[FutureChallenges-SSR2-RT] Today's meeting discussion follow-up

Mohamad Amin hasbini ma at mahasbini.org
Mon Jul 24 17:25:24 UTC 2017


Hi guys,

Please find my thoughts from our discussion few hours ago, regarding "Sub
Topic 4 – Future Challenges", i believe the below is limited in scope and
achievable with a reasonable effort, please feel free to consider if you
think suitable, thanks.

-------Start-------
1-Performance security (SSR2 scope)
Issue high level recommendations towards ICANN technologies(routing,
switching, computing environments, DNS related services) resources
utilization (Traffic, processing/power/memory utilization, ...)
To do so we need to:
-identify a list of the types of technologies used by ICANN
-recommend forecasting techniques to be used by ICANN to determine future
utilization

-ICANN role in return: Recommendations need to be considered in future
technological planning or architecture designs by ICANN.

2-Technology selection security (SSR2 scope)
Issue high level recommendations on:
-Vendor security technology evaluation process (how to test solutions)
-Vendor security technology selection process (how to select a solution)
-Vendor security technology implementation process (what vendors need to do
when deploying solutions)
-Vendor security maintenance process (how vendors should maintain their
solutions)
-Vendor responsibilities and SLAs (patching vulnerabilities, technology
development/deployment)
-Vendor accountability for security problems

-ICANN role in return: Selection recommendations need to be considered in
future technology selection processes employed by ICANN

3-Threat intelligence (SSR2 scope)
Issue high level recommendations on:
-The need for an ICANN threat intelligence team
-The need for ICANN to have established communication with top threat
intelligence sources to know about the latest threats
-The need for adapting threat intelligence internally, to identify attacks
and threats accordingly

-ICANN role in return: Threat intelligence recommendations to be adapted by
ICANN towards enhancing blocking of cyber attacks, identifying causes of
new breaches, and knowing about the latest threats endangering similar
organizations.

NB1: Recommendations provided should be vendor/technolgy neutral, as to be
valid for future utilization
NB2: issues of ddos, route injection all fall under “Sub Topic 3 – DNS SSR”
as they are issues probably currently being dealt with. What is not dealt
with, is how they could be used in the future, which falls under threat
intelligence. I do not believe should predict protocols misuse options
through new vulnerabilities, that has an unlimited scope.
-------End-------

Regards,
Amin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/futurechallenges-ssr2-rt/attachments/20170724/2c2d1af0/attachment.html>


More information about the FutureChallenges-SSR2-RT mailing list