Interdisciplinary IT Security
Upcoming SlideShare
Loading in...5
×
 

Interdisciplinary IT Security

on

  • 346 views

 

Statistics

Views

Total Views
346
Views on SlideShare
343
Embed Views
3

Actions

Likes
0
Downloads
2
Comments
0

1 Embed 3

http://www.linkedin.com 3

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Introduce AshMention the Wikileaks/Twitter issue from last week – including Iceland MP’s jurisdictional issues - if Ash isn’t going to.
  • Twitter & Tunisia
  • China & Google.Never before had any major US corporation considered closing its operations in ChinaDiscovering cyber attacks against it that had resulted in the theft of Google intellectual propertyAlso targeted the e-mail accounts of Chinese human rights activistsChinese government has vehemently denied any involvement in the attacks 
  • EFF - defending free speech, privacy, innovation, and consumer rights today' Tactical Tech -  ' an international NGO working at the point where rights advocacy meets information management and technology. Our mission is to advance the skills, tools and techniques of rights advocates, empowering them to utilise information and communications as a critical asset in helping marginalised communities understand and effect progressive social, environmental and political change.’Frontline - 'seeks to provide rapid and practical support to at-risk human rights defenders, including through:training and resource materials on security and protection, including digital security'Co-authors of 'Security-in-a-box'.'mission is to explore and understand cyberspace; to study its development, dynamics, norms, and standards; and to assess the need or lack thereof for laws and sanctions.'

Interdisciplinary IT Security Interdisciplinary IT Security Presentation Transcript

  • A vision for inter-disciplinary research in Information SecurityEXTRACT
    Andrew Martin
    Oxford University Computing Laboratory
    With Ash Rahmani
    ISPP seminar series
    17th January 2011
  • Example 4
    Interdisciplinary perspectives on IT Security
    With particular reference to perspectives on International Relations & Human Rights
    AshiyanRahmani-Shirazi
  • DDOS on Human Rights NGOs
    'Distributed Denial of Service (DDoS) is an increasingly common Internet phenomenon capable of silencing Internet speech, usually for a brief interval but occasionally for longer. In this paper, we explore the specific phenomenon of DDoS attacks on independent media and human rights organizations, seeking to understand the nature and frequency of these attacks, their efficacy, and the responses available to sites under attack. Our report offers advice to independent media and human rights sites likely to be targeted by DDoS but comes to the uncomfortable conclusion that there is no easy solution to these attacks for many of these sites, particularly for attacks that exhaust network bandwidth.'
    Berkman Center for Internet & Society report, "Distributed Denial of Service Attacks Against Independent Media and Human Rights Sites" by Ethan Zuckerman et al., December 20th 2010.
  • IT Security & IR - sample attack
    SQL injection attack carried out on the UN website homepage in August 2007
  • Social Media & Political Change
    Twitter and Iran (WashingtonPost)
    The US State Department asked Twitter to delay scheduled maintenance in June to avoid disrupting communications among tech-savvy Iranian citizens
     Cyberactivism also harmful - a lot of calls for Twitter users to participate in cyber-attacks on pro-government Web sites in Iran.
  • China, Power & the Net.
    China and Google (www.arstechnica.com)
    Facebook and Twitter are blocked for their ability to organize groups with anti-government intentions
    Leading Chinese video sites Youku.com and Tudou.com actively monitor submissions and delete those that they consider inappropriate or in violation of Chinese law.
    Chinese government attack on pro-Tibetan NGO's
    Attack on NGO critical of Chinese policy in Darfur
    Five DDOS attacks on Chinese human rights activist websites in January 2010
  • Threat Analysis
    Insider attacks - including recent Wikileaks attacks on US Government.
    Organisational Facebook policy/Twitter policy?
    'Enemy' Governmental attacks e.g. Human rights NGO's intrusion by Human Rights abuser states.
    'Home' Governmental attacks e.g. US government monitoring.
    Internal threats
    Competing organisations.
    Hackers/Profiteering/Wackos.
  • Some existing IT security multidisciplinary research & NGOs
    Electronic Frontier Foundation - www.eff.org
    Tactical Technology Collective - www.tacticaltech.org
    Frontline - www.frontlinedefenders.org
    Harvard Berkman Centre - cyber.law.harvard.edu
  • MSC Thesis - 'A study of and best practices for IT security for the Baha'i International Community - United Nations Office'
    AbstractFor many small organizations operating in a sensitive political, religious, or social context, information security is a critical concern. This dissertation reports upon a study of the current IT security framework of the offices of a non-governmental organization (NGO): the Baha'i International Community United Nations Office (BICUNO), based in New York and Geneva. The study makes use of questionnaires and interviews to determine the current practices and requirements of staff (IT and general), in terms of security related activities. An analysis of current practices, looking at strengths and weaknesses, is performed in the context of the current literature, including the ISO 27002 standard, on security practices. A number of recommendations are presented, in the form of "best security practices", for adoption in this and similar settings.
  • Thank You!
    Ashiyan Rahmani-Shirazi MAKellogg College, Oxford MSC (candidate) - Software Engineering  
    email: ashrahmani@gmail.com +Wheat Atlas Intern, www.cimmyt.orgBusiness Development Manager (p/t), www.ascertica.com