progress Raise awareness Solicit your input 2.
1 ICANN... update Pablo Hinojosa Manager, Regional Relations Global and Strategic Partnerships 2007 Caribbean Internet Forum St. Lucia, 5 November 2007.
THE IANA FUNCTIONS The Coordination of the Assignment of Technical Internet Protocol Parameters The Administration of Certain Responsibilities Associated.
1 1 The GNSO Role in Internet Governance Presented by: Chuck Gomes Date: 13 May 2010.
Conficker Update John Crain. What is Conficker? An Internet worm  Malicious code that is self-replicating and distributed over a network A blended threat.
DSSA-WG Progress Update Singapore – June Charter: Background At their meetings during the ICANN Brussels meeting the At-Large Advisory Committee.
Security, Stability & Resiliency of the DNS Review Team Wednesday, 8 December 2010.
IDN UPDATE Tina Dam ICANN Chief gTLD Registry Liaison Public Forum, Wellington 30 March 2006.
Text #ICANN51. Text #ICANN51 GNSO Briefing on Key Strategic Initiatives 12 October 2014.
ICANN Regional Outreach Meeting, Dubai 1–3 April Toward a Global Internet Paul Twomey President and CEO 1 April 2008 ICANN Regional Meeting 1–3.
ICANN Strategic Initiatives for Security, Stability and Resiliency - DNS CERT Posted for Public Comment at 1.
Fostering Multi-Stakeholder Internet Governance Models in the Region Bill Graham, Director, ICANN Board.
DSSA Update Costa Rica – March, Goals for today Update you on our progress Raise awareness Solicit your input.
Update on Consumer Choice, Competition and Innovation (CCI) WG Rosemary Sinclair.
Domain Day ICANN and Reform Tuesday, 5 November 2002 Milan, Italy Theresa Swinehart, Counsel for International Legal Affairs, ICANN.
Vice Chair, UK Representative, Governmental Advisory Committee (GAC)
IANA FUNCTIONS STEWARDSHIP TRANSITION
ICANN Multi-Stakeholder Model
GAC in Nomcom Working Group ICANN56 Helsinki , June 2016
IANA Stewardship Transition Coordination Group (ICG)
ICANN’s Policy Development Activities
Partnership of Governments, Businesses and Civil Society: the ICANN example in coordinating resources and policy making Dr. Olivier MJ Crépin-Leblond
Rodrigo de la Parra / Laurent Ferrali ICANN org
An Introduction by Dr. Olivier MJ Crépin-Leblond EURALO Chair
Privacy Project Framework & Structure
ICANN Reviews 12 March 2018 Governmental Advisory Committee
Presentation transcript:

DNS Security and Stability Analysis Working Group (DSSA) DSSA Update Toronto – October, 2012

DSSA DNS Security and Stability Analysis working group Thursday, 18-October: 11:15-12:45 Harbour C Details: http://toronto45.icann.org/node/34225 Framework Context Education, Training, Awareness Standards, Tools, Techniques Risk Planning Glue Regional or segment focus Constituencies Edge (internal) Within the organization Core Ecosystem-wide Collaborative Risk Assessment Governance Steering Coordination Sharing Delivery Doing Security Management/Leadership Operational & Technical Practices and Controls Research & Analysis Event Monitoring Technology Selection, Deployment & Management Compliance Monitoring Incident Response Edge (external) Cross-organizational Scenarios 2

Background At their meetings during the ICANN Brussels meeting the At-Large Advisory Committee (ALAC), the Country Code Names Supporting Organization (ccNSO), the Generic Names Supporting Organization (GNSO), the Governmental Advisory Committee (GAC), and the Number Resource Organization (NROs)…   acknowledged the need for a better understanding of the security and stability of the global domain name system (DNS). This is considered to be of common interest to the participating Supporting Organisations (SOs), Advisory Committees (ACs) and others, and should be preferably undertaken in a collaborative effort. 3

The DSSA has: Established a cross-constituency working group Clarified the scope of the effort Developed a protocol to handle confidential information Built a risk-assessment framework Developed risk scenarios Documented this work in a report

Still to come (if needed) Since Prague: Refined and consolidated Launched public-comment cycle Refine the methodology Introduce the framework to a broader audience Complete the risk assessment Still to come (if needed) Go through these quickly as well -- this is the second half of the "Here's what we'll be talking about" introduction

Methodology 6

Risk Scenarios This is an introductory slide – each scenario follows, so don’t stay here long. If you have time – highlight the axes of the diagram “core to edge” in the vertical dimension, “long term to immediate” in the horizontal. The five scenarios are placed in both dimensions. 7

Roles and context 8 Research & Analysis Standards, Tools, Techniques Edge (internal) Within the organization Security Management/Leadership Edge (external) Cross-organizational Education, Training, Awareness Glue Regional or segment focus Constituencies Risk Planning Core Ecosystem-wide Collaborative Risk Assessment Technology Selection, Deployment & Management Governance Steering Coordination Sharing Compliance Monitoring Operational & Technical Practices and Controls Delivery Doing Event Monitoring Incident Response 8

Question: Who is doing what? Backend registry providers ICANN Security Team ICANN SOs and ACs ccTLD registries IETF ISOC CERTs ISPs DNRMF Network Operator Groups DNS-OARC ENISA FIRST NRO gTLD registries RSAC SSAC IANA And ??? Research & Analysis Standards, Tools, Techniques Edge (internal) Within the organization Security Management/Leadership Edge (external) Cross-organizational Education, Training, Awareness Glue Regional or segment focus Constituencies Risk Planning Core Ecosystem-wide Collaborative Risk Assessment Technology Selection, Deployment & Management Governance Steering Coordination Sharing Here is an even broader view – the SSR ecosystem. This includes risk management, but also risk mitigation Highlight the number of organizations that have roles, responsibilities, accountability and authority in this framework Compliance Monitoring Operational & Technical Practices and Controls Delivery Doing Event Monitoring Incident Response 9

Approach: a data-gathering worksheet Goal: complete the map of DNS SSR functions and participants for our report – and provide a foundation for a “gaps and overlaps” analysis

Approach: Coordinate DSSA and DNSRMF Our charter points us at the “Risk Assessment” subset of a larger Risk Management Framework 11

Refine and consolidate Gather comments and feedback Launch the Risk Mgmt. function Toronto Beijing ID roles – gaps & overlaps Revise report and obtain AC/SO endorsement Determine whether separate DSSA risk-assessment effort is needed Public comment (focus/scope: ICANN the community) DSSA Obtain community feedback and incorporate those suggestions into the RM framework Establish community-based portion of RM launch project Align/Integrate DNSRMF and DSSA findings/methods/leadership This is the “Where Are We Going?” slide – there just wasn’t room for a title, sorry about that. Joint effort Select DNS risk-management framework consultant and launch DNSRMF project Complete DNS risk-management framework Launch the project to establish the RM function and complete one “cycle” DNSRMF (focus/scope: ICANN the org) 12

https://community.icann.org/x/4AB5 How you can help Comment on our Phase I report Fill out one of our “Gaps & Overlaps” worksheets Comment on our plans going forward https://community.icann.org/x/4AB5 13