Law Enforcement and Internet Governance: An Ounce of Prevention Is Worth a Pound of Cure

Similar documents
ICANN- INTERNET CORPORATION OF ASSIGNED NAMES & NUMBERS

The IANA Functions. An Introduction to the Internet Assigned Numbers Authority (IANA) Functions

Internet Structure and Organization

Law Enforcement Recommendations Regarding Amendments to the Registrar Accreditation Agreement

Internet Bodies.

Internet Technical Governance: Orange s view

ICANN STRATEGIC PLAN JULY 2012 JUNE 2015

PLAN FOR ENHANCING INTERNET SECURITY, STABILITY, AND RESILIENCY

The Internet Ecosystem and ICANN!! Steve Stanford University, Center for Information and Society! 29 April 2013!

Telecom and Internet Regulatory Challenges and Opportunities Names, Numbers, Internet Governance

Multi-Stakeholder Model Internet Governance

Introduction to IP Numbers vs. Domain names. Adiel A. Akplogan CEO, AFRINIC. 2014

Security related proposals in the DAG v3

The Internet. On October 24, 1995, the FNC unanimously passed a resolution defining the term Internet.

ICANN Policy Development. New gtld Program

How To Understand The Role Of Internet Governance

SUMMARY PRINCIPLES, RECOMMENDATIONS & IMPLEMENTATION GUIDELINES

Internet Operations and the RIRs

The Future of the Internet

Year End Results for FY10 Trimester Goals Color Key: T1 T2 T3

The Internet Introductory material.

The Internet Ecosystem

Current Counter-measures and Responses by the Domain Name System Community

Draft WGIG Issue Paper on the Administration of Internet Names and IP Addresses

Understanding Internet Focus Institutions [Session 6]

How To Manage Icann

The FBI and the Internet

Final. Dr. Paul Twomey President and Chief Executive Officer Internet Corporation for Assigned Names and Numbers (ICANN)

Regional Internet Registries. Statistics & Activities. Prepared By APNIC, ARIN, LACNIC, RIPE NCC

GAO Engagement on the Internet Domain Name System Discussion Guide

How To Transition To Annia.Org From Aaa To Anora.Org

Current Counter-measures and Responses by the Domain Name System Community

.Brand TLD Designation Application

IANA Functions to cctlds Sofia, Bulgaria September 2008

Domain Name Market Briefing. 24 June 2012

An introduction to IANA Presentation Notes

ICANN: achievements and challenges of a multi-stakeholder, bottom up, transparent model

Topic 1: Internet Architecture & Addressing

.AXA Domain Policy. As of March 3, 2014

international law of contemporary media session 4: internet governance

Distributed Systems. 22. Naming Paul Krzyzanowski. Rutgers University. Fall 2013

DOMAIN NAME DAY. + Helsinki; 14 th February; Nigel Hickson, ICANN

Code of Conduct Exemption Request Form

ARTE TLD REGISTRATION POLICY

international law of contemporary media session 4: internet governance (part one)

The Regional Internet Registries

.bbva TLD Registration Policy

Expert Q&A on Brand Protection in the Expanded gtld Program

WHOIS Policy Review Team

IPv6 Around the World

Consultation Paper on the Review on Administration of Internet Domain Names in Hong Kong

New gtld Basics New Internet Extensions

Internet Corporation for Assigned Names and Numbers (ICANN)

Kim Davies Internet Assigned Numbers Authority

.swiss Registration Policy

Response to Solicitation Number: SA R-P0-016

The Proposal for Internationalizing cctld Names

Distributed Systems. 09. Naming. Paul Krzyzanowski. Rutgers University. Fall 2015

Baseline requirements Version 1.0 Errata

2014 IANA FUNCTIONS CUSTOMER SERVICE SURVEY RESULTS. Survey by Ebiquity Report by Leo Vegoda & Marilia Hirano

Summary - ENUM functions that maps telephone numbers to Internet based addresses - A description and the possible introduction to Sweden

Proposal to Transition the Stewardship of the Internet Assigned Numbers Authority (IANA) Functions from the U.S. Commerce Department s National

Radix Reserved Names Policy

2015 IANA Functions Customer Service Survey Results

Who rules the internet? Understanding ICANN

Next Generation of Whois: An Overview

Domain Name Registration Agreement

Innovating with the Domain Name System: From Web to Cloud to the Internet of Things

THE MINISTRY OF INFORMATION AND COMMUNICATIONS

What's inside the cloud?!

