Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Id‐SIRT Indonesia Security Incidents Response Team on Internet  Infrastructure

advertisement 
Id‐SIRT
Indonesia Security Incidents Response Team on Internet Infrastructure
Telecommunicatio
n Regulatory Body of Indonesia
Gunawan Hutagalung, MT
Head of Tariff and Interconnect Section
Directorate Telecommunications – DG Postel
Telecommunication Regulatory Body of Indonesia
Email : hutagalung@postel.go.id
Background
Telecommunication Regulatory Body of Indonesia
Cyber Crime Cases in Indonesia
decreasing national competitive advantage
Vulnerabilities on Critical Infrastructure
threats on national security and people’s life
Slow Adoption on Internet Usage
loss opportunities on economic growth
Absence of Strong Internet Security System tendency of hindering internet‐based activities
Challenge on Law Enforcement Practices
increasing numerous attacks on internet infrastructure
Notorious International Perception
negative image on the nation and society
2
Founders
Telecommunication Regulatory Body of Indonesia
MASTEL Masyarakat Telematika Indonesia
Indonesian Telematics Society
APJII Asosiasi Penyelenggara Jasa Internet Indonesia
Indonesian ISP Association
AWARI Asosiasi Warung Internet Indonesia
Indonesian Internet Cafe Association
POLRI Kepolisian Republik Indonesia
Indonesian Police Office
KEJAGUNG Kejaksaan Agung
Indonesian Attorney General Office
DITJEN POSTEL Direktorat Jenderal Pos dan Telekomunikasi
DG Postel Indonesia
3
Regulations
Telecommunication Regulatory Body of Indonesia
National Constitution Act UU No.36/1999
regarding National Telecommunication Industry
Government Regulation PP No.52/2000
regarding Telecommunication Practices
ICT Ministry Decree PERMEN No.26/PER/M.KOMINFO/2007
regarding Indonesian Security Incident Response Team on Internet Infrastructure
National Constitution Act UU No.11/2008
regarding Electronic Information and Transaction 4
The Response team
Telecommunication Regulatory Body of Indonesia
Independent Entity Representing Related Stakeholders PROFESSIONAL ‐ EXPERTS ‐ POLICE ‐ ATTORNEY ‐ GOVERNMENT ‐ ACADEMICIAN ‐ RESEARCHER ‐ PRACTITIONER
Triple Board Governance System ADVISORY BOARD ‐ EXECUTIVE BOARD ‐ INSPECTION BOARD
Lead National Scale Initiatives
INTERNET SERVICE PROVIDERS AND RELATED PARTIES
Develop International Collaboration and Cooperation
INSTITUTION AND NATION BASED RESPONSE TEAMS AND OTHER RELATED BODIES
5
The Vision
Telecommunication Regulatory Body of Indonesia
establishing
CONDUCIVE and SECURE
internet environment
for Indonesia
6
The Mission
Telecommunication Regulatory Body of Indonesia
to EXPEDITE internet growth through
PROMOTING security awareness
MONITORING incident potentials
SUPPORTING law enforcement
PROVIDING technical assistance
7
The tasks
1.
EDUCATE stakeholders on security management
2.
MONITOR traffic, DETECT incidents, and DELIVER early warning
3.
GATHER, ORGANISE, STORE, and MANAGE log files 4.
RESPONSE to stakeholders enquiries on internet security
5.
DEVELOP simulation laboratories and training centres
6.
PROVIDE technical advisory and consultancy
7.
CONDUCT international collaborations and co‐operations
Telecommunication Regulatory Body of Indonesia
8
The exclussion
Telecommunication Regulatory Body of Indonesia
Do not record or evaluate CONTENT
implementation of and protected by INDIVIDUAL PRIVACY ACT
UU No.36/1999 Article 40 on “Illegal Interception”
only monitor TRAFFIC PATTERNS and manage LOG FILES
to detect threats and to support law enforcement
Internet Traffic Behaviors
Source, Destination, Protocol, Port, Time Stamp
9
The mechanism
Telecommunication Regulatory Body of Indonesia
Analyse Incident Indication
Collect and
Manage Log Files
from ISPs
Monitor Internet
Traffic on IXPs
and NAPs
Analyse
Patterns
and
Detect
Indication
Signals
Response Incident Management
Alert
Related
Institutions
regarding
Incident
Occurrences
Receive
Formal
Requests
from
National
Authorities
Provide
Stakeholders
with Log Files
Record
Provide
Stakeholders with
Traffic Patterns
Record
Develop training programs and research laboratories for societies
Engage national and international collaborations with related parties
Support stakeholders with technical information services and support
10
The process taxonomy
Telecommunication Regulatory Body of Indonesia
ID‐SIRTII
ID‐SIRTII
2. SUPPORTING
2. SUPPORTING
ACTIVITIES
ACTIVITIES
1. CORE PROCESS
1. CORE PROCESS
1.1 LOG FILE
1.1 LOG FILE
MANAGEMENT
MANAGEMENT
1.2 INTERNET
1.2 INTERNET
TRAFFIC MNGT.
