Presentation is loading. Please wait.

Presentation is loading. Please wait.

DNS Security and Stability Analysis Working Group (DSSA)

Published byAvery Hoffman Modified over 10 years ago

Similar presentations

Presentation on theme: "DNS Security and Stability Analysis Working Group (DSSA)"— Presentation transcript:

1 DNS Security and Stability Analysis Working Group (DSSA)
DSSA Update Toronto – October, 2012

2 DSSA DNS Security and Stability Analysis working group Thursday, 18-October: 11:15-12:45 Harbour C Details:  Framework Context Education, Training, Awareness Standards, Tools, Techniques Risk Planning Glue Regional or segment focus Constituencies Edge (internal) Within the organization Core Ecosystem-wide Collaborative Risk Assessment Governance Steering Coordination Sharing Delivery Doing Security Management/Leadership Operational & Technical Practices and Controls Research & Analysis Event Monitoring Technology Selection, Deployment & Management Compliance Monitoring Incident Response Edge (external) Cross-organizational Scenarios 2

3 Background At their meetings during the ICANN Brussels meeting the At-Large Advisory Committee (ALAC), the Country Code Names Supporting Organization (ccNSO), the Generic Names Supporting Organization (GNSO), the Governmental Advisory Committee (GAC), and the Number Resource Organization (NROs)…   acknowledged the need for a better understanding of the security and stability of the global domain name system (DNS). This is considered to be of common interest to the participating Supporting Organisations (SOs), Advisory Committees (ACs) and others, and should be preferably undertaken in a collaborative effort. 3

4 The DSSA has: Established a cross-constituency working group
Clarified the scope of the effort Developed a protocol to handle confidential information Built a risk-assessment framework Developed risk scenarios Documented this work in a report

5 Still to come (if needed)
Since Prague: Refined and consolidated Launched public-comment cycle Refine the methodology Introduce the framework to a broader audience Complete the risk assessment Still to come (if needed) Go through these quickly as well -- this is the second half of the "Here's what we'll be talking about" introduction

6 Methodology 6

7 Risk Scenarios This is an introductory slide – each scenario follows, so don’t stay here long. If you have time – highlight the axes of the diagram “core to edge” in the vertical dimension, “long term to immediate” in the horizontal. The five scenarios are placed in both dimensions. 7

8 Roles and context 8 Research & Analysis Standards, Tools, Techniques
Edge (internal) Within the organization Security Management/Leadership Edge (external) Cross-organizational Education, Training, Awareness Glue Regional or segment focus Constituencies Risk Planning Core Ecosystem-wide Collaborative Risk Assessment Technology Selection, Deployment & Management Governance Steering Coordination Sharing Compliance Monitoring Operational & Technical Practices and Controls Delivery Doing Event Monitoring Incident Response 8

9 Question: Who is doing what?
Backend registry providers ICANN Security Team ICANN SOs and ACs ccTLD registries IETF ISOC CERTs ISPs DNRMF Network Operator Groups DNS-OARC ENISA FIRST NRO gTLD registries RSAC SSAC IANA And ??? Research & Analysis Standards, Tools, Techniques Edge (internal) Within the organization Security Management/Leadership Edge (external) Cross-organizational Education, Training, Awareness Glue Regional or segment focus Constituencies Risk Planning Core Ecosystem-wide Collaborative Risk Assessment Technology Selection, Deployment & Management Governance Steering Coordination Sharing Here is an even broader view – the SSR ecosystem. This includes risk management, but also risk mitigation Highlight the number of organizations that have roles, responsibilities, accountability and authority in this framework Compliance Monitoring Operational & Technical Practices and Controls Delivery Doing Event Monitoring Incident Response 9

10 Approach: a data-gathering worksheet
Goal: complete the map of DNS SSR functions and participants for our report – and provide a foundation for a “gaps and overlaps” analysis

11 Approach: Coordinate DSSA and DNSRMF
Our charter points us at the “Risk Assessment” subset of a larger Risk Management Framework 11

12 Refine and consolidate Gather comments and feedback
Launch the Risk Mgmt. function Toronto Beijing ID roles – gaps & overlaps Revise report and obtain AC/SO endorsement Determine whether separate DSSA risk-assessment effort is needed Public comment (focus/scope: ICANN the community) DSSA Obtain community feedback and incorporate those suggestions into the RM framework Establish community-based portion of RM launch project Align/Integrate DNSRMF and DSSA findings/methods/leadership This is the “Where Are We Going?” slide – there just wasn’t room for a title, sorry about that. Joint effort Select DNS risk-management framework consultant and launch DNSRMF project Complete DNS risk-management framework Launch the project to establish the RM function and complete one “cycle” DNSRMF (focus/scope: ICANN the org) 12

13 https://community.icann.org/x/4AB5
How you can help Comment on our Phase I report Fill out one of our “Gaps & Overlaps” worksheets Comment on our plans going forward 13

Download ppt "DNS Security and Stability Analysis Working Group (DSSA)"

Similar presentations

Evaluation at NRCan: Information for Program Managers Strategic Evaluation Division Science & Policy Integration July 2012.

