In RFC1958 "Architectural principles of the Internet", Brian Carpenter states that : Endpoints should not depend
on the confidentiality or integrity of the carriers. Carriers may choose to provide some level of protection,
but this is secondary to the primary responsibility of the end users to protect themselves. Several
cyber-security incidents showed that end users are not always able to implement the stated responsibility. Also,
end-user availability is increasingly being affected by cyber attacks such as (D)DoS attacks. All such events
justify the question if the statement regarding the expected protection of carriers, should be revisited, in
particular when answering the question what it means to allow carriers to provide some level of protection.
As the Internet is constructed using many infrastructures from different carriers, finding answers to such a
question is not trivial. Important sub-questions would be:
2015-04-29 I2 Global summit, Washington, 16h30 - 17h30.
a SARNET Alliance
", TIME 04/29/15 04:30PM-05:30PM, ROOM Meeting Room 12/13/14
If such need can be identified, an important other sub-questions would be
- What incentives would drive the need to have carriers collaborate to provide protection?
Above questions are part of a Dutch research project, headed by University of Amsterdam involving TNO, Ciena and
Air France - KLM, called "Security Autonomous Response NETwork" (SARNET). This project investigates how
detection and protection concepts, using SDN / NFV based technologies, can provide autonomous protection against
various types of cyber attacks. Part of this research considers what it would need to organize a SARNET as an
alliance of collaborating carrier and end user networks. This working meeting will present and discuss the
SARNET concepts and will subsequently focus on the question how to organize a SARNET Alliance, where
participating community partners form a Service Provider Group creating the necessary trust enabling
- What is needed to have carriers and end user networks collaborate?
- How can carriers and end user networks trust each other when detecting incidents and providing protective
responses in an automated way?
This meeting basically is a follow up on our previous session at the Internet2 2012 spring meeting .
 Leon Gommans, John Vollbrecht, Betty Gommans - de Bruijn, Cees de Laat, "The Service Provider Group
Framework; A framework for arranging trust and power to facilitate authorization of network services.", Future
Generation Computer Systems, (Accepted paper), June 2014
 Leon Gommans, "Multi-Domain Authorization for e-Infrastructures", UvA, Dec 2014.
 Internet2 2012 spring meeting: speakers: Leon Gommans , John Vollbrecht, chair: Cees de Laat, "Trust
Framework for Multi-Domain Authorization"
Security Autonomous Response with programmable NETworks.
- Investigates questions on best ways to provide autonomous responses to cyber-security threats by
automated security state monitoring using software defined, virtualized detection & defense
- [2 PhD students, collaboration: Air France KLM, CIENA, TNO, UvA]
Creating a SARNET Alliance
- Investigates questions on how to organize SARNET functionalities across multiple Service Provider- and
Enterprise Networks, where each participant must trust other participants to correctly detect and mitigate
cyber threats, whilst authorizing each other to be involved. [1 PhD student, collaboration: Air France –
KLM, COMMIT, UvA CS + Legal faculty]