SlideShare a Scribd company logo

ICANN Security, Stability and Resiliency Plans & Framework

ICANN is an organization that coordinates the Internet's unique identifier systems. The document discusses the framework for ensuring the security, stability, and resiliency of these identifier systems. It outlines functional areas like threat awareness, collaboration, analytics, and capability building. Coordination is needed across different stakeholders like domain operators, CERTs, and governments to address challenges like attacks against the DNS that can disrupt users.

1 of 15
Download to read offline
!
Champika Wijayatunga!
bdNOG – Bangladesh, 24 May 2014!
Identifier Systems Security
Stability and Resiliency
(ISSSR)!
2
ICANN	
  is	
  a	
  global	
  organiza0on	
  that	
  coordinates	
  the	
  
Internet’s	
  unique	
  iden0fier	
  systems	
  for	
  worldwide	
  public	
  
benefit,	
  enabling	
  a	
  single	
  interoperable	
  Internet.	
  
3
Framework	
  Defini.ons	
  
	
  
•  Security	
  –	
  the	
  capacity	
  to	
  protect	
  and	
  prevent	
  
misuse	
  of	
  Internet	
  unique	
  iden.fiers.	
  
•  Stability	
  –	
  the	
  capacity	
  to	
  ensure	
  that	
  the	
  system	
  
operates	
  as	
  expected,	
  and	
  that	
  users	
  of	
  the	
  unique	
  
iden.fiers	
  have	
  confidence	
  that	
  the	
  system	
  operates	
  
as	
  expected.	
  	
  
•  Resiliency	
  –	
  the	
  capacity	
  of	
  the	
  unique	
  iden.fier	
  
system	
  to	
  effec.vely	
  withstand/tolerate/survive	
  
malicious	
  aBacks	
  and	
  other	
  disrup.ve	
  events	
  
without	
  disrup.on	
  or	
  cessa.on	
  of	
  service.	
  	
  
The	
  Challenge	
  
•  Misuse	
  of	
  and	
  aBacks	
  against	
  the	
  DNS	
  and	
  global	
  
networks	
  challenge	
  overall	
  unique	
  iden.fier	
  security	
  
–  Affect	
  the	
  broad	
  range	
  of	
  users,	
  individuals,	
  businesses,	
  
civil	
  society	
  and	
  governments	
  
•  Security	
  in	
  the	
  context	
  of	
  the	
  Internet's	
  unique	
  
iden.fiers	
  should	
  be	
  addressed	
  through	
  a	
  healthy	
  
Internet	
  ecosystem.	
  	
  
–  an	
  Internet	
  that	
  is	
  sustainable	
  or	
  healthy,	
  stable	
  and	
  
resilient	
  
5	
  
Coordina.on	
  &	
  Collabora.on	
  
•  Generic	
  Top	
  Level	
  Domain	
  Operators	
  (gTLDs)	
  
–  .com,	
  .net,	
  .org	
  etc.	
  
•  Country	
  Code	
  Top	
  Level	
  Domain	
  Operators	
  (ccTLDs)	
  
–  .bd,	
  .in,	
  .sg	
  etc.	
  
•  CERTs	
  
•  Regional	
  Internet	
  Registries	
  (RIRs)	
  
•  Governments	
  /	
  Law	
  Enforcement	
  
•  Interna.onal	
  Organisa.ons	
  
•  Research	
  Organisa.ons	
  /	
  Experts	
  
•  Etc.	
   6	
  

Recommended

Cybersecurity - Introduction and Preventive Measures
Cybersecurity - Introduction and Preventive MeasuresCybersecurity - Introduction and Preventive Measures
Cybersecurity - Introduction and Preventive MeasuresAditya Ratnaparkhi
 
CiscoCertificate Cyber security Essentials
CiscoCertificate Cyber security EssentialsCiscoCertificate Cyber security Essentials
CiscoCertificate Cyber security EssentialsArturo Quiros Arguedas
 
