Presentation on theme: "EACO ICT Conference on Broadband Access for All in East Africa"— Presentation transcript:
1ICT Environment: Internet Architecture, Growth, Governance and Security Overview EACO ICT Conference on Broadband Access for All in East Africa15 – 17 April, Kampala, Uganda.Michuki MwangiRegional Development Manager for Africa
21. Internet Architecture: The Internet Principles, Resources, Open Standards and Capacity Building
3What is your current understanding of the Internet?
4Founding Internet Principles Open & InteroperableThe Internet is fundamentally based on the existence of open, non- proprietary standards.They are key to allowing devices, services, and applications to work together across a wide and dispersed network of networks.The Internets open nature is one of its key founding principlesDecentralized ArchitectureThe edge-dominant end-to-end architecture of the Internet is essential to its utility as a platform for innovation, creativity, and economic opportunity.The decentralized architecture maximizes individual users’ power to choose (or create) and use the hardware, software, and services that best meet their needs.If the Internet is to continue to be a platform for innovation and creativity, its open, decentralized nature must be preserved.CITMC-4, Khartoum 2012
5Internet Architecture: Shared Global Resources and Infrastructure
6Shared Global Resources IP AddressesThe fundamental identifier on the Internet is an Internet Protocol (IP) AddressEach Host connected on the Internet has a unique IP Address (IPv4 or IPv6) -Inter device communication on the Internet is oblivious of namesAS NumbersAutonomous System Numbers (ASNs) are globally unique numbers.ASNs are used to identify a network under a single administrative control and routing policyService Names and Port NumbersAre used to distinguish between different services that run over transport control protocols such as TCP, UDP, SCTP, etc
7Shared Global Infrastructure DNSDomain Name System (DNS) provides a hierarchical, scalable distributed lookup system that translates “easy to remember” names to IP addressesIXPInternet Exchange Points (IXPs) provide physical infrastructure that allow network operators to exchange Internet traffic between their networks by means of mutual peering agreementsNTPNetwork Time Protocol (NTP) is a networking protocol for clock synchronization between computer systemsNTP uses a hierarchical, semi-layered system levels of clock sources.
9Open Standards Definition Importance Open Standard Organizations Open Standards refer to standards that are publicly available and has various rights to use associated with it.In most cases, Open Standards are developed through open and transparent processes that aim to draw consensus from the stakeholders.ImportanceOpen standards ensure the compatibility and interoperability on the InternetThis feature is import for the continued growth and evolution of the InternetOpen Standard OrganizationsThere are a number of organizations that focus on Open StandardsOn the Internet there are many standard organizations that play a role to name but a few IETF, ITU-T, W3C, IEEE, ETSI, etc
10The IETF : Rough Consensus and Running Code StructureThe Internet Engineering Task Force (IETF) is a international community of individual volunteers (network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet.IETF work is organized in 8 Areas headed by Area Director(s) (ADs)There are multiple Working Groups (WGs) within each Area. Each WG is headed by a WG Chair(s) and are defined by a charterParticipationIt is open to any interested individual and has no formal membership or membership feeParticipation is by joining any WG’s mailing list and contributing to the online discussionsThere are 3 face-to-face meetings held annually in different regionsStandards ProcessThe IETF standard documents are referred to as RFC’s or Request for CommentsNot all RFC’s are standards some are information known as Best Current Practice (BCPs)Any individual can submit a “proposed standard” known as an “draft”When a draft is shown to be interoperable and widely deployed it is given the “Internet Standard” status or RFC.A new standard can obsolete an older Internet Standard
12Capacity Building NRENs Internet Community National Research and Education Networks (NRENs), Academic institutions play a critical role in educating students and business people.They also prototype and demonstrate hardware and software solutions that benefit the InternetInternet CommunityMany Internet organizations and businesses encourage, train, and invest in Internet education and capacity buildingNot-for-Profit organizations such as the RIRs, regional and national network operators groups (NOGs) , and the Network Startup Resource Centre (NSRC) and Internet Society (ISOC), ITSO, continue to provide free training for Internet engineers globally and in region.Commercial vendors such as Afilias Limited, Alcatel-Lucent, Cisco, IBM, and Microsoft have established various models for imparting knowledge and training experts in their respective products.
14Internet Governance“Internet governance is the development and application by Governments, the private sector and civil society, in their respective roles, of shared principles, norms, rules, decision-making procedures, and programs that shape the evolution and use of the Internet.” – WGIG
16The Internet ModelThe Internet is successful in large part due to its unique model: shared global ownership, development based on open standards, and freely accessible processes for technology and policy development. The Internet’s unprecedented success continues to thrive because the Internet model is open, transparent, and collaborative. The model relies on processes and products that are local, bottom-up, and accessible to users around the world.
