In RFC1958 "Architectural principles of the Internet", Brian Carpenter states that : Endpoints should not depend on the confidentiality or integrity of the carriers. Carriers may choose to provide some level of protection, but this is secondary to the primary responsibility of the end users to protect themselves. Several cyber-security incidents showed that end users are not always able to implement the stated responsibility. Also, end-user availability is increasingly being affected by cyber attacks such as (D)DoS attacks. All such events justify the question if the statement regarding the expected protection of carriers, should be revisited, in particular when answering the question what it means to allow carriers to provide some level of protection. As the Internet is constructed using many infrastructures from different carriers, finding answers to such a question is not trivial. Important sub-questions would be:
2015-04-29 I2 Global summit, Washington, 16h30 - 17h30.
Session: "Creating a SARNET Alliance
", TIME 04/29/15 04:30PM-05:30PM, ROOM Meeting Room 12/13/14
If such need can be identified, an important other sub-questions would be
- What incentives would drive the need to have carriers collaborate to provide protection?
Above questions are part of a Dutch research project, headed by University of Amsterdam involving TNO, Ciena and Air France - KLM, called "Security Autonomous Response NETwork" (SARNET). This project investigates how detection and protection concepts, using SDN / NFV based technologies, can provide autonomous protection against various types of cyber attacks. Part of this research considers what it would need to organize a SARNET as an alliance of collaborating carrier and end user networks. This working meeting will present and discuss the SARNET concepts and will subsequently focus on the question how to organize a SARNET Alliance, where participating community partners form a Service Provider Group creating the necessary trust enabling collaboration.
- What is needed to have carriers and end user networks collaborate?
- How can carriers and end user networks trust each other when detecting incidents and providing protective responses in an automated way?
This meeting basically is a follow up on our previous session at the Internet2 2012 spring meeting .
 Leon Gommans, John Vollbrecht, Betty Gommans - de Bruijn, Cees de Laat, "The Service Provider Group Framework; A framework for arranging trust and power to facilitate authorization of network services.", Future Generation Computer Systems, (Accepted paper), June 2014
 Leon Gommans, "Multi-Domain Authorization for e-Infrastructures", UvA, Dec 2014.
 Internet2 2012 spring meeting: speakers: Leon Gommans , John Vollbrecht, chair: Cees de Laat, "Trust Framework for Multi-Domain Authorization"
Security Autonomous Response with programmable NETworks.
- Investigates questions on best ways to provide autonomous responses to cyber-security threats by automated security state monitoring using software defined, virtualized detection & defense mechanisms.
- [2 PhD students, collaboration: Air France KLM, CIENA, TNO, UvA]
Creating a SARNET Alliance
- Investigates questions on how to organize SARNET functionalities across multiple Service Provider- and Enterprise Networks, where each participant must trust other participants to correctly detect and mitigate cyber threats, whilst authorizing each other to be involved. [1 PhD student, collaboration: Air France - KLM, COMMIT, UvA CS + Legal faculty]