Intro to cybersecurity concepts 20210813
Intro to cybersecurity concepts 20210813Intro to cybersecurity concepts 20210813
Intro to cybersecurity concepts 20210813Kinetic Potential
 
Ransomware: Why Are Backup Vendors Trying To Scare You?
Ransomware: Why Are Backup Vendors Trying To Scare You?Ransomware: Why Are Backup Vendors Trying To Scare You?
Ransomware: Why Are Backup Vendors Trying To Scare You?marketingunitrends
 
Webroot Antivirus Web Security
Webroot Antivirus Web Security Webroot Antivirus Web Security
Webroot Antivirus Web Security Andrew Close
 
A military perspective on cyber security
A military perspective on cyber securityA military perspective on cyber security
A military perspective on cyber securityJoey Hernandez
 
Cyber security from military point of view
Cyber security from military point of viewCyber security from military point of view
Cyber security from military point of viewS.E. CTS CERT-GOV-MD
 
Microsoft john weigelt 2016
Microsoft john weigelt 2016Microsoft john weigelt 2016
Microsoft john weigelt 2016ColloqueRISQ
 

More Related Content

What's hot

Presentation on Network Security
Presentation on Network SecurityPresentation on Network Security
Presentation on Network SecurityAditiPatni3
 
Software Security For DevOps And Continuous Deployment In The Cloud
Software Security For DevOps And Continuous Deployment In The CloudSoftware Security For DevOps And Continuous Deployment In The Cloud
Software Security For DevOps And Continuous Deployment In The CloudInterCon
 
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...NUS-ISS
 
Presentation1 new (1) (1)cf
Presentation1 new (1) (1)cfPresentation1 new (1) (1)cf
Presentation1 new (1) (1)cftoamma
 
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)WAJAHAT IQBAL
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...APNIC
 
Introduction to CSIRTs
Introduction to CSIRTsIntroduction to CSIRTs
Introduction to CSIRTsAPNIC
 
Cybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationCybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationPECB
 
Cyber security-briefing-presentation
Cyber security-briefing-presentationCyber security-briefing-presentation
Cyber security-briefing-presentationsathiyamaha
 
Insider Threats Part 2: Preventing Data Exfiltration with Fidelis Elevate
Insider Threats Part 2: Preventing Data Exfiltration with Fidelis ElevateInsider Threats Part 2: Preventing Data Exfiltration with Fidelis Elevate
Insider Threats Part 2: Preventing Data Exfiltration with Fidelis ElevateFidelis Cybersecurity
 
Ransomware: The Impact is Real
Ransomware: The Impact is RealRansomware: The Impact is Real
Ransomware: The Impact is RealNICSA
 
Cybersecurity Essential
Cybersecurity EssentialCybersecurity Essential
Cybersecurity EssentialTobia La Marca
 
Cyber security essential
Cyber security essentialCyber security essential
Cyber security essentialTobia La Marca
 
Cyber Intelligence Vision Information Sheet 20Nov2013
Cyber Intelligence Vision Information Sheet 20Nov2013Cyber Intelligence Vision Information Sheet 20Nov2013
Cyber Intelligence Vision Information Sheet 20Nov2013Dave Eilken
 

What's hot (20)

Navigating Cybersecurity
Navigating CybersecurityNavigating Cybersecurity
Navigating Cybersecurity
 
Network security
Network securityNetwork security
Network security
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Presentation on Network Security
Presentation on Network SecurityPresentation on Network Security
Presentation on Network Security
 
Software Security For DevOps And Continuous Deployment In The Cloud
Software Security For DevOps And Continuous Deployment In The CloudSoftware Security For DevOps And Continuous Deployment In The Cloud
Software Security For DevOps And Continuous Deployment In The Cloud
 
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...
NUS-ISS Learning Day 2017 - Managing Cybersecurity Risk in the Digital Era fo...
 