17Internet Model… describes the common set of operating values — such as open standards, freely accessible processes, transparent governance — shared among many of the key communities and organisations that have been central to the development and ongoing evolution of the Internet.
19Multi-stakeholder Partnership Alliances between parties drawn from government, business and civil society that strategically aggregate the resources and competencies of each to resolve the key challenges (of a selected issue), and which are founded on principles of shared risk, cost and mutual benefit. [http://www.unmsp.org]
20Multi-stakeholder Partnership Structures & FrameworksLoose partnerships for exchange of knowledgeFormal structures (Legal Entity)CompositionMSPs are comprised of global, regional and local stakeholdersThey include civil society, technical experts, policy makers, industry representative, academia, end-users, etcRolesThe different stakeholders bring unique value to the multi-stakeholder processFinding the right balance and platform is important for meaningful engagement at the local level.Local Internet development and growth depends upon the cooperation of ALL stakeholders
22Policy Development in MSP Environment National Policy DevelopmentNational multi-stakeholder Internet policy development platforms are important for developing effective and development conscious national policiesThe national platforms are instrumental in developing national positions needed for regional and international policy obligationsRegional Policy DevelopmentEngaging with and participating at regional Governmental and Internet policy development organizations meetings is valuable for developing cross-border common positionsRegional policy forums include Regional Economic Communities, Regional Regulatory Associations, AUC, ATU, RIR meetings, Network Operators Groups (NOGs), ITU-SGs, etcGlobal Policy DevelopmentEngaging with and participating at global policy forums is important to ensure that the interests of the country and region are considered at the global level.Global policy forums include IGF, ITU, ICANN, OECD, etc
24Challenges to the Internet ScalingEnsuring that continued global addressing and the routing infrastructure can keep up with growth.Supporting the diverse uses and expectations of applications, services, cultures, and industries that the Internet supports.TrustThe Internet must provide channels for secure, reliable, private, communication between entities, which can be clearly authenticated in a mutually understood manner.The mechanisms that provide this level of assurance must support both the end-to- end nature of Internet architecture and reasonable means for entities to manage and protect their own identity details.Multi-lingulismContent - Attaining a critical mass of content in a given language is essential to attracting new and existing Internet users.Tools and standards - Measures to ensure that use of a language online is not impeded by technology (or lack thereof).Capacity building - It is easy to underestimate the degree to which capacity building is essential to enabling a sustainable multilingual presence on the Internet.
25Future of the Internet Scenario 1: Common Pool Positive “generative” and “distributed & decentralised” properties.Opportunity and growth abound, with no insurmountable barriers to entry for those wishing to take part.Constant evolution and features a healthy ecosystem of interlinked network operators, developers, infrastructure providers, resource management organisations, etc.The “win” for the Internet is that it remains able to react and respond to new requirements.Scenario 2: Boutique NetworksEnvisions a future in which political, regional and large enterprise interests fail to maximise the social and economic potential of a shared, global set of richly connected networks (the Internet)It carries the weight of self-interest brought by factions seeking to optimise control in small sectors (political and otherwise).It also suggests these fractionalised networks will continue to leverage the benefits of existing Internet standards and technology.Each proprietary provider draws as much as possible from the common pool while giving little back.Scenario 3: Moats and DrawbridgesSuggests the world of the Internet would be heavily centralised, dominated by a few big players with their own rules in “big-boys’ clubs.”Conflicts would be resolved through negotiation, not competition.There would likely be strong regulation as governments seek to impose some public interest obligations and perhaps even controls on the equipment users can connect to the network.Much content would be proprietary and protected by strong intellectual property rights.Governments would control the behaviour of networks and network users through legal mechanisms and sanctions.All players would have close political links to their mutual benefit.
26What is your understanding of the Internet thus far?
272. Internet Growth and Impact: Developing Countries Online and Upcoming
28Africa Internet Statistics Penetration167 Million Internet and 51 Million Facebook users in Africa29 Internet Exchange Points in 21 African countries exchanging an aggregate of 12GbpsBy July 2012, Africa’s total inventory of terrestrial transmission networks reached 732,662-km313m people were within reach of a fiber node and expected to reach 50% of population with completion of planned projects by 2015Over 50% of African have mobile phonesIn East Africa over 350,000 Kenyans have low end smart phonesSource:
29Impact Economic Innovation E-Government Internet Ecosystem Internet contributes an average 1.9 percent of GDP in aspiring countries— $366 billion in 2010 (Mckinsey.com)InnovationEntrepreneurship in Content, Financial and Back-office servicesMobile Apps and innovation hubs are contributing to Agricultural, health and education developmentE-GovernmentEfficient revenue collection and managementEnhancing Service deliveryInternet EcosystemPolicy and regulatory reforms are enabling the growth of the Internet ecosystem at both local and regional levels.
