Presentation is loading. Please wait.

Presentation is loading. Please wait.

Addressing security challenges on a global scale

Published byHetty Wagner Modified over 5 years ago

Similar presentations

Presentation on theme: "Addressing security challenges on a global scale"— Presentation transcript:

1

2 Addressing security challenges on a global scale
IETF Security Activities and Collaboration Tim Polk National Institute of Standards and Technology Geneva, 6-7 December 2010 Addressing security challenges on a global scale

3 Two Excerpts from IETF Mission Statement
The mission of the IETF is to make the Internet work better … by producing high quality, relevant technical documents that influence the way people design, use, and manage the Internet. One of the Cardinal Rules is Protocol Ownership When the IETF takes ownership of a protocol or function, it accepts the responsibility for all aspects of the protocol .... Geneva, 6-7 December 2010 Addressing security challenges on a global scale

4 Responsibilities of IETF Security Area
Security-centric standards development IETF Security Area includes between ten and eighteen working groups devoted to a particular mechanism or technology Contributing “security-clue” to standards developed in other IETF areas Recruiting security participants to contribute to other IETF standards areas, and monitoring those efforts to ensure we are actually helpful Cross-SDO collaboration Providing Internet specific details (X.509) Supporting Security requirements from other SDOs (mikey modes for W3C) Geneva, 6-7 December 2010 Addressing security challenges on a global scale

5 Security-Centric Standards Development
These standards are intended as essential building blocks Key Management Infrastructures Kerberos, X.509, multicast security, hokey, new DNSSEC based key distribution work Secure Transport Transport Layer Security (TLS and DTLS), Secure Shell Secure Applications S/MIME, DKIM, NEA, sasl Authentication Technologies EAP methods, federated authentication Most exciting new work is leveraging DNSSEC to securely distribute key material Geneva, 6-7 December 2010 Addressing security challenges on a global scale

6 Collaborative Initiatives
Many IETF activities are inherently tied to technologies developed outside the security area, but security clue is essential to success Worked examples include DNSSEC (Internet area) and TCP-AO (Transport area) Understanding DNS and the TCP state machine were critical aspects Current activities are focused in the Routing area and include secure inter-domain routing (sidr) and key management for routing protocols (karp) Routing protocols demand a very specific background Cross-SDO activities include X.509 and the XML Digital Signature Standard Geneva, 6-7 December 2010 Addressing security challenges on a global scale

7 High-Priority Opportunities
Ongoing/Emerging IETF activities Leveraging DNSSEC for secure key or certificate distribution Securing routing protocols Security for the “Internet of Things” Privacy-enhancing technologies Other Opportunities Security Automation Application of current protocols to emerging sectors Health care, smart grid, etc. Geneva, 6-7 December 2010 Addressing security challenges on a global scale

8 Personal Observations on Collaboration
Collaborations starts with Sound Architecture and Engineering Decisions Good protocols lend themselves to use as building blocks Well engineered protocols are extensible to solve other problems If a protocol needs major surgery to satisfy a new effort, it may be the wrong protocol Collaboration within the IETF and between SDOs is fundamentally the same problem Success demands that committed individuals regularly participate in the activities of both IETF working groups (or both SDOs) Geneva, 6-7 December 2010 Addressing security challenges on a global scale

Download ppt "Addressing security challenges on a global scale"

Similar presentations

Russ Housley IETF Chair LACNOG 4 October 2011 Successful Internet Protocol Development.

Russ Housley IETF Chair LACNOG 4 October 2011 Successful Internet Protocol Development.
ICANN Plan for Enhancing Internet Security, Stability and Resiliency.

ICANN Plan for Enhancing Internet Security, Stability and Resiliency.
Tips and Resources IASC Cluster/Sector Leadership Training

Tips and Resources IASC Cluster/Sector Leadership Training
Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
Practical Digital Signature Issues. Paving the way and new opportunities. www.oasis-open.org Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.

Practical Digital Signature Issues. Paving the way and new opportunities. Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.
State Health Departments: Focused on the Next Level Ann Robbins Texas Department of State Health Services National Alliance of State and Territorial AIDS.