Presentation1 new (1) (1)cf
Presentation1 new (1) (1)cfPresentation1 new (1) (1)cf
Presentation1 new (1) (1)cf
 
Cyber Security Briefing
Cyber Security BriefingCyber Security Briefing
Cyber Security Briefing
 
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
 
Introduction to CSIRTs
Introduction to CSIRTsIntroduction to CSIRTs
Introduction to CSIRTs
 
Cybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationCybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the Retaliation
 
Cyber security-briefing-presentation
Cyber security-briefing-presentationCyber security-briefing-presentation
Cyber security-briefing-presentation
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Insider Threats Part 2: Preventing Data Exfiltration with Fidelis Elevate
Insider Threats Part 2: Preventing Data Exfiltration with Fidelis ElevateInsider Threats Part 2: Preventing Data Exfiltration with Fidelis Elevate
Insider Threats Part 2: Preventing Data Exfiltration with Fidelis Elevate
 
cybersecurity es
cybersecurity escybersecurity es
cybersecurity es
 
Ransomware: The Impact is Real
Ransomware: The Impact is RealRansomware: The Impact is Real
Ransomware: The Impact is Real
 
Cybersecurity Essential
Cybersecurity EssentialCybersecurity Essential
Cybersecurity Essential
 
Cyber security essential
Cyber security essentialCyber security essential
Cyber security essential
 
Cyber Intelligence Vision Information Sheet 20Nov2013
Cyber Intelligence Vision Information Sheet 20Nov2013Cyber Intelligence Vision Information Sheet 20Nov2013
Cyber Intelligence Vision Information Sheet 20Nov2013
 

Viewers also liked

Policy SIG (3) Agenda
Policy SIG (3) AgendaPolicy SIG (3) Agenda
Policy SIG (3) AgendaAPNIC
 
Bangladesh Cyber Security Status in Global Perspective
Bangladesh Cyber Security Status in Global PerspectiveBangladesh Cyber Security Status in Global Perspective
Bangladesh Cyber Security Status in Global PerspectiveFakrul Alam
 
IPv6 Deployment in Bangladesh
IPv6 Deployment in BangladeshIPv6 Deployment in Bangladesh
IPv6 Deployment in BangladeshAPNIC
 
DDoS Attacks : Preparation Detection Mitigation
DDoS Attacks : Preparation Detection MitigationDDoS Attacks : Preparation Detection Mitigation
DDoS Attacks : Preparation Detection MitigationFakrul Alam
 

Viewers also liked (20)

Internet Measurement Network
Internet Measurement Network Internet Measurement Network
Internet Measurement Network
 
Engaging with Internet Society
Engaging with Internet SocietyEngaging with Internet Society
Engaging with Internet Society
 
Introductory Presentation of bdNOG
Introductory Presentation of bdNOGIntroductory Presentation of bdNOG
Introductory Presentation of bdNOG
 
Driver Distraction Management Using Sensor Data Cloud
Driver Distraction Management Using Sensor Data Cloud Driver Distraction Management Using Sensor Data Cloud
Driver Distraction Management Using Sensor Data Cloud
 
Internet Development Experiences and Lessons
Internet Development Experiences and Lessons Internet Development Experiences and Lessons
Internet Development Experiences and Lessons
 
Network Security Best Practice (BCP38 & 140)
Network Security Best Practice (BCP38 & 140) Network Security Best Practice (BCP38 & 140)
Network Security Best Practice (BCP38 & 140)
 
Information Society Innovation Fund (ISIF) Showcase
Information Society Innovation Fund (ISIF) Showcase Information Society Innovation Fund (ISIF) Showcase
Information Society Innovation Fund (ISIF) Showcase
 
Discovering and Participating at ICANN
Discovering and Participating at ICANNDiscovering and Participating at ICANN
Discovering and Participating at ICANN
 
