Norbert Pohlmann (Institut für Internet-Sicherheit):,
“The global View of Security Situation in the Internet”,
ECN – European CIIP Newsletter,
The constantly growing importance of the Internet for our information society makes it necessary to analyze and be acquainted with its Security Situation beyond the limits of the individual network operators.
We have all experienced the situation: you are sitting in a traffic jam and all you can see is a long line of cars in front of and behind you. In this situation, without any assistance, you do not have an overview of the problem. There is no direct information concerning why the traffic jam has come about, how long it is, at what point of the traffic jam you are located or – the most important information – when the traffic jam will dissolve. As this is a problem faced on a day-to-day basis by thousands of motorists, solutions have been developed to overcome the lack of information. There is a close network of traffic counter loops which record the traffic volume and situation on the motor-ways/freeways. Important information about traffic jams is provided by means of radio announcements, SMS, telephone and the Internet, while modern navigation systems process the information directly when planning the route to be taken. Through the use of these resources, motorists are “liberated” from their constricted local view of the situation and can take decisions in good time on the basis of the global information available, e.g. leaving by the next exit and using an alternative route. This situation can also be applied to the perspective that the network operators have of the Internet today. As a rule they have only a local perspective, i.e. an overview of their own network segments and the
communication data that is transferred. If problems occur here and are detected, they can be rectified quickly and systematically. However, if it becomes apparent that a problem has occurred that is not within their own domain of action, or if the required perspective is lacking, the situation is more difficult. In most cases we do not know the origin of the problem and we are reliant on third parties to solve the problem.
The global view of security situation in the Internet required in order to detect the problem and to select the appropriate solutions is missing. Such a global view on the Internet is difficult to achieve as people like to play their cards close to their chest. The precise internal network structure, communication connections and topologies are often treated confidentially by the network operators .
Furthermore, in order to obtain a global perspective, there are a few challenges that have to be coped: communication data is relevant in principle to data protection, the quantities of data are enormous, the data rates are sometimes so large that they cannot always be analyzed in real time, while long-term storage of the communication data in order to observe long-term developments appears to be impossible. Moreover, the question also arises of who feels responsible for creating a global perspective?