Strategy to improve Internet Security in Sweden
ITU-T SG 17
Geneva Dec 12, 2006
Christoffer Karsberg
Network Security Department
National Post and Telecom Agency (PTS) christoffer.karsberg@pts.se
04-06-17

Point out important strategic positions and action points
Food for thought to SG17 work with security issues
Incourage other countries to bring forth strategies regarding
Internet robustness
04-06-17

 Strategy to improve Internet security in Sweden,
 including an action plan,
 division of responsibility and
 the management of the strategy.
Delivery July 30, 2006
The strategy in English may be downloaded from: http://www.pts.se/Archive/Documents/EN/Strategy_Internet_ security_2006_12_July_2006.pdf
04-06-17

The aim of the strategy is to facilitate and clarify future work to secure the infrastructure of the Internet in Sweden.
04-06-17

Scope of the Strategy:
The infrastructure used by the Internet
Application level
User's equipment, services, information
IP level (Internet)
Internet operator's network – service to user
Transmission level
Several logical connections for data communications and telecommunications
Cable level
Cables (for example
'optical fibre', copper wire) and antennae
Ducting level
Pipes for cables and masts for antennae
R
R
R
R
04-06-17

The vision is that in ten years the Internet will be secure, rapid and have high accessibility
04-06-17

To secure critical functions in the Internet infrastructure that, if not maintained,
 would cause substantial disruption or interruption and in this way
 impede or prevent the use of the Internet
 for large groups of individual users or for vital public businesses, authorities or organisations.
04-06-17

Why a national strategy for Internet Security?
 Internet is becoming crucial for national society
 Important to have a regional feel and heading for the area
 Several national strategies could constitute building blocks for international strategies
04-06-17

 Society is becoming increasingly dependent on the
Internet
 Society is becoming increasingly vulnerable to IT attacks
 Vulnerabilities in protocols and programs are increasingly being discovered
 Laws, legal proceedings and policies do not keep in pace with developments and globalisation
04-06-17

 Convergence in networks, terminals and services is continuing to increase
 Inadequate security in user environments constitutes an ever-increasing risk
 The competence gap is widening in pace with increased complexity
 Developments in the market involve increased internationalisation
 More wireless networks and services
04-06-17

1.
The physical infrastructure of the Internet should be protected against accidents, disruption, wiretapping and manipulation of information during transmission
2.
Resistance to disruption in the domain name system should be increased
3.
Resistance to disruption to the exchange of traffic between Internet operators should be increased
4.
Users and buyers should be trained and informed to enhance security awareness
04-06-17

5.
The assumption of responsibility for user security should increase among Internet operators and the providers of software and equipment
6.
National awareness of Internet infrastructure should be promoted. This should be done in a broader context regarding information security. The comprehensive approach and coordination of research should be improved
7.
Swedish participation in international fora should be increased.
This should be done in collaboration between the private and public sector
8.
Crisis management regarding the Internet infrastructure should be improved
04-06-17

23 actions/suggestion in total
Within the framework of the strategic positions
04-06-17

Measure 5, 3 and 1, ongoing and planned
Produce recommendations to:
Users AS Content providers
Image courtesy of Computer History Museum
04-06-17

Consequences if Inter-domain routing fails
 ISP network unreachable, customers unable to reach the rest of the Internet
 Larger part of the Internet unreachable
 Traffic could be redirected to wrong network or to a ”black hole”
04-06-17

 Border Gateway Protocol (BGP) is the basis for all routing between Autonomous Systems that makes the Internet
 BGP is highly vulnerable to human errors, as well as a wide range of malicious attacks
 ISPs need improved Best Common Practices and make use of them on a global level
 Threats will increase – serious attacks will happen
 We need a comprehensive security solution!
04-06-17

Measure 2, planned: Promote the use of
DNSSEC in name servers
04-06-17

 The use and dependence of DNS will increase
 DNSSEC is a feasible way to achieve increased trust to the DNS and the Internet as a whole.
 DNSSEC must be implemented in TLDs and Second
Level Domains in the first place
 When this has happened, enterprises, organisations and authorities can get security aware servers for secure address resolving
04-06-17

Measure 11, Suggestion: Provide the Internet operators with a legal possibility to prevent the spreading of harmful traffic
04-06-17

The change of the law would mean that
 ISP:s get a legal possibility to take emergency measures
 in the form of filtering of electronic messages
 that jeopardise the service or the function of the network
 for instance dDOS-attacks
 Should be combined with an obligation to inform the affected subscriber
 Today there must be a consent by the subscriber
04-06-17

Measure 4, ongoing: Provide information about vulnerabilities
The Swedish IT incident Centre (SITIC)
Provides information about vulnerabilities and threats to the public and business sector
04-06-17

04-06-17

Measure 8, suggestion: Further develop PTS’s website for Internet security
04-06-17

Measure 12, suggestion: Investigate the requirements for increased responsibility for providers of equipment and software
04-06-17

Measure 21, planned: Produce a coordinated continuity plan for the Internet infrastructure in
Sweden
04-06-17

Changes in the strategic positions
 are decided upon by the Government
 are updated by PTS
Updates in the action plan
 are decided upon by PTS
 are done by PTS every second year
Status in the action plan
 is reported together with the annual report
04-06-17

In what way could this strategy be beneficial to your work with security?
In what way does you work correspond with the thoughts of the strategy?
–Security baseline?
Are there any thoughts regarding the measures?
Could secure inter domain routing be of interest?
How is the society perspective represented in your standardisation work?
04-06-17