IPv6 Deployment Status in Bangladesh
IPv6 Deployment Status in Bangladesh IPv6 Deployment Status in Bangladesh
IPv6 Deployment Status in Bangladesh
 
IRR Toolset, RPSL
IRR Toolset, RPSL IRR Toolset, RPSL
IRR Toolset, RPSL
 
Application of local Internet content
Application of local Internet content Application of local Internet content
Application of local Internet content
 
Configuration Management in Ansible
Configuration Management in Ansible Configuration Management in Ansible
Configuration Management in Ansible
 
Fast Convergence in IP Network
Fast Convergence in IP Network Fast Convergence in IP Network
Fast Convergence in IP Network
 
Cyber Security law in Bangladesh
Cyber Security law in Bangladesh Cyber Security law in Bangladesh
Cyber Security law in Bangladesh
 
Distributed IP-PBX
Distributed IP-PBX Distributed IP-PBX
Distributed IP-PBX
 
History and Evolution of Bangladesh Internet
History and Evolution of Bangladesh Internet History and Evolution of Bangladesh Internet
History and Evolution of Bangladesh Internet
 
Policy SIG (3) Agenda
Policy SIG (3) AgendaPolicy SIG (3) Agenda
Policy SIG (3) Agenda
 
Bangladesh Cyber Security Status in Global Perspective
Bangladesh Cyber Security Status in Global PerspectiveBangladesh Cyber Security Status in Global Perspective
Bangladesh Cyber Security Status in Global Perspective
 
IPv6 Deployment in Bangladesh
IPv6 Deployment in BangladeshIPv6 Deployment in Bangladesh
IPv6 Deployment in Bangladesh
 
DDoS Attacks : Preparation Detection Mitigation
DDoS Attacks : Preparation Detection MitigationDDoS Attacks : Preparation Detection Mitigation
DDoS Attacks : Preparation Detection Mitigation
 

Similar to ICANN Security, Stability and Resiliency Plans & Framework

Identifier Systems Security, Stability and Resiliency by Champika Wijayatunga
Identifier Systems Security, Stability and Resiliency by Champika WijayatungaIdentifier Systems Security, Stability and Resiliency by Champika Wijayatunga
Identifier Systems Security, Stability and Resiliency by Champika WijayatungaMyNOG
 
10 (IDNOG01) Introduction about ICANN by Champika Wijayatunga
10 (IDNOG01) Introduction about ICANN by Champika Wijayatunga10 (IDNOG01) Introduction about ICANN by Champika Wijayatunga
10 (IDNOG01) Introduction about ICANN by Champika WijayatungaIndonesia Network Operators Group
 
Cyber Security
Cyber SecurityCyber Security
Cyber Securityfrcarlson
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareTzar Umang
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
 
Cybersecurity by the numbers
Cybersecurity by the numbersCybersecurity by the numbers
Cybersecurity by the numbersAPNIC
 
Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...
Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...
Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...REVULN
 
Internet Identifier SSR
Internet Identifier SSRInternet Identifier SSR
Internet Identifier SSRAPNIC
 
Cervone uof t - nist framework (1)
Cervone   uof t - nist framework (1)Cervone   uof t - nist framework (1)
Cervone uof t - nist framework (1)Stephen Abram
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective amarukanda
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
 
WHOIS Database for Incident Response & Handling
WHOIS Database for Incident Response & HandlingWHOIS Database for Incident Response & Handling
WHOIS Database for Incident Response & HandlingAPNIC
 
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveCybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveIvan Sang
 
Network security
Network securityNetwork security
Network securityhajra azam
 
Cybersecurity Risk from User Perspective
Cybersecurity Risk from User PerspectiveCybersecurity Risk from User Perspective
Cybersecurity Risk from User PerspectiveAvinantaTarigan
 
