Jump to content

Security, Stability and Resiliency

From ICANNWiki

Security, Stability and Resiliency (SSR) comprise key components of ICANN's commitment to ensure the continued operation of the Internet.

Overview edit

For ICANN,

  • Security refers to the capacity to protect Internet Identifier Systems and prevent DNS Abuse or misuse.
  • Stability encompasses the capacity to ensure the interoperability of the DNS as expected so that users have confidence in it.
  • Resiliency describes the capacity to withstand, tolerate, or survive malicious attacks and other disruptive events without interruption or cessation of Internet services.

ICANN's role encompasses three categories of responsibilities:

  • ICANN's operational responsibilities (internal operations including L-root, DNS operations, DNSSEC key signing operations, IANA functions, new TLD operations, etc.);
  • ICANN's involvement as a coordinator, collaborator and facilitator with the global community in policy and technical matters related to the Internet's unique identifiers;
  • ICANN's engagement with others in the global Internet ecosystem.[1]

Aims and Mechanisms edit

ICANN has dedicated multiple programs and initiatives to preserve the SSR of the Internet's identifier systems by:

  1. gathering and processing data on imminent threats to the DNS ecosystem;
  2. participating in threat preparedness and risk management to protect against or mitigate issues;
  3. measuring and reporting on the health of the DNS ecosystem;
  4. coordinating vulnerability disclosure reports; and
  5. helping ccTLD managers and public safety agencies on topics, such as DNSSEC and DNS Abuse.[2]

SSR Teams at ICANN edit

The SSR Team is part of the OCTO. The Chief Security, Stability, and Resiliency Officer is John Crain. The Director of Security, Stability, and Resiliency (SSR) Research is Samaneh Tajalizadehkhoob, who oversees the DAAR Project.

The SSR Engagement team works with trust and public safety communities, such as civil/criminal law enforcement, national cybersecurity centers, consumer protection, incident response teams, threat intelligence, operational security. The Director of SSR Engagement is Carlos Alvarez del Pino.

The Security and Network Engineering (SaNE) is part of E&IT. This team keeps a cybersecurity incident log, and its Sr. Director is Terry Manderson.

References edit