Philippines Philippines Philippinen. Report Q173. in the name of the Philippine Group

What the Impending New Domain Names Mean for Nonprofits

Best Practices for Protecting your Online Brand. Gretchen Olive Baltimore ACC November 15, 2007

Internet Security and Resiliency: A Collaborative Effort

Redelegation of Country Code Top Level Domains. February 2003

:0db8:2004:f000:20d:60ff: Continuing cooperation The NRO and Internet Governance. The. Number

New gtld Program Reviews and Assessments. Draft Work Plan

Statute of the Serbian National Internet Domain Name Registry Foundation

ISPCP. Internet Service and Connectivitiy Providers Constituency. ISPCP members attend historic NETmundial Meeting. What attendees are saying

ICANN Seeks Public Comment: Supporting the DNS Industry in Underserved Regions 14 May 2014

Domain Names and their Role for the Net

ICANN Draft Five Year Strategic Plan (FY16 FY20)

THE DOMAIN NAME INDUSTRY BRIEF VOLUME 11 ISSUE 1 APRIL 2014

How to Transfer Domain Names and Get an Authorization Code

ICANN Engagement Strategy Middle East! Baher Esmat!! MENOG 13! Kuwait, September 2013!

How to use the UNIX commands for incident handling. June 12, 2013 Koichiro (Sparky) Komiyama Sam Sasaki JPCERT Coordination Center, Japan

DNS Security Survey for National Computer Security Incident Response Teams December 2010

Highlights ccnso Members Meeting London June 2014

Vanuatu Domain Name Management and Administration Regulation Inviting public comment and input

Ref: A. Leon Garcia and I. Widjaja, Communication Networks, 2 nd Ed. McGraw Hill, 2006 Latest update of this lecture was on

Internet Governance. Issues Paper on. Prepared by ICC s Commission on E-Business, IT and Telecoms. January 2004

SSAC Report on the IANA Functions Contract

.hitachi Domain Name Registration Policies

How To Get An Ipv6 Allocation On Ipv4 (Ipv4) From Ipv5) From The Ipvripe Ncc (Ip6) From A Ipvv6 Ipv2 (Ip4) To Ip

COMMENTS OF THE SOFTWARE & INFORMATION INDUSTRY ASSOCAITION (SIIA)

Introduction to The Internet

Decision No (119/2012): Domain Names Regulation

Part I - Gathering WHOIS Information

SDNP.mw cctld DOMAIN REGISTRATION POLICY Ver 1.2 of 23 July 2015

Introduction to The Internet. ISP/IXP Workshops

Transcription:

Law Enforcement and Internet Governance: An Ounce of Prevention Is Worth a Pound of Cure Supervisory Special Agent Robert Flaim Federal Bureau of Investigation (FBI) Operational Technology Division

Global LE Objective To be actively involved in Internet Governance bodies to adopt proactive laws and regulations to prevent crime and enable LE to trace criminal activity and actors quickly

Big Issues 2010 Internationalized Domain Names (IDN) Greater IPv6 address allocation and lack of appropriate tracking of IPv6 Introduction of ~500 new generic Top Level Domains (gtld) Depletion of IPv4 addresses IPv6 carrier-grade NATs (IETF)

How will LE address these issues? Adopt polices at ICANN and RIRs RAA Amendments in 2009 IDN Briefings in 2010 Introduce/Oppose RIR policies 2010 Legislation to adopt sound regulatory policies Validation of WHOIS data

Prevention LE activities in Internet Governance ICANN Awareness - LE Sessions in Luxembourg, Paris, Mexico City, Seoul Proposals- ICANN Due Diligence and Registrar Accreditation Agreement (RAA) Proposal at ICANN Seoul Regional Internet Registries (RIR) LE/Government Working Groups in ARIN, RIPE NCC, developing Working Groups in APNIC, LACNIC, AfriNIC Advocated WHOIS IPv4 WHOIS Policies since 2005 IPv6 Legislation to record all IPv6 addresses

What is ICANN? Internet Corporation for Assigned Names and Numbers Founded in 1998 as a not-for-profit organization Coordinates the allocation and assignment of the three sets of unique identifiers for the Internet, which are: Domain names (forming a system referred to as "DNS"); Internet protocol ("IP") addresses and autonomous system ("AS") numbers; and Protocol port and parameter numbers Coordinates the operation and evolution of the DNS root name server system. Top Level Technical Coordination Body

ICANN Structure GNSO The reviews SSAC advises and develops the ICANN recommendations community and Board The The GAC s ASO The key CCNSO reviews role is is to and provide responsible develops matters on advice generic relating for to recommendations ICANN developing top-level on the issues security domains. and recommending and on Internet integrity of of public Protocol policy, global (IP) particularly policies address the relating Internet's as policy they relate to and naming country-code to advises the and concerns address the top-level ICANN allocation Board. domains systems. of governments, and national building laws, consensus and international across agreements. the censor's community. The mission of the IETF is to produce engineering documents that influence the way people design, use, and manage the Internet.