Scottish Rite Security Presentation.pptx
Scottish Rite Security Presentation.pptxScottish Rite Security Presentation.pptx
Scottish Rite Security Presentation.pptxjeremylivin
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Michele Chubirka
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxTikdiPatel
 
ARM 7: ICANN - Security, stability and resilience of the Internet
ARM 7: ICANN - Security, stability and resilience  of the InternetARM 7: ICANN - Security, stability and resilience  of the Internet
ARM 7: ICANN - Security, stability and resilience of the InternetAPNIC
 

Similar to ICANN Security, Stability and Resiliency Plans & Framework (20)

Identifier Systems Security, Stability and Resiliency by Champika Wijayatunga
Identifier Systems Security, Stability and Resiliency by Champika WijayatungaIdentifier Systems Security, Stability and Resiliency by Champika Wijayatunga
Identifier Systems Security, Stability and Resiliency by Champika Wijayatunga
 
10 (IDNOG01) Introduction about ICANN by Champika Wijayatunga
10 (IDNOG01) Introduction about ICANN by Champika Wijayatunga10 (IDNOG01) Introduction about ICANN by Champika Wijayatunga
10 (IDNOG01) Introduction about ICANN by Champika Wijayatunga
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-ware
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
 
Cybersecurity by the numbers
Cybersecurity by the numbersCybersecurity by the numbers
Cybersecurity by the numbers
 
Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...
Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...
Yi-Lang Tsai - Cyber Security, Threat Hunting and Defence Challenge in Taiwan...
 
Internet Identifier SSR
Internet Identifier SSRInternet Identifier SSR
Internet Identifier SSR
 
Cervone uof t - nist framework (1)
Cervone   uof t - nist framework (1)Cervone   uof t - nist framework (1)
Cervone uof t - nist framework (1)
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective a
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
 
WHOIS Database for Incident Response & Handling
WHOIS Database for Incident Response & HandlingWHOIS Database for Incident Response & Handling
WHOIS Database for Incident Response & Handling
 
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveCybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
 
Network security
Network securityNetwork security
Network security
 
Ccna sec 01
Ccna sec 01Ccna sec 01
Ccna sec 01
 
Cybersecurity Risk from User Perspective
Cybersecurity Risk from User PerspectiveCybersecurity Risk from User Perspective
Cybersecurity Risk from User Perspective
 
Scottish Rite Security Presentation.pptx
Scottish Rite Security Presentation.pptxScottish Rite Security Presentation.pptx
Scottish Rite Security Presentation.pptx
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptx
 
ARM 7: ICANN - Security, stability and resilience of the Internet
ARM 7: ICANN - Security, stability and resilience  of the InternetARM 7: ICANN - Security, stability and resilience  of the Internet
ARM 7: ICANN - Security, stability and resilience of the Internet
 

More from Bangladesh Network Operators Group

Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and CephAccelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and CephBangladesh Network Operators Group
 
Contents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User ExperienceContents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User ExperienceBangladesh Network Operators Group
 
Re-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with GrafanaRe-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with GrafanaBangladesh Network Operators Group
 

More from Bangladesh Network Operators Group (20)

Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and CephAccelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
 
Recent IRR changes by Yoshinobu Matsuzaki, IIJ
Recent IRR changes by Yoshinobu Matsuzaki, IIJRecent IRR changes by Yoshinobu Matsuzaki, IIJ
Recent IRR changes by Yoshinobu Matsuzaki, IIJ
 
Fact Sheets : Network Status in Bangladesh
Fact Sheets : Network Status in BangladeshFact Sheets : Network Status in Bangladesh
Fact Sheets : Network Status in Bangladesh
 
AI Driven Wi-Fi for the Bottom of the Pyramid
AI Driven Wi-Fi for the Bottom of the PyramidAI Driven Wi-Fi for the Bottom of the Pyramid
AI Driven Wi-Fi for the Bottom of the Pyramid
 