State Health Departments: Focused on the Next Level Ann Robbins Texas Department of State Health Services National Alliance of State and Territorial AIDS.
Russ Housley IETF Chair 23 July 2012 Introduction to the IETF Standards Process.

Russ Housley IETF Chair 23 July 2012 Introduction to the IETF Standards Process.
RPKI and Routing Security ICANN 44 June 2012. Today’s Routing Environment is Insecure Routing is built on mutual trust models Routing auditing requires.

RPKI and Routing Security ICANN 44 June Today’s Routing Environment is Insecure Routing is built on mutual trust models Routing auditing requires.
S.1 Using a Global Validation Service to Unite Communities Jon Shamah EMEA Head of Sales, BBS eSecurity.

S.1 Using a Global Validation Service to Unite Communities Jon Shamah EMEA Head of Sales, BBS eSecurity.
E-Government Policies, Strategies and Implementation Jamal Shahin Institute for European Studies, Vrije Universiteit Brussel 15:00 – 15:20, 21 December.

E-Government Policies, Strategies and Implementation Jamal Shahin Institute for European Studies, Vrije Universiteit Brussel 15:00 – 15:20, 21 December.
Resource PKI: Certificate Policy & Certification Practice Statement Dr. Stephen Kent Chief Scientist - Information Security.

Resource PKI: Certificate Policy & Certification Practice Statement Dr. Stephen Kent Chief Scientist - Information Security.
The Resource Public Key Infrastructure Geoff Huston APNIC.

The Resource Public Key Infrastructure Geoff Huston APNIC.
DOCUMENT #:GSC15-GTSC-05 FOR:Presentation SOURCE:ITU-T AGENDA ITEM:4.1 NGN, Testing specification and Beyond Chaesub.

DOCUMENT #:GSC15-GTSC-05 FOR:Presentation SOURCE:ITU-T AGENDA ITEM:4.1 NGN, Testing specification and Beyond Chaesub.
Distributed Systems. Outline  Services: DNSSEC  Architecture Models: Grid  Network Protocols: IPv6  Design Issues: Security  The Future: World Community.

Distributed Systems. Outline  Services: DNSSEC  Architecture Models: Grid  Network Protocols: IPv6  Design Issues: Security  The Future: World Community.
Jeju, 13 – 16 May 2013Standards for Shared ICT CYBERSECURITY-RELATED STANDARDS ACTIVITY IN THE TELECOMMUNICATIONS INDUSTRY ASSOCIATION Eric Barnhart, Fellow.

Jeju, 13 – 16 May 2013Standards for Shared ICT CYBERSECURITY-RELATED STANDARDS ACTIVITY IN THE TELECOMMUNICATIONS INDUSTRY ASSOCIATION Eric Barnhart, Fellow.
Interoperability Updates -National Interoperability Roadmap 8/20/2014 Erica Galvez, ONC Interoperability Portfolio Manager.

Interoperability Updates -National Interoperability Roadmap 8/20/2014 Erica Galvez, ONC Interoperability Portfolio Manager.
State Alliance for e-Health Conference Meeting January 26, 2007.

State Alliance for e-Health Conference Meeting January 26, 2007.
Russ Housley IETF Chair Internet2 Spring Member Meeting 28 April 2009 Successful Protocol Development.

Russ Housley IETF Chair Internet2 Spring Member Meeting 28 April 2009 Successful Protocol Development.
A Brief Overview of draft-ietf-sidr-cp-01.txt draft-ietf-sidr-cps-rirs-01.txt draft-ietf-sidr-cps-isp-00.txt Steve Kent BBN Technologies.

A Brief Overview of draft-ietf-sidr-cp-01.txt draft-ietf-sidr-cps-rirs-01.txt draft-ietf-sidr-cps-isp-00.txt Steve Kent BBN Technologies.
June 6, 20031 CRISP Overview and Update Andrew Newton VeriSign Labs

June 6, CRISP Overview and Update Andrew Newton VeriSign Labs

Similar presentations

Ads by Google