LE Proactive Initiatives: ICANN LE Sessions at ICANN to educate LE on ICANN s role and to ensure LE concerns are heard and addressed Issues WHOIS, LE needs public and accurate data New gtlds IDNs Sessions in Luxembourg 2005, Paris (2008), Mexico City (2009) and Seoul (2009)

LE Due Diligence and RAA Proposal for ICANN Recommendations to ICANN LE presented Due Diligence and RAA Improvement Proposal at ICANN Seoul Malicious Conduct Session to ICANN Board, the GAC and Community Drafters; Australia, Canada, New Zealand, UK, and USA Supported: G-8 High Tech Crime Group, Interpol Cyber Working Group, Korea, Switzerland, Thailand

LE Proposal to ICANN Three (3) Objectives: 1. Due Diligence 2. WHOIS 3. Transparency and Accountability

Due Diligence ICANN needs to vet potential registrars and registries, i.e., Dunn and Bradstreet Lexus Nexus Registrars need to validate data received at registration, i.e., Network Solutions (VeriSign) Solution Time-based algorithms, IP, BIN data, HTTP header information and device ID, blacklists, null values

WHOIS Accurate and public WHOIS Proxy/Privacy Registrations For private individuals for non-commercial purposes Companies providing services should be accredited by ICANN

Accountability and Transparency Domain name resellers and all third party beneficiaries to be held to the same terms and conditions ICANN should require all registrars, registries, proxy services, resellers and all third party beneficiaries of any contracts, policies of ICANN to publicly display ownership, parent companies, subsidiaries and business associations

Regional Internet Registries (RIR) RIRs allocate IP addresses and Autonomous System Numbers (ASN). RIRs receive their IP/AS Numbers from IANA (Internet Assigned Numbers Authority) which is administered by ICANN.

Regional Internet Registries (RIR)

Prevention-RIRs Creation of LE/Government Working Groups RIPE NCC started in 2006 ARIN established ARIN Government Working Group in February 2009 18 LE and Government agencies LACNIC had a discussion of Government Working Group at their last meeting in May 2009 LE from Brazil, Uruguay, Costa Rica and Nicaragua APNIC and Australian Federal Police in 2009 have begun negotiations for WG

Why LE/Government- RIR Working Groups? To go from reactive to proactive; LE coordinate with RIRs and private industry to develop policies that will enhance LE capabilities in crime-fighting for the safety and security of the Internet Issues addressed in RIPE NCC, ARIN: IP revocation WHOIS policies IPv4 Network Address Translation IPv6 WHOIS, allocation policies

Mission of AGWG To provide a forum for learning and discussing matters relating to ARIN with focus on cooperation between the public and private sector while adhering to all ARIN policies and procedures.

ARIN Criminal Issues IP address revocation ARIN can revoke IP address space if there is a definitive finding, pursuant to the ARIN Registration Service Agreement (RSA), paragraph 4(d). ARIN defines a definitive finding as: (1) any court adjudication resulting in a final order by the trial court. (2) any finding by an agency or tribunal that is authorized to make such judgments. WHOIS - Working with ARIN for open and accurate WHOIS, have persuaded ARIN to not limit WHOIS, despite several policy proposals and have successfully defeated such policies; Common-carrier Network Address Translation (NAT) - Coordinating with ARIN and authors of IETF proposal, i.e. ensuring proper logging.

Outstanding Issues RIRs and ICANN Ensure gtlds and cctlds are secure and transparent by exercising due diligence and mandating validated registrant data; ICANN standards through the Registrar Accreditation Agreement for gtlds and uniform national laws for cctlds Introduce new policies in RIRs to address voids in current IPv4 and IPv6 allocations Have new cooperative legal agreement to share information real-time, i.e., new 21 st Century MLAT?

2010 Agenda ICANN Meeting in Nairobi, Kenya, March 9, 2010 GAC will vote to pass resolution supporting LE RAA and Due Diligence Proposal London Global RIR Meeting, March 17 th, 2010 5 RIRs and 50 national LE representatives meet to discuss collective issues facing LE and RIRs ICANN Meeting in Brussels, Belgium, June 2010 LE convene to advocate passage of LE and Due Diligence Proposal to ICANN Board of Directors

Questions? Email rflaim@ic.fbi.gov Telephone - 1-571-437-3728

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information