IPv6 Security Overview by QS Tahmeed, APNIC RCT
IPv6 Security Overview by QS Tahmeed, APNIC RCTIPv6 Security Overview by QS Tahmeed, APNIC RCT
IPv6 Security Overview by QS Tahmeed, APNIC RCT
 
Network eWaste : Community role to manage end of life Product
Network eWaste : Community role to manage end of life ProductNetwork eWaste : Community role to manage end of life Product
Network eWaste : Community role to manage end of life Product
 
A plenarily integrated SIEM solution and it’s Deployment
A plenarily integrated SIEM solution and it’s DeploymentA plenarily integrated SIEM solution and it’s Deployment
A plenarily integrated SIEM solution and it’s Deployment
 
IPv6 Deployment in South Asia 2022
IPv6 Deployment in South Asia  2022IPv6 Deployment in South Asia  2022
IPv6 Deployment in South Asia 2022
 
Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)
 
RPKI Deployment Status in Bangladesh
RPKI Deployment Status in BangladeshRPKI Deployment Status in Bangladesh
RPKI Deployment Status in Bangladesh
 
An Overview about open UDP Services
An Overview about open UDP ServicesAn Overview about open UDP Services
An Overview about open UDP Services
 
12 Years in DNS Security As a Defender
12 Years in DNS Security As a Defender12 Years in DNS Security As a Defender
12 Years in DNS Security As a Defender
 
Contents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User ExperienceContents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User Experience
 
BdNOG-20220625-MT-v6.0.pptx
BdNOG-20220625-MT-v6.0.pptxBdNOG-20220625-MT-v6.0.pptx
BdNOG-20220625-MT-v6.0.pptx
 
Route Leak Prevension with BGP Community
Route Leak Prevension with BGP CommunityRoute Leak Prevension with BGP Community
Route Leak Prevension with BGP Community
 
Tale of a New Bangladeshi NIX
Tale of a New Bangladeshi NIXTale of a New Bangladeshi NIX
Tale of a New Bangladeshi NIX
 
MANRS for Network Operators
MANRS for Network OperatorsMANRS for Network Operators
MANRS for Network Operators
 
Re-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with GrafanaRe-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with Grafana
 
RPKI ROA updates
RPKI ROA updatesRPKI ROA updates
RPKI ROA updates
 
Blockchain Demystified
Blockchain DemystifiedBlockchain Demystified
Blockchain Demystified
 

Recently uploaded

Information Technology Project to Create a Business
Information Technology Project to Create a BusinessInformation Technology Project to Create a Business
Information Technology Project to Create a Businessmbowl010
 
ConFoo 2024 - Sylius 2.0, top-notch eCommerce for customizable solution
ConFoo 2024 - Sylius 2.0, top-notch eCommerce for customizable solutionConFoo 2024 - Sylius 2.0, top-notch eCommerce for customizable solution
ConFoo 2024 - Sylius 2.0, top-notch eCommerce for customizable solutionŁukasz Chruściel
 
Biometrics Technology Intresting PPT
Biometrics Technology Intresting PPTBiometrics Technology Intresting PPT
Biometrics Technology Intresting PPTPraveenKumarThota7
 
Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...
Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...
Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...Prometix Pty Ltd
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonAPNIC
 
WAN-IFRA: World Press Trends Outlook 2023-2024
WAN-IFRA: World Press Trends Outlook 2023-2024WAN-IFRA: World Press Trends Outlook 2023-2024
WAN-IFRA: World Press Trends Outlook 2023-2024Damian Radcliffe
 
Seagate HDD Firmware Repair Tool Datasheet 2024
Seagate HDD Firmware Repair Tool Datasheet 2024Seagate HDD Firmware Repair Tool Datasheet 2024
Seagate HDD Firmware Repair Tool Datasheet 2024Dolphin Data Lab
 
Reactive programming with Spring Webflux.pptx
Reactive programming with Spring Webflux.pptxReactive programming with Spring Webflux.pptx
Reactive programming with Spring Webflux.pptxJoão Esperancinha
 
