Presentation is loading. Please wait.

Presentation is loading. Please wait.

04-06-17 Strategy to improve Internet Security in Sweden ITU-T SG 17 Geneva Dec 12, 2006 Christoffer Karsberg Network Security Department National Post.

Published byAlexina Doyle Modified over 9 years ago

Similar presentations

Presentation on theme: "04-06-17 Strategy to improve Internet Security in Sweden ITU-T SG 17 Geneva Dec 12, 2006 Christoffer Karsberg Network Security Department National Post."— Presentation transcript:

1 04-06-17 Strategy to improve Internet Security in Sweden ITU-T SG 17 Geneva Dec 12, 2006 Christoffer Karsberg Network Security Department National Post and Telecom Agency (PTS) christoffer.karsberg@pts.se

2 04-06-17 Purpose of this presentation -Point out important strategic positions and action points -Food for thought to SG17 work with security issues -Incourage other countries to bring forth strategies regarding Internet robustness

3 04-06-17 Assignment from the Government  Strategy to improve Internet security in Sweden,  including an action plan,  division of responsibility and  the management of the strategy. Delivery July 30, 2006 The strategy in English may be downloaded from: http://www.pts.se/Archive/Documents/EN/Strategy_Internet_ security_2006_12_July_2006.pdf

4 04-06-17 Aim The aim of the strategy is to facilitate and clarify future work to secure the infrastructure of the Internet in Sweden.

5 04-06-17 Scope of the Strategy: The infrastructure used by the Internet Application level User's equipment, services, information IP level (Internet) Internet operator's network – service to user Transmission level Several logical connections for data communications and telecommunications Cable level Cables (for example 'optical fibre', copper wire) and antennae Ducting level Pipes for cables and masts for antennae R R R R

6 04-06-17 Vision The vision is that in ten years the Internet will be secure, rapid and have high accessibility

7 04-06-17 Goal To secure critical functions in the Internet infrastructure that, if not maintained,  would cause substantial disruption or interruption and in this way  impede or prevent the use of the Internet  for large groups of individual users or for vital public businesses, authorities or organisations.

8 04-06-17 Why a national strategy for Internet Security?  Internet is becoming crucial for national society  Important to have a regional feel and heading for the area  Several national strategies could constitute building blocks for international strategies

9 04-06-17 Trends and threat profiles  Society is becoming increasingly dependent on the Internet  Society is becoming increasingly vulnerable to IT attacks  Vulnerabilities in protocols and programs are increasingly being discovered  Laws, legal proceedings and policies do not keep in pace with developments and globalisation

10 04-06-17 Trends and threat profiles  Convergence in networks, terminals and services is continuing to increase  Inadequate security in user environments constitutes an ever-increasing risk  The competence gap is widening in pace with increased complexity  Developments in the market involve increased internationalisation  More wireless networks and services

11 04-06-17 Strategic positions adopted  The physical infrastructure of the Internet should be protected against accidents, disruption, wiretapping and manipulation of information during transmission  Resistance to disruption in the domain name system should be increased  Resistance to disruption to the exchange of traffic between Internet operators should be increased  Users and buyers should be trained and informed to enhance security awareness

12 04-06-17 Cont’d Strategic positions adopted  The assumption of responsibility for user security should increase among Internet operators and the providers of software and equipment  National awareness of Internet infrastructure should be promoted. This should be done in a broader context regarding information security. The comprehensive approach and coordination of research should be improved  Swedish participation in international fora should be increased. This should be done in collaboration between the private and public sector  Crisis management regarding the Internet infrastructure should be improved

13 04-06-17 Action Plan 23 actions/suggestion in total Within the framework of the strategic positions

14 04-06-17 Measure 5, 3 and 1, ongoing and planned Produce recommendations to: Image courtesy of Computer History Museum UsersASContent providers

15 04-06-17  ISP network unreachable, customers unable to reach the rest of the Internet  Larger part of the Internet unreachable  Traffic could be redirected to wrong network or to a ”black hole” Consequences if Inter-domain routing fails

16 04-06-17 Why pay attention to BGP?  Border Gateway Protocol (BGP) is the basis for all routing between Autonomous Systems that makes the Internet  BGP is highly vulnerable to human errors, as well as a wide range of malicious attacks  ISPs need improved Best Common Practices and make use of them on a global level  Threats will increase – serious attacks will happen  We need a comprehensive security solution!

17 04-06-17 Measure 2, planned: Promote the use of DNSSEC in name servers

18 04-06-17 Why DNSSEC?  The use and dependence of DNS will increase  DNSSEC is a feasible way to achieve increased trust to the DNS and the Internet as a whole.  DNSSEC must be implemented in TLDs and Second Level Domains in the first place  When this has happened, enterprises, organisations and authorities can get security aware servers for secure address resolving

19 04-06-17 Measure 11, Suggestion: Provide the Internet operators with a legal possibility to prevent the spreading of harmful traffic

20 04-06-17 The change of the law would mean that  ISP:s get a legal possibility to take emergency measures  in the form of filtering of electronic messages  that jeopardise the service or the function of the network  for instance dDOS-attacks  Should be combined with an obligation to inform the affected subscriber  Today there must be a consent by the subscriber

