whois accuracy and public safety
play

WHOIS ACCURACY and PUBLIC SAFETY DBWG - 10/05/2017 Gregory - PowerPoint PPT Presentation

Oct 29, 2022 •125 likes •220 views

WHOIS ACCURACY and PUBLIC SAFETY DBWG - 10/05/2017 Gregory Mounier Head of Outreach European Cybercrime Centre (EC3) EUROPOL Europol Unclassified Basic Protection Level Problem statement WHOIS accurate info is essential: for

  1. WHOIS ACCURACY and PUBLIC SAFETY DBWG - 10/05/2017 Gregory Mounier Head of Outreach European Cybercrime Centre (EC3) EUROPOL Europol Unclassified – Basic Protection Level

  2. Problem statement • WHOIS accurate info is essential: • for trouble shooting at all level • to attribute malicious online activity • RIPE Data accuracy requirements + ex-ante/ex-post audit processes • BUT WHOIS accuracy is still a challenge Europol Unclassified – Basic Protection Level

  3. WHY? – DB does not properly reflect the entire chain of assignments and sub-allocations – Lack of compliance mechanisms to ensure accuracy requirements are implemented by downstream LIRs and their customers -> leads to outdated data. – … Europol Unclassified – Basic Protection Level No

  4. RIPE Members Contractual requirements Art 6.1 of the RIPE NCC Standard Service Agreement • ✓ Members required to maintain correct registration data Art 6.3 Standard Service Agreement: In case of non- • compliance ✓ Suspension ✓ Deregister

  5. SUB-ALLOCATION Section - IPv4 Address Allocation and Assignment Policies : • ✓ A ll assignments and allocations must be registered ✓ Registration data (range, contact information , status etc.) must be correct at all time (i.e. they have to be maintained) • Section 5.4 - IPv4 Address Allocation and Assignment Policies : ✓ LIR is contractually responsible for ensuring the address space allocated to it is used in accordance with RIPE community’s policies. • COMPLIANCE? Europol Unclassified – Basic Protection Level

  6. What would we need: • Require registration of all IP assignments and sub-allocations to downstream providers so entire chain of sub-allocations are accurately reflected in WHOIS • NOT disclose end-user information but instead focus on downstream ISP providing connectivity to the end-user • Ways to ensure adherence to policy requirements Europol Unclassified – Basic Protection Level

  7. Issues to address • Compliance with existing contractual and policy obligations? 1.Option 1: centralised system? Expand RIPE accuracy compliance programme (ARC) not only to RIPE Members (allocated PA = 34K) • and assigned PI (23K) but also to all LIR assignments (assigned PA = 4M) and their customers’ sub- allocations to downstream operators (Sub-allocated PA)? How? How much? • 2.Option 2: Distributed compliance system? Assignment and sub-allocations dependent on existence of a “compliance function” at downstream • resource holder. • Ex-ante due diligence and ex-post controls done at the closest level of the resource. •Can the RIPE database technically “reflect” more than 1 level? • Allow for more level of assignments (nesting)? • What needs to go in “country attribute”? Physical or administrative? • Europol Unclassified – Basic Protection Level

  8. WAY FORWARD • Brainstorming with interested stakeholders ▪ Collaborate with RIPE/RIR communities to find an industry-led solution ▪ Implications for other existing RIPE policies? ▪ Need for a policy change proposal? ▪ “Omnibus policy change proposal” to address all issues at the same time? • Start the discussion on the mailing list in the coming weeks • Present policy change proposal at the next RIPE meeting Europol Unclassified – Basic Protection Level

  9. Thank you gregory.mounier@europol.europa.eu Europol Unclassified – Basic Protection Level

Recommend

WHOIS ACCURACY San Jose, Costa Rica September 29, 2016 Not only RIR community, but public uses

WHOIS ACCURACY San Jose, Costa Rica September 29, 2016 Not only RIR community, but public uses

WHOIS ACCURACY San Jose, Costa Rica September 29, 2016 Not only RIR community, but public uses of WHOIS : Ensuring IP address holders worldwide are properly registered so individuals, consumers and the public are empowered to resolve

429 views • 9 slides
Next Steps for WHOIS Accuracy Global Domains Division ICANN 53 | 24 June 2015 Agenda: Next Steps

Next Steps for WHOIS Accuracy Global Domains Division ICANN 53 | 24 June 2015 Agenda: Next Steps

Next Steps for WHOIS Accuracy Global Domains Division ICANN 53 | 24 June 2015 Agenda: Next Steps for WHOIS Accuracy Reporting System 2 3 1 Introduction and Pilot Project and Phase 1 Status Implementation Lessons Learned Approach 4 5 6

602 views • 26 slides
Development of Open Source RESTful WHOIS Linlin Zhou Why We Need a New WHOIS Protocol WHOIS

Development of Open Source RESTful WHOIS Linlin Zhou Why We Need a New WHOIS Protocol WHOIS

Development of Open Source RESTful WHOIS Linlin Zhou Why We Need a New WHOIS Protocol WHOIS Protocol (RFC 3912) has problems WHOIS has never been internationalized WHOIS was defined for ASCII only WHOIS also has no data model The

316 views • 15 slides
A RESTful Web Service for Whois Andy Newton Chief Engineer, ARIN My Background on Whois

A RESTful Web Service for Whois Andy Newton Chief Engineer, ARIN My Background on Whois

A RESTful Web Service for Whois Andy Newton Chief Engineer, ARIN My Background on Whois Prototyped an LDAP alternative to Whois (RFC 3663) Principal author of CRISP (IRIS) documents RFC 3707, RFC 3981, RFC 3983, RFC 4698, RFC 4991,

558 views • 34 slides
WHOIS Taxonomy Jim Galvin, SSAC Vice Chair 1