ConFoo 2024 - Need for Speed: Removing speed bumps in API Projects
ConFoo 2024  - Need for Speed: Removing speed bumps in API ProjectsConFoo 2024  - Need for Speed: Removing speed bumps in API Projects
ConFoo 2024 - Need for Speed: Removing speed bumps in API ProjectsŁukasz Chruściel
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonAPNIC
 

Recently uploaded (10)

Information Technology Project to Create a Business
Information Technology Project to Create a BusinessInformation Technology Project to Create a Business
Information Technology Project to Create a Business
 
ConFoo 2024 - Sylius 2.0, top-notch eCommerce for customizable solution
ConFoo 2024 - Sylius 2.0, top-notch eCommerce for customizable solutionConFoo 2024 - Sylius 2.0, top-notch eCommerce for customizable solution
ConFoo 2024 - Sylius 2.0, top-notch eCommerce for customizable solution
 
Biometrics Technology Intresting PPT
Biometrics Technology Intresting PPTBiometrics Technology Intresting PPT
Biometrics Technology Intresting PPT
 
Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...
Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...
Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 
WAN-IFRA: World Press Trends Outlook 2023-2024
WAN-IFRA: World Press Trends Outlook 2023-2024WAN-IFRA: World Press Trends Outlook 2023-2024
WAN-IFRA: World Press Trends Outlook 2023-2024
 
Seagate HDD Firmware Repair Tool Datasheet 2024
Seagate HDD Firmware Repair Tool Datasheet 2024Seagate HDD Firmware Repair Tool Datasheet 2024
Seagate HDD Firmware Repair Tool Datasheet 2024
 
Reactive programming with Spring Webflux.pptx
Reactive programming with Spring Webflux.pptxReactive programming with Spring Webflux.pptx
Reactive programming with Spring Webflux.pptx
 
ConFoo 2024 - Need for Speed: Removing speed bumps in API Projects
ConFoo 2024  - Need for Speed: Removing speed bumps in API ProjectsConFoo 2024  - Need for Speed: Removing speed bumps in API Projects
ConFoo 2024 - Need for Speed: Removing speed bumps in API Projects
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 