21 04-06-17 Measure 4, ongoing: Provide information about vulnerabilities Provides information about vulnerabilities and threats to the public and business sector The Swedish IT incident Centre (SITIC)

22 04-06-17 Measure 7, suggestion: Educate trainee teachers in Internet security

23 04-06-17 Measure 8, suggestion: Further develop PTS’s website for Internet security

24 04-06-17 Measure 12, suggestion: Investigate the requirements for increased responsibility for providers of equipment and software

25 04-06-17 Measure 21, planned: Produce a coordinated continuity plan for the Internet infrastructure in Sweden

26 04-06-17 The management of the Strategy Changes in the strategic positions  are decided upon by the Government  are updated by PTS Updates in the action plan  are decided upon by PTS  are done by PTS every second year Status in the action plan  is reported together with the annual report

27 04-06-17 Discussion Points In what way could this strategy be beneficial to your work with security? In what way does you work correspond with the thoughts of the strategy? –Security baseline? Are there any thoughts regarding the measures? Could secure inter domain routing be of interest? How is the society perspective represented in your standardisation work?

Download ppt "04-06-17 Strategy to improve Internet Security in Sweden ITU-T SG 17 Geneva Dec 12, 2006 Christoffer Karsberg Network Security Department National Post."

Similar presentations

Gender Perspectives in Introduction to Regulation Gender Module #1 ITU Workshops on Sustainability in Telecommunication Through Gender & Social Equality.

Gender Perspectives in Introduction to Regulation Gender Module #1 ITU Workshops on Sustainability in Telecommunication Through Gender & Social Equality.
Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
Near East Plant Protection Network for Regional Cooperation & Knowledge Sharing Food and Agriculture Organization of the United Nations An Overview on.

Near East Plant Protection Network for Regional Cooperation & Knowledge Sharing Food and Agriculture Organization of the United Nations An Overview on.
1 IS/PAL0005 TADAO TAKAHASHI ISOC/BRAZIL INFORMATION SOCIETY INITIATIVES: THE LANDSCAPE IN LATIN AMERICA.

1 IS/PAL0005 TADAO TAKAHASHI ISOC/BRAZIL INFORMATION SOCIETY INITIATIVES: THE LANDSCAPE IN LATIN AMERICA.
ICS 417: The ethics of ICT 4.2 The Ethics of Information and Communication Technologies (ICT) in Business by Simon Rogerson IMIS Journal May 1998.

ICS 417: The ethics of ICT 4.2 The Ethics of Information and Communication Technologies (ICT) in Business by Simon Rogerson IMIS Journal May 1998.
Breaking Trust On The Internet

Breaking Trust On The Internet
Securing the Border Gateway Protocol (S-BGP) Dr. Stephen Kent Chief Scientist - Information Security.

Securing the Border Gateway Protocol (S-BGP) Dr. Stephen Kent Chief Scientist - Information Security.
INFORMATION SOCIETY DEVELOPMENT IN THE REPUBLIC OF BULGARIA “Information Society perspectives in South-Eastern Europe” Thessaloniki, 29 & 30 June 2001.

INFORMATION SOCIETY DEVELOPMENT IN THE REPUBLIC OF BULGARIA “Information Society perspectives in South-Eastern Europe” Thessaloniki, 29 & 30 June 2001.
Telecommunication Development Bureau ITU and ICT Development Trieste, 9 February 2004 Hamadoun I. Touré Director BDT.

Telecommunication Development Bureau ITU and ICT Development Trieste, 9 February 2004 Hamadoun I. Touré Director BDT.
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)
National CIRT - Montenegro “Regional Development Forum” Bucharest, April 2015 Ministry for Information Society and Telecommunications.

National CIRT - Montenegro “Regional Development Forum” Bucharest, April 2015 Ministry for Information Society and Telecommunications.
James Ennis, Department of State, USA ITU-D Question 22/1 Rapporteur.

James Ennis, Department of State, USA ITU-D Question 22/1 Rapporteur.
Counter-Terrorism Implementation Task Force (CTITF) Open Briefing to Member States 27 July 2010 Conference Room 2 NLB.

Counter-Terrorism Implementation Task Force (CTITF) Open Briefing to Member States 27 July 2010 Conference Room 2 NLB.
Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.

Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.
Agricultural Biotechnology Network for Regional Collaboration and Knowledge Sharing Food and Agriculture Organization of the United Nations An Overview.

Agricultural Biotechnology Network for Regional Collaboration and Knowledge Sharing Food and Agriculture Organization of the United Nations An Overview.
Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.

Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.
1 Challenges For A Credit Bureau In Emerging Markets.

1 Challenges For A Credit Bureau In Emerging Markets.
A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.

A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.
Chapter 1: Overview Lecturer: Alias Mohd Telecommunications Department Faculty of Electrical Engineering UTM SET 4573: Data Communication and Switching.

Chapter 1: Overview Lecturer: Alias Mohd Telecommunications Department Faculty of Electrical Engineering UTM SET 4573: Data Communication and Switching.
Session 4.2 Creation of national ICT security infrastructure for developing countries Industry-wide approach: Raising awareness for ICT security infrastructure.

Session 4.2 Creation of national ICT security infrastructure for developing countries Industry-wide approach: Raising awareness for ICT security infrastructure.

Similar presentations

Ads by Google