30Opportunities Infrastructure Content & E-Services Development of Carrier Neutral Data Centers Africa has only 84,000 square meters of raised floor capacity (39% of London’s capacity as at 2011)Investments in the last mile infrastructure. Africa’s last mile technology is largely based on wireless technologyLack of competition on cross-border interconnection contributes to the high cost of regional interconnectionContent & E-ServicesE-Government Services are nascentResearch and Education content is underdevelopedCoordinate efforts to find a standardized solution for M-health implementationE-commerce is largely dependent on the implementation of enabling frameworks
32Cyber Security Definition Background & Historical Incidents Cybercrime is a crime committed using a computer or network or hardware device where the computer, network or device may be the agent, facilitator or target of the crime. (Norton Symantec)Background & Historical IncidentsReports of cybercrime date back to 1971 with the “blue box”The first Computer Emergency Response Team (CERT) was created in 1987In 1995, Mitnick was arrested for breaking into various computers and downloading 20,000 credit card numbers or downloading proprietary software as a kind of trophy to prove that his hack was successful.In 1998 Robert T. Morris, Jr., graduate student at Cornell University and son of a chief scientist at the NSA, launches a self-replicating worm (the Morris Worm) on the government's ARPAnet (precursor to the Internet). The worm gets out of hand and spreads to over 6000 networked computers, clogging government and university systems. Morris is dismissed from Cornell, sentenced to three years' probation, and fined $10K. In 2000 the "I Love You" virus spreads quickly by causing copies of itself to be sent to all individuals on the affected computer’s address book (by attaching VBScript executable code to s) (May).
33Cyber Security Statistics DOS and DDOS1,875 DDOS attacks Daily (Arbor Networks)Over 80% of the DDOS attacks are over HTTP floodDNS DDOs are the least popularSPAMIn Feb 2013 proportion of spam in s grew by 12.8%Spam accounted for 71.1% of s by Feb 2013DefacementsIn 2010 there were 1.5 Million defacementsMost defacements are as a result of well known vulnerabilitiesPhishing93,463 unique Phishing attacks in 1st half of 2012Attacks involved 202 Top Level domains
35In 2012 Total cost = $110BNAverage cost per victim = $197(source: Norton 2012 Cybercrime report)
36CERTs in Combating Cyber-Crime The Internet SocietyMarch 31, 2017CERTs in Combating Cyber-CrimeDefinition:It is an organization or team that provides, to a defined constituency, services and support for both preventing and responding to computer security incidentsTypes of CERTSGovernment CERT (Military, Police, Finance, etc)Industry Specific CERT (ISPs, Banks, etc)Academic CERTCERT ServicesReactiveIncident coordination and ReportingVulnerability Analysis and ReportingArtifact HandlingAwareness and Capacity BuildingProactiveSecurity Audits and AssessmentsDevelopment of Security toolsIntrusion detection and Penetration testing Services
37CERT Strategies to Cybercrime TechnologyImplementation of new technology features to enhance security such as DNSSEC, PKI and IP SecurityContinued monitoring of networks and analysis of incident reportsCollaborationStakeholder collaboration at both national, regional and global levels is key to dealing with incidentsCapacity BuildingCapacity building help build the technical expertise needed to deal with cybercrimeInformation sharing provides critical knowledge on implementation of best practices and solutions
38National CERT Objective Function Serve as a trusted Point of Contact Develop an infrastructure for coordinating responses to computer and network security incidents within a countryFunctionDevelop the capacity to support incident reporting across a broad spectrum of sectors within a nations boardersConduct incident, vulnerability and artifact analysis to;Disseminate information about reported vulnerabilities and corresponding response strategiesShare knowledge and relevant mitigation strategies with appropriate stakeholders and partners
39Regional CERT Objective Functions Promote coordination and collaboration between National CERTS in a regionAssist with the development CERT programs and activities in a regionFunctionsDevelop and share technical information, tools, methodologies, processes and best practicesEncourages and promotes the development of security policiesProvides technical assistance in the establishment of nation Incident Response Teams
40AfricaCERT Mission Statement Services AfricaCERT is the African forum of computer incident response teams who cooperatively handles computer security incidents and promotes incident prevention programs.ServicesAnnouncements, Alerts and warningsIncident Response CoordinationConsultancy and TrainingContact Information