Download presentation
Published byAvery Hoffman Modified over 11 years ago
1
DNS Security and Stability Analysis Working Group (DSSA)
DSSA Update Toronto – October, 2012
2
DSSA DNS Security and Stability Analysis working group Thursday, 18-October: 11:15-12:45 Harbour C Details: Framework Context Education, Training, Awareness Standards, Tools, Techniques Risk Planning Glue Regional or segment focus Constituencies Edge (internal) Within the organization Core Ecosystem-wide Collaborative Risk Assessment Governance Steering Coordination Sharing Delivery Doing Security Management/Leadership Operational & Technical Practices and Controls Research & Analysis Event Monitoring Technology Selection, Deployment & Management Compliance Monitoring Incident Response Edge (external) Cross-organizational Scenarios 2
3
Background At their meetings during the ICANN Brussels meeting the At-Large Advisory Committee (ALAC), the Country Code Names Supporting Organization (ccNSO), the Generic Names Supporting Organization (GNSO), the Governmental Advisory Committee (GAC), and the Number Resource Organization (NROs)… acknowledged the need for a better understanding of the security and stability of the global domain name system (DNS). This is considered to be of common interest to the participating Supporting Organisations (SOs), Advisory Committees (ACs) and others, and should be preferably undertaken in a collaborative effort. 3
4
The DSSA has: Established a cross-constituency working group
Clarified the scope of the effort Developed a protocol to handle confidential information Built a risk-assessment framework Developed risk scenarios Documented this work in a report
5
Still to come (if needed)
Since Prague: Refined and consolidated Launched public-comment cycle Refine the methodology Introduce the framework to a broader audience Complete the risk assessment Still to come (if needed) Go through these quickly as well -- this is the second half of the "Here's what we'll be talking about" introduction
6
Methodology 6
7
Risk Scenarios This is an introductory slide – each scenario follows, so don’t stay here long. If you have time – highlight the axes of the diagram “core to edge” in the vertical dimension, “long term to immediate” in the horizontal. The five scenarios are placed in both dimensions. 7
8
Roles and context 8 Research & Analysis Standards, Tools, Techniques
Edge (internal) Within the organization Security Management/Leadership Edge (external) Cross-organizational Education, Training, Awareness Glue Regional or segment focus Constituencies Risk Planning Core Ecosystem-wide Collaborative Risk Assessment Technology Selection, Deployment & Management Governance Steering Coordination Sharing Compliance Monitoring Operational & Technical Practices and Controls Delivery Doing Event Monitoring Incident Response 8
9
Question: Who is doing what?
Backend registry providers ICANN Security Team ICANN SOs and ACs ccTLD registries IETF ISOC CERTs ISPs DNRMF Network Operator Groups DNS-OARC ENISA FIRST NRO gTLD registries RSAC SSAC IANA And ??? Research & Analysis Standards, Tools, Techniques Edge (internal) Within the organization Security Management/Leadership Edge (external) Cross-organizational Education, Training, Awareness Glue Regional or segment focus Constituencies Risk Planning Core Ecosystem-wide Collaborative Risk Assessment Technology Selection, Deployment & Management Governance Steering Coordination Sharing Here is an even broader view – the SSR ecosystem. This includes risk management, but also risk mitigation Highlight the number of organizations that have roles, responsibilities, accountability and authority in this framework Compliance Monitoring Operational & Technical Practices and Controls Delivery Doing Event Monitoring Incident Response 9
10
Approach: a data-gathering worksheet
Goal: complete the map of DNS SSR functions and participants for our report – and provide a foundation for a “gaps and overlaps” analysis
11
Approach: Coordinate DSSA and DNSRMF
Our charter points us at the “Risk Assessment” subset of a larger Risk Management Framework 11
12
Refine and consolidate Gather comments and feedback
Launch the Risk Mgmt. function Toronto Beijing ID roles – gaps & overlaps Revise report and obtain AC/SO endorsement Determine whether separate DSSA risk-assessment effort is needed Public comment (focus/scope: ICANN the community) DSSA Obtain community feedback and incorporate those suggestions into the RM framework Establish community-based portion of RM launch project Align/Integrate DNSRMF and DSSA findings/methods/leadership This is the “Where Are We Going?” slide – there just wasn’t room for a title, sorry about that. Joint effort Select DNS risk-management framework consultant and launch DNSRMF project Complete DNS risk-management framework Launch the project to establish the RM function and complete one “cycle” DNSRMF (focus/scope: ICANN the org) 12
13
https://community.icann.org/x/4AB5
How you can help Comment on our Phase I report Fill out one of our “Gaps & Overlaps” worksheets Comment on our plans going forward 13
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.