Sponsored By

ISOC Urges Faster Security Standards AdoptionISOC Urges Faster Security Standards Adoption

Event series designed to help ISPs embrace DNSSEC, IPv6, Secure BHCP and more.

February 2, 2015

3 Min Read
ISOC Urges Faster Security Standards Adoption

The Internet Society is hoping to speed up deployment of some key Internet standards, many of which involve more secure networking, through a series of conferences being held globally, beginning last month. The approach involves getting network operators that aren't yet deploying IPv6, DNSSEC, Secure BGP, anti-spoofing and more into the room with those that are, to share experiences. (See ISOC Launches Conference Series to Advance New Networking Standards.)

These are all Internet Engineering Task Force (IETF) standards that pay off in terms of improving security and efficiency but they don't offer a direct payback, notes Chris Grunderman, director of deployment and operationalization for Internet Society (ISOC) . The organization created its Internet Society Deploy360 Programme to help "close the gap" between development of IETF standards and their deployment.

"It's a little like getting people to eat their broccoli," Grunderman admits. Network operators can't charge more for services after deploying these standards, but their deployment makes the entire Internet experience better for everyone by adding security and resiliency.

The ION Conference Series kicked off in Sri Lanka in mid-January and will continue this week in Trinidad and Tobago, and conclude in the fall in San Francisco. Details about the conferences are here.

Attendees will hear real-world deployment stories and have access to the tools and advice they need to deploy these critical standards, Grunderman says. Part of ISOC's effort includes trying to eliminate some of the "geek speak" around these standards and explain why they are necessary and important.

Read the latest on network security in our security section here on Light Reading.

"It is clear that taking an inherently insecure transport system such as DNS and creating a way to enable the authentication of messages and verification of integrity of messages ought to be a no-brainer," says Ron Mohan, executive VP of Afilias Ltd. , sponsor of the conferences and maker of Internet domain registry services, Managed DNS and mobile web services. Yet despite all the companies using the .org domain, one of the largest, less than 100,000 domain names are signed using DNSSEC, a well-established standard.

"Most of the benefits have been explained in terms that are quite geeky, and non-geeks don't understand the business benefits -- that is one of the things we are trying to share at the conference," Mohan says.

IPv6 has obvious benefits as IPv4 addresses run out and the explosion of Internet-connected devices looms, and increasingly network operators are doing more full-blown dual-stack deployments in place of tunneling and network address translation methods used as stopgaps, Grunderman says. The other standards have significant benefits in terms of increased security -- and that is gaining more attention in the light of the many security breaches and hacks.

Securing the Internet itself requires efforts at multiple places, notes Mohan, to include addressing vulnerabilities at the core of the Internet through adoption of these more secure protocols. Efforts to layer security on top of a base that isn't secure won't succeed, he warns.

But with the new IETF standards deployed, it is possible to eliminate things such as emails that direct gullible recipients to websites that spoof their financial institution's site, Mohan says. "If you have the ability to guarantee that will never happen again, would you take it?"

— Carol Wilson, Editor-at-Large, Light Reading

Read more about:

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like