Академический Документы
Профессиональный Документы
Культура Документы
A weekly report on
significant internet
policy related activities
IEEE Global Internet Policy Monitor
around the world
On internet governance,
Resources and
information
cybersecurity, privacy, and
inclusion
Twitter @IEEENetPolicy
#internetinclusion
#ETAP
Internet Inclusion:
Advancing Solutions
Face-to-face meeting in
Washington, DC
16 October 2017
The George Washington
University Cloyd Heck Marvin Center
online email
internetinitiative.ieee.org internetinitiative@ieee.org
Pay attention to the difference between the security OF the Internet and
the security ON the Internet
1. Secure booting
As an End Userperiodically restart from a known good source
2. Access control
Differential Access control is necessary for all components:
Physical Logical Functional and Content
Understand that the majority of people on the Internet are just like
you; well meaning and good. However there are, and will be, many
who are neither. Be Responsible: Protect yourself.
https://assets.documentcloud.org/documents/1217406/jtrigall.pdf
https://www.nytimes.com/2017/08/03/business/china-internet-
censorship.html?rref=collection%2Ftimestopic%2FInternet%20Censorship
%20in%20China&action=click&contentCollection=world®ion=stream&m
odule=stream_unit&version=latest&contentPlacement=2&pgtype=collectio
n
http://www.zdnet.com/article/legal-loopholes-unrestrained-nsa-
surveillance-on-americans/
http://www.npr.org/templates/story/story.php?storyId=126097038
You own your data, protect it. Nothing is perfect. Consider the idea that
we can all improve how we use and participate with the Internet making it
safer, and more useful for everyone.
Inside Protection
Application
Security
Authentication
Encryption
Application Security
Confidentiality of data
within application
Confidentiality
Availability of the
application
Integrity of the data
within the application
Availability Integrity
Multi-tenants privacy
is a stronger objective
than confidentiality
Triple DES
Key length of 168 bits
Blowfish
symmetric cipher splits messages into blocks of 64 bits
and encrypts them individually
Ecommerce platforms for securing payments to password
management tools
Free availability in the public
Twofish
256 bit key length symmetric algo
Encryption Algorithms
Business
objectives,
Convincing the board
Regulation,
Context Educating managers
awareness
Methodologies
Maturity
Risk monitoring Risk assessment
Mastering
Fully
implemented
Partially
implemented
No methodology
Training + awareness !
28 IEEE Internet Initiative Overview
Security by design
Not so easy
Easy
So many rules