Security, Stability and Resiliency: Difference between revisions
Christiane (talk | contribs) m Christiane moved page SSR to Security, Stability and Resiliency: Standardize |
Bill Jouris (talk | contribs) →SSR Teams at ICANN: Correct Samaneh Tajalizadehkhoob title |
||
(One intermediate revision by the same user not shown) | |||
Line 2: | Line 2: | ||
==Overview== | ==Overview== | ||
For ICANN, | For ICANN, | ||
* ''Security'' refers to the capacity to protect Internet | * ''Security'' refers to the capacity to protect [https://www.icann.org/octo-ssr Internet Identifier Systems] and prevent [[DNS Abuse]] or misuse. | ||
* ''Stability'' encompasses the capacity to ensure the interoperability of the DNS as expected so that users have confidence in it. | * ''Stability'' encompasses the capacity to ensure the interoperability of the DNS as expected so that users have confidence in it. | ||
* ''Resiliency'' describes the capacity to withstand, tolerate, or survive malicious attacks and other disruptive events without interruption or cessation of Internet services. | * ''Resiliency'' describes the capacity to withstand, tolerate, or survive malicious attacks and other disruptive events without interruption or cessation of Internet services. | ||
ICANN's role encompasses three categories of responsibilities: | ICANN's role encompasses three categories of responsibilities: | ||
* ICANN's operational responsibilities (internal operations including L-root, DNS operations, DNSSEC key signing operations, IANA functions, new TLD operations, etc); | * ICANN's operational responsibilities (internal operations including [https://www.dns.icann.org/imrs/ L-root], DNS operations, DNSSEC key signing operations, IANA functions, new TLD operations, etc.); | ||
* ICANN's involvement as a coordinator, collaborator and facilitator with the global community in policy and technical matters related to the Internet's unique identifiers; | * ICANN's involvement as a coordinator, collaborator and facilitator with the global community in policy and technical matters related to the Internet's unique identifiers; | ||
* ICANN's engagement with others in the global Internet ecosystem.<ref>[https://www.icann.org/en/public-comment/proceeding/draft-statement-of-icanns-role-and-remit-in-security-stability-and-resiliency-of-the-internets-unique-identifier-systems-17-05-2012 Draft Statement of ICANN's role/remit in SSR, Public Comment Proceedings, ICANN]</ref> | * ICANN's engagement with others in the global Internet ecosystem.<ref>[https://www.icann.org/en/public-comment/proceeding/draft-statement-of-icanns-role-and-remit-in-security-stability-and-resiliency-of-the-internets-unique-identifier-systems-17-05-2012 Draft Statement of ICANN's role/remit in SSR, Public Comment Proceedings, ICANN]</ref> | ||
Line 20: | Line 20: | ||
==SSR Teams at ICANN == | ==SSR Teams at ICANN == | ||
The SSR Team is part of the [[OCTO]]. The Chief Security, Stability, and Resiliency Officer is [[John Crain]]. The | The SSR Team is part of the [[OCTO]]. The Chief Security, Stability, and Resiliency Officer is [[John Crain]]. The Director of Security, Stability, and Resiliency (SSR) Research is [[Samaneh Tajalizadehkhoob]], who oversees the [[DAAR]] Project. | ||
The SSR Engagement team works with trust and public safety communities, such as civil/criminal law enforcement, national [[cybersecurity]] centers, consumer protection, incident response teams, threat intelligence, operational security. The Director of SSR Engagement is [[Carlos Alvarez del Pino]]. | The SSR Engagement team works with trust and public safety communities, such as civil/criminal law enforcement, national [[cybersecurity]] centers, consumer protection, incident response teams, threat intelligence, operational security. The Director of SSR Engagement is [[Carlos Alvarez del Pino]]. |
Latest revision as of 08:58, 13 November 2024
Security, Stability and Resiliency (SSR) comprise key components of ICANN's commitment to ensure the continued operation of the Internet.
Overview[edit | edit source]
For ICANN,
- Security refers to the capacity to protect Internet Identifier Systems and prevent DNS Abuse or misuse.
- Stability encompasses the capacity to ensure the interoperability of the DNS as expected so that users have confidence in it.
- Resiliency describes the capacity to withstand, tolerate, or survive malicious attacks and other disruptive events without interruption or cessation of Internet services.
ICANN's role encompasses three categories of responsibilities:
- ICANN's operational responsibilities (internal operations including L-root, DNS operations, DNSSEC key signing operations, IANA functions, new TLD operations, etc.);
- ICANN's involvement as a coordinator, collaborator and facilitator with the global community in policy and technical matters related to the Internet's unique identifiers;
- ICANN's engagement with others in the global Internet ecosystem.[1]
Aims and Mechanisms[edit | edit source]
ICANN has dedicated multiple programs and initiatives to preserve the SSR of the Internet's identifier systems by:
- gathering and processing data on imminent threats to the DNS ecosystem;
- participating in threat preparedness and risk management to protect against or mitigate issues;
- measuring and reporting on the health of the DNS ecosystem;
- coordinating vulnerability disclosure reports; and
- helping ccTLD managers and public safety agencies on topics, such as DNSSEC and DNS Abuse.[2]
SSR Teams at ICANN[edit | edit source]
The SSR Team is part of the OCTO. The Chief Security, Stability, and Resiliency Officer is John Crain. The Director of Security, Stability, and Resiliency (SSR) Research is Samaneh Tajalizadehkhoob, who oversees the DAAR Project.
The SSR Engagement team works with trust and public safety communities, such as civil/criminal law enforcement, national cybersecurity centers, consumer protection, incident response teams, threat intelligence, operational security. The Director of SSR Engagement is Carlos Alvarez del Pino.
The Security and Network Engineering (SaNE) is part of E&IT. This team keeps a cybersecurity incident log, and its Sr. Director is Terry Manderson.