Presidential advisor says U.S. should fund, test 'Net security

The U.S. government should fund and test Internet Engineering Task Force developments and initiatives to bolster the security of Internet communication, including extensions to the BGP protocol, a presidential advisor said this week.

Internet protocols such BGP and Domain Name System (DNS) can be targets of intentional malicious activity or sources of instability that compromise the security and reliability of the Internet, says Richard Clarke, Special Advisor to the President for Cyberspace Security. Indeed, there have been recent instances of malicious activity – the Oct. 21 Distributed Denial of Service attacks on 13 Internet root servers – and Clarke says BGP frequently “flops” massive routing tables between ISPs, creating “pockets” of instability.

“We’re proposing that there be an increased role for the federal government in terms of funding research, in terms of being an early adopter when there are successful new things, and in terms of helping to create testbeds,” said Clarke. “The U.S. government should be doing more, not in terms of regulating, mandating or dictating; but in terms of facilitating the work of people like the IETF.”

Governmental funding of IETF work is tricky, however, Clarke notes, because the IETF and the Internet and worldwide organizations and entities. “Ownership” is therefore ambiguous, as is the source of research and development funding, he says.

To continue reading, register here to become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

The U.S. government should fund and test Internet Engineering Task Force developments and initiatives to bolster the security of Internet communication, including extensions to the BGP protocol, a presidential advisor said this week.

Internet protocols such BGP and Domain Name System (DNS) can be targets of intentional malicious activity or sources of instability that compromise the security and reliability of the Internet, says Richard Clarke, Special Advisor to the President for Cyberspace Security. Indeed, there have been recent instances of malicious activity – the Oct. 21 Distributed Denial of Service attacks on 13 Internet root servers – and Clarke says BGP frequently “flops” massive routing tables between ISPs, creating “pockets” of instability.

“We’re proposing that there be an increased role for the federal government in terms of funding research, in terms of being an early adopter when there are successful new things, and in terms of helping to create testbeds,” said Clarke. “The U.S. government should be doing more, not in terms of regulating, mandating or dictating; but in terms of facilitating the work of people like the IETF.”

Governmental funding of IETF work is tricky, however, Clarke notes, because the IETF and the Internet and worldwide organizations and entities. “Ownership” is therefore ambiguous, as is the source of research and development funding, he says.

“Issues of BGP, secure BGP and secure DNS have been kicking around in the security group and the protocol groups in the IETF for a long time,” Clarke says. “But nothing much has happened. And that’s in part because who owns the Internet? The world does, so that everyone owns it in common. No one feels responsible for funding this work.”

Clarke says the U.S. government has been in discussion with Jeff Schiller, security area director for the IETF, about funding and testing. Clarke says Schiller is receptive but sensitive to the possibility that the federal government would “dominate” the IETF’s work, Clarke says.

“We’re not interested in dominating, we’re not interested in regulating,” Clarke says. “But we are interested in facilitating their work. What (Schiller) said is that they certainly could use assistance in funding R&D, funding testbeds, that would make it possible for them to make decisions or RFC conclusions more rapidly than they have been.”

Under consideration is the creation of a “civilian DARPA” in the Homeland Security Department to solicit the participation of the private sector in Internet security and stability R&D, Clarke says. DARPA -- the Defense Advanced Research Projects Agency, the research and development arm of the U.S. Defense Department – funded early development of the Internet in the 1970s.

The U.S. government is also discussing joint funding and research with the European National Security Agency, a department of the European Union, Clarke says.

“The real issue is getting somebody – the U.S. government is the logical candidate – to worry about these underlying protocols and support the work of the experts,” Clarke says. “Not impose our solutions, but first of all say to the expert community, ‘We think there are some problems here. Do you?’”