ISOC Panel at IETF 90 - Internet Security and Privacy: Ten years later
-
Upload
internet-technology-matters-internet-society -
Category
Technology
-
view
281 -
download
0
description
Transcript of ISOC Panel at IETF 90 - Internet Security and Privacy: Ten years later
www.internetsociety.org
Internet Security and Privacy:Ten years later
Andrei Robachevsky, moderator.
The Internet Society
1
The Internet Society
We are…
2
Not at the IETF
Taking discussion up a level
Taking any identified work items to the appropriate IETF WGs
“On the air”
Streaming
Recording
Stopping at 12:45pm so you can all get back to the IETF…
The Internet Society
Agenda outline
3
Introduction
Framing discussion
Open mic
The Internet Society
The Panel
Andrei Robachevsky (Moderator)
Lucy Lynch (Internet Society)
Danny McPherson (Verisign)
Dave Oran (Cisco)
Wendy Seltzer (W3C)
The Internet Society
Today’s discussion
Ten years later – a random point in the future
No magic – just extrapolation
A checkpoint – are we in a good shape?
The Internet is changing
And Security and Privacy are changing with it
How are our approaches change?
Main threats and critical elements
Our focus today is tomorrow’s security and privacy
5
The Internet Society
Facets of Evolution: the edge
6
The Internet Society
Facets of Evolution: the edge
7
The Internet Society
Facets of Evolution: the edge
8
The Internet Society
Facets of Evolution: the edge
9
The Internet Society
Facets of Evolution: locality
10
The Internet Society
Facets of Evolution: threats and attacks
11
The Internet Society
Security of elements –Security of the ecosystem
12
?
Technology
Coffee
People
Money
The Internet Society
Trade-offs, cooperation and dependencies
13
Security
Privacy
Ops
Regulation
Anonymity
Authenticity
Integrity
Availability
Cooperation
The Internet Society
Ten years from now – what do we want to know?
14
What are the critical elements that will shape the state of security and privacy in ten years?
The Internet Society
What are the critical elements that will shape the state of security and privacy in ten years?
Ten years from now – what do we want to know?
15
The Internet Society
Seeds of future security and privacy
What unconventional or new approaches we see that have potential for solution of future problems?
Ten years from now – what do we want to know?
16
The Internet Society
ICN – Internet Security Savior?
Content security replaces channel security
Cryptographic Integrity built in a fundamental level Provenance and origin authentication too Encryption layered on top (application function)
Source anonymity (no source addresses) But content names are visible (since they are used for routing)
Most attack vectors in IP mapped to a small set of DoS vectors (all flooding related)
No magic Trust management unsolved Business models still often depend on abandoning privacy
The Internet Society
New Crypto – Internet Security Saviour?
Functional Encryption and its family of Homomorphic transforms allows computation on encrypted data
General functions are about 14 orders of magnitude too slow
Restricted functions (like boolean expressions) about 7 orders of magnitude too slow
Some useful things (equality, range testing) actually practical now but very expensive- e.g. CryptDB
Privacy-preserving query systems Can perform queries against databases without leaking
information
The Internet Society
Security and Privacy - a tussle or a cooperation?
As the Internet evolves will they become more antagonistic, leading to harder trade-offs, or mutually supportive, allowing more comprehensive solutions?
Ten years from now – what do we want to know?
19