ICANN Security, Stability and Resiliency Plans & Framework

  • 1. ! Champika Wijayatunga! bdNOG – Bangladesh, 24 May 2014! Identifier Systems Security Stability and Resiliency (ISSSR)!
  • 2. 2 ICANN  is  a  global  organiza0on  that  coordinates  the   Internet’s  unique  iden0fier  systems  for  worldwide  public   benefit,  enabling  a  single  interoperable  Internet.  
  • 3. 3
  • 4. Framework  Defini.ons     •  Security  –  the  capacity  to  protect  and  prevent   misuse  of  Internet  unique  iden.fiers.   •  Stability  –  the  capacity  to  ensure  that  the  system   operates  as  expected,  and  that  users  of  the  unique   iden.fiers  have  confidence  that  the  system  operates   as  expected.     •  Resiliency  –  the  capacity  of  the  unique  iden.fier   system  to  effec.vely  withstand/tolerate/survive   malicious  aBacks  and  other  disrup.ve  events   without  disrup.on  or  cessa.on  of  service.    
  • 5. The  Challenge   •  Misuse  of  and  aBacks  against  the  DNS  and  global   networks  challenge  overall  unique  iden.fier  security   –  Affect  the  broad  range  of  users,  individuals,  businesses,   civil  society  and  governments   •  Security  in  the  context  of  the  Internet's  unique   iden.fiers  should  be  addressed  through  a  healthy   Internet  ecosystem.     –  an  Internet  that  is  sustainable  or  healthy,  stable  and   resilient   5  
  • 6. Coordina.on  &  Collabora.on   •  Generic  Top  Level  Domain  Operators  (gTLDs)   –  .com,  .net,  .org  etc.   •  Country  Code  Top  Level  Domain  Operators  (ccTLDs)   –  .bd,  .in,  .sg  etc.   •  CERTs   •  Regional  Internet  Registries  (RIRs)   •  Governments  /  Law  Enforcement   •  Interna.onal  Organisa.ons   •  Research  Organisa.ons  /  Experts   •  Etc.   6  
  • 7. 7 ! Func.onal  Areas   Threat  Awareness   and    Preparedness   Trust-­‐based   Collabora.on   Iden.fier  SSR  Analy.cs   Capability  Building   Iden.fier   Systems  SSR  
  • 8. Iden.fier  Systems  Threat  Awareness   •  Exchange  of  threat  intelligence   rela.ng  to  security  events  of   global  nature  involving  iden.fier   systems   •  Par.cipa.on  in  response  to   threats  or  aBacks  against   iden.fier  systems,  see     hBps://www.icann.org/en/about/staff/security/ vulnerability-­‐disclosure-­‐05aug13-­‐en.pdf     Threat   Awareness  and   Response   Threat   Intelligence   • Trust  networks   Coordinated   Response   • Vulnerability   Disclosure   • Facilita.on  
  • 9. •  Ac.ve  engagement  with  global   actors  who  monitor  DNS  health  or   iden.fy  imminent  threats   •  DNS  vulnerability  iden.fica.on,   repor.ng,  and  resolu.on   •  Examples   –  Conficker   –  ABacks  against  ccTLDs,  registrars   –  Root  system  DDoS  (Anonymous)     Threat  awareness   and  response  
  • 10. Iden.fier  SSR  Analy.cs   •  Projects  in  infancy     •  Develop  metrics  and  analy.cs  for   iden.fier  systems,  e.g.,     –  Root  system  measurements,  analysis   –  Analysis  of  DNS  or  registra.on  abuse  or   misuse     –  Crea.ve  uses  of  DNS  data   Iden.fier  SSR   Analy.cs   Metrics   •   “CVEs”   • Root   System   analy.cs   • Incidents  
  • 11. Trust-­‐based  Collabora.on   •  Global  Cybersecurity  coopera.on   –  Coordinate  engagement  through  ICANN     Global  Stakeholder  Engagement   –  Coordinate  cybersecurity  message  with   Global  Stakeholder  Engagement   •  Global  Security  &  Opera.ons   –  Daily  interac.on  on  DNS  abuse/misuse   maBers  with  first  responders,  law   enforcement,  operators   –  Coopera.on  with  DNS  research  ac.vi.es         •  Examples   –  Engage  with  registrars  and  repor.ng  par.es   to  mi.gate  DNS  abuse/misuse   –  Lend  subject  maBer  exper.se  during   incident  response   Trust-­‐based   Collabora.on   Global  SecOps   •  An.Phishing   •  An.spam   •  An.crime   •  Opera.ons   Research   Global  CyberSec   •  CCI   •  OECD  
  • 12. Capability  Building   •  DNS  training   –  Security,  opera.ons,  and  DNSSEC   deployment  training  for  TLD  registry   operators   –  Informa.on  gathering  to  iden.fy  DNS   abuse/misuse     –  Delivered  by  contracted  par.es,  ICANN   staff  (digital  delivery  under  study)   •  Knowledge  Transfer   –  Exchange  of  informa.on  gathering  or   inves.ga.ng  techniques   Capability   Building   DNS  Training   •  Security   •  OAM   •  Abuse/ Misuse   Knowledge   Transfer   •  Europol   •  Interpol   •  RIRs  
  • 13. TLD  Registry  Training  2013   One  or  more   registry  staff   have  aBended   from  countries   in  blue    
  • 14. DNS  Abuse/Misuse  Training  2013   One  or  more   agents  or  staff   have  aBended   from  countries   in  blue    
  • 15. 15