TRAFFIC MNGT.
2.1 TRAINING
2.1 TRAINING
CONDCUT
CONDCUT
2.2 RESEARCH AND
2.2 RESEARCH AND
DEVELOPMENT
DEVELOPMENT
2.3 INFO SUPPORT
2.3 INFO SUPPORT
SERVICES
SERVICES
2.4 EXTERNAL
2.4 EXTERNAL
COLLABORATION
COLLABORATION
1.1.1
Collect
1.2.1
Gather
2.1.1
Plan
2.2.1
Propose
2.3.1
Require
2.4.1
Explore
1.1.2
Organise
1.2.2
Monitor
2.1.2
Offer
2.2.2
Study
2.3.2
Prepare
2.4.2
Propose
1.1.3
Store
1.2.3
Analyse
2.1.3
Register
2.2.3
Report
2.3.3
Inform
2.4.3
Correspond
1.1.4
Retrieve
1.2.4
Detect
2.1.4
Execute
2.2.4
Plan
1.1.5
Transfer
1.2.5
Inform
2.1.5
Evaluate
2.2.5
Execute
2.3.5
Evaluate
2.4.5
Plan
1.1.6
Distribute
1.2.6
Distribute
2.2.6
Evaluate
2.3.6
Learn
2.4.6
Execute
1.1.7
Archieve
1.2.7
Archieve
2.3.4
2.3.4
Execute
Execute
2.4.4
Engage
2.4.7
Evaluate
11
The Consequences
Telecommunication Regulatory Body of Indonesia
Operator ‐ NAP ‐ IXP ‐ ISP
obligation to record logs and to monitor traffic
stated in the contract with customers
Close User Group network
obligation to record logs and users identity
Hot Spot and Internet Cafe
obligation to record users identity
12
The enforcement
Telecommunication Regulatory Body of Indonesia
Operator ‐ NAP ‐ IXP ‐ ISP
administrative sanctions (from warning to license revocation)
Close User Group network
based on the contract agreement
Hot Spot and Internet Cafe
IP address block
lead to
CASE(s)
Legal and Law Enforcement
13
The topology
Telecommunication Regulatory Body of Indonesia
14
The tools
Telecommunication Regulatory Body of Indonesia
15
The organization
Telecommunication Regulatory Body of Indonesia
Ministry of ICT
Directorate of
Telco & Communication
Inspection Board
Advisory Board
Chairman
General Secretary
Vice Chairman
Deputy of Operation
and Security
Deputy of Education
and Public Affairs
Deputy of Data Center,
Applications & Database
Deputy of Research
and Development
Deputy of External
Collaborations
16
The holistic view
Telecommunication Regulatory Body of Indonesia
SECURE INTERNET INFRASTRUCTURE
ENVIRONMENT
MONITOR ‐ ANALYSIS ‐ YELL ‐ DETECT ‐ ALERT ‐ YIELD
Process
Technology
Advisory
Board
Incident
Indication
Analysis
Traffic
Monitoring
System
Executive
Board
Incident
Mngt.
Support
Log
Database
System
People
STAKEHOLDERS COLLABORATION AND SUPPORT
NATIONAL REGULATION AND GOVERNANCE
STRONG INSTITUTIONAL RELATIONSHIPS AND COMMITMENT
17
The mitigation view
Telecommunication Regulatory Body of Indonesia
9 id‐sirtii 18
Thank You.
Telecommunicatio
n Regulatory Body of Indonesia
Terima kasih!
Related documents
This Document
This Document
Geography Hunt
Geography Hunt
Shinjin-Ken Goes to Campus 2015 About Us
Shinjin-Ken Goes to Campus 2015 About Us
Y D U T
Y D U T
Pangaribowo, Evita Hanie
Pangaribowo, Evita Hanie
Download
advertisement