Hardening The Internet: Difference between revisions

From Cybersecurity Wiki
Jump to navigation Jump to search
Line 48: Line 48:
   Recommendation Area I   
   Recommendation Area I   
   Adoption of Security Best Practices  
   Adoption of Security Best Practices  
     1a: Measuring Best Practice Adoption   
     1A: Measuring Best Practice Adoption   
     1b: Route And Packet Filtering   
     1B: Route And Packet Filtering   
   Awareness of Security Best Practices  
   Awareness of Security Best Practices  
     1c: End-User or General Public Education   
     1C: End-User or General Public Education   
     1d: Industry Continuing Education   
     1D: Industry Continuing Education   
   Recommendation Area II  
   Recommendation Area II  
     2a: Routing Registries for Securing Inter-Domain Routing   
     2A: Routing Registries for Securing Inter-Domain Routing   
     2b: Scalable Management and Anomaly Detection Tools   
     2B: Scalable Management and Anomaly Detection Tools   
     2c: Forensics at High Data Rates  
     2C: Forensics at High Data Rates  
     2d: Scalable Vulnerability and Flow Analysis  
     2D: Scalable Vulnerability and Flow Analysis  
   Recommendation Area III  
   Recommendation Area III  
     3a: Empowering Internet Service Providers  
     3A: Empowering Internet Service Providers  
     3b: Enhancement of Online Law Enforcement
     3B: Enhancement of Online Law Enforcement
  Appendix A: Organizational Resources
  Appendix A: Organizational Resources
  Appendix B: Documents and Research Papers
  Appendix B: Documents and Research Papers

Revision as of 14:28, 30 July 2010

Full Title of Reference

Hardening The Internet : Final Report and Recommendations by the Council

Full Citation

Nat'l Infrastructure Advisory Council, Hardening The Internet (2004). Web AltWeb

BibTeX

Categorization

Key Words

Best Practices, Department of Homeland Security, Research & Development

Synopsis

The Council’s report focuses its recommendations in the following three areas:

1) Near-term Approaches: Encouraging the adoption of Best Current Practices as the most effective approach to harden existing defenses against attack. The Council centers these recommendations on education and awareness initiatives and research into the adoption of BCPs;

2) Long-term Approaches: With sufficient time for research and development, additional work on core Internet protocols can be used to harden the Internet and associated networks and devices against malicious attacks. The Council centers these recommendations on more robust research and development;

3) Empowerment: In the near and long term, Internet Service Providers (ISPs) and law enforcement agencies need on-going capabilities to investigate suspicious activity, prosecute cyber criminals, and harden their core operations. The Council centers these recommendations for empowering ISPs and law enforcement agencies on research and policy issues.


Additional Notes and Highlights

Expertise Required: Technology - High

For a list of Best Current Practices, see the National Reliability and Interoperability Council’s Best Practices Selector at http://www.bell-labs.com/cgiuser/krauscher/bestp.pl

For another working group's report from the same day see Prioritizing Cyber Vulnerabilities at http://www.dhs.gov/xlibrary/assets/niac/NIAC_CyberVulnerabilitiesPaper_Feb05.pdf


Outline:

Acknowledgements 
Executive Summary
Background
 Recommendation Area I 
  Recommendations: Adoption of Security Best Practices 
  Recommendations: Awareness of Security Best Practices  
 Recommendation Area II
  Recommendations: Research and Development 
 Recommendation Area III 
  Recommendations: Empowering Service Providers and Law Enforcement  
Section 2 – Recommendation Discussion
 Recommendation Area I  
  Adoption of Security Best Practices 
   1A: Measuring Best Practice Adoption  
   1B: Route And Packet Filtering  
  Awareness of Security Best Practices 
   1C: End-User or General Public Education  
   1D: Industry Continuing Education  
 Recommendation Area II 
   2A: Routing Registries for Securing Inter-Domain Routing  
   2B: Scalable Management and Anomaly Detection Tools  
   2C: Forensics at High Data Rates 
   2D: Scalable Vulnerability and Flow Analysis 
 Recommendation Area III 
   3A: Empowering Internet Service Providers 
   3B: Enhancement of Online Law Enforcement
Appendix A: Organizational Resources
Appendix B: Documents and Research Papers