Aaron Burstein
Citation
Aaron Burstein. "Network Security and the Need to Consider Provider Coordination in Network Access Policy". Talk or presentation, 10, October, 2007.
Abstract
The policy debate over how to govern access to broadband networks has largely ignored the objective of network trustworthiness—a set of properties (including security) that guarantee that a network will behave as expected. Instead, the terms of the network access debate have focused on whether imposing a nondiscrimination, or network neutrality, obligation on service providers is justified by the condition of competition among last-mile providers. Some argue that, in the absence of a nondiscrimination obligation, service providers will discriminate against content, applications, and services that they (or their affiliates) do not provide. Others argue that this kind of discrimination is unlikely and that a nondiscrimination obligation would reduce incentives to invest in improving networks and developing new applications and services.rnrnOne point of agreement is that any nondiscrimination obligation must allow network providers to take measures to protect network security. This agreement, however, is rather abstract. Legislative, regulatory, and scholarly proposals have set forth substantially different security exceptions to nondiscrimination rules; but there has been little analysis of how these exceptions would affect the corresponding rule. Just as importantly, there has been little analysis of whether various exceptions allow sufficient room to defend against modern-day attacks. Moreover, the question of how network access policy affects other elements of trustworthiness, such as privacy, have gone unexamined. Put simply, network trustworthiness and network neutrality are closely related technologically and through network access policy. Decisions about technology or policy that are based on either trustworthiness or network neutrality principles in isolation pose the risk of affecting the other area in unexpected and undesirable ways.rnrnThis paper seeks to expand the network access policy debate to include both trustworthiness and neutrality. Our analysis leads to three principal conclusions. First, network providers need leeway to block or degrade traffic within their own subnets, as well as traffic exchanged between providers’ subnets, in order to offer guarantees against certain kinds of attacks. Some currently proposed security exceptions to network neutrality requirements fail to allow such blocking. Second, some trustworthiness guarantees that are within technical reach, such as routing guarantees, would require service providers not to refuse to interconnect. The potential competitive effects of service provider coordination—which is critical in establishing these guarantees—warrant further study. Finally, individual providers are well situated to provide stronger privacy and confidentiality guarantees, without either coordinating with other providers or awaiting new technology. Drawing greater attention to the competitive dimensions of these elements of trustworthiness would likely help induce service providers to strengthen these guarantees.
Electronic downloads
Internal. This publication has been marked by the author for TRUST-only distribution, so electronic downloads are not available without logging in.
| Citation formats |
- HTML
Aaron Burstein. <a href="http://www.truststc.org/pubs/291.html" ><i>Network Security and the Need to Consider Provider Coordination in Network Access Policy</i></a>, Talk or presentation, 10, October, 2007.
- Plain text
Aaron Burstein. "Network Security and the Need to Consider Provider Coordination in Network Access Policy". Talk or presentation, 10, October, 2007.
- BibTeX
@presentation{Burstein07_NetworkSecurityNeedToConsiderProviderCoordinationInNetwork, author = {Aaron Burstein}, title = {Network Security and the Need to Consider Provider Coordination in Network Access Policy}, day = {10}, month = {October}, year = {2007}, abstract = {The policy debate over how to govern access to broadband networks has largely ignored the objective of network trustworthiness—a set of properties (including security) that guarantee that a network will behave as expected. Instead, the terms of the network access debate have focused on whether imposing a nondiscrimination, or network neutrality, obligation on service providers is justified by the condition of competition among last-mile providers. Some argue that, in the absence of a nondiscrimination obligation, service providers will discriminate against content, applications, and services that they (or their affiliates) do not provide. Others argue that this kind of discrimination is unlikely and that a nondiscrimination obligation would reduce incentives to invest in improving networks and developing new applications and services.rnrnOne point of agreement is that any nondiscrimination obligation must allow network providers to take measures to protect network security. This agreement, however, is rather abstract. Legislative, regulatory, and scholarly proposals have set forth substantially different security exceptions to nondiscrimination rules; but there has been little analysis of how these exceptions would affect the corresponding rule. Just as importantly, there has been little analysis of whether various exceptions allow sufficient room to defend against modern-day attacks. Moreover, the question of how network access policy affects other elements of trustworthiness, such as privacy, have gone unexamined. Put simply, network trustworthiness and network neutrality are closely related technologically and through network access policy. Decisions about technology or policy that are based on either trustworthiness or network neutrality principles in isolation pose the risk of affecting the other area in unexpected and undesirable ways.rnrnThis paper seeks to expand the network access policy debate to include both trustworthiness and neutrality. Our analysis leads to three principal conclusions. First, network providers need leeway to block or degrade traffic within their own subnets, as well as traffic exchanged between providers’ subnets, in order to offer guarantees against certain kinds of attacks. Some currently proposed security exceptions to network neutrality requirements fail to allow such blocking. Second, some trustworthiness guarantees that are within technical reach, such as routing guarantees, would require service providers not to refuse to interconnect. The potential competitive effects of service provider coordination—which is critical in establishing these guarantees—warrant further study. Finally, individual providers are well situated to provide stronger privacy and confidentiality guarantees, without either coordinating with other providers or awaiting new technology. Drawing greater attention to the competitive dimensions of these elements of trustworthiness would likely help induce service providers to strengthen these guarantees.}, URL = {http://www.truststc.org/pubs/291.html} }
Posted by Larry Rohrbough on 16 Oct 2007.
For additional information, see the
Publications FAQ or
contact webmaster at www truststc org.
Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.