Evaluation at NRCan: Information for Program Managers Strategic Evaluation Division Science & Policy Integration July 2012.
ICANN Report Presented by: Dr Paul Twomey CEO and President LACNIC, Montevideo 31 March 2004.

ICANN Report Presented by: Dr Paul Twomey CEO and President LACNIC, Montevideo 31 March 2004.
Prepared by Corporate Affairs September 2007 1 ICANN Update AfriNIC9 26 November 2008 Pointe aux Piments, Mauritius Anne-Rachel Inné ICANN.

Prepared by Corporate Affairs September ICANN Update AfriNIC9 26 November 2008 Pointe aux Piments, Mauritius Anne-Rachel Inné ICANN.
1 ICANNs Contractual Compliance Program David Giza, Senior Director, Contractual Compliance Stacy Burnette, Director, Contractual Compliance ICANN Policy.

1 ICANNs Contractual Compliance Program David Giza, Senior Director, Contractual Compliance Stacy Burnette, Director, Contractual Compliance ICANN Policy.
ICANN Plan for Enhancing Internet Security, Stability and Resiliency.

ICANN Plan for Enhancing Internet Security, Stability and Resiliency.
The At-Large Advisory Committee (ALAC) An Introduction by Dr. Olivier MJ Crépin-Leblond ALAC Chair.

The At-Large Advisory Committee (ALAC) An Introduction by Dr. Olivier MJ Crépin-Leblond ALAC Chair.
Briefing on the Draft FY11 Operating Plan and Budget Kevin Wilson, CFO 1.

Briefing on the Draft FY11 Operating Plan and Budget Kevin Wilson, CFO 1.
Stability, Security, and Resilience Review Team Report October 2011 Alejandro Pisanty.

Stability, Security, and Resilience Review Team Report October 2011 Alejandro Pisanty.
IDN Variant Issues Project (VIP) Project Update and Next Steps 11 April 2012.

IDN Variant Issues Project (VIP) Project Update and Next Steps 11 April 2012.
DNS Security and Stability Analysis Working Group (DSSA) DSSA Update Prague – June, 2012.

DNS Security and Stability Analysis Working Group (DSSA) DSSA Update Prague – June, 2012.
11 Scaling Up World Bank Group Engagement with Civil Society: A Strategic Priorities Paper Civil Society Team EXTIA.

11 Scaling Up World Bank Group Engagement with Civil Society: A Strategic Priorities Paper Civil Society Team EXTIA.
The Role of Governments Caribbean Telecommunications Union Ministerial Seminar May 29, 2012 Heather Dryden Chair - Governmental Advisory Committee, ICANN.

The Role of Governments Caribbean Telecommunications Union Ministerial Seminar May 29, 2012 Heather Dryden Chair - Governmental Advisory Committee, ICANN.
Draft Roadmap to Implement SAC 051 Steve Sheng, ICANN 1.

Draft Roadmap to Implement SAC 051 Steve Sheng, ICANN 1.
SAI Performance Measurement Framework

SAI Performance Measurement Framework
Gap Analysis >> Next Steps

Gap Analysis >> Next Steps
The At-Large Advisory Committee (ALAC) An Introduction by Dr. Olivier MJ Crépin-Leblond ALAC Chair.

The At-Large Advisory Committee (ALAC) An Introduction by Dr. Olivier MJ Crépin-Leblond ALAC Chair.
DSSA Update Costa Rica – March, 2012 1. Goals for today Update you on our progress Raise awareness Solicit your input 2.

DSSA Update Costa Rica – March, Goals for today Update you on our progress Raise awareness Solicit your input 2.
ICANN Security and Stability Advisory Committee ICANN Meetings Rio de Janeiro March 26, 2003.

ICANN Security and Stability Advisory Committee ICANN Meetings Rio de Janeiro March 26, 2003.
Internationalized Domain Names Status Report Prepared for: ICANN Meeting, Lisbon 29 March, 2007 Tina Dam IDN Program Director ICANN

Internationalized Domain Names Status Report Prepared for: ICANN Meeting, Lisbon 29 March, 2007 Tina Dam IDN Program Director ICANN
Joint SSR-RT/DSSA meeting DSSA Progress Update Dakar – October 2011.

Joint SSR-RT/DSSA meeting DSSA Progress Update Dakar – October 2011.

Similar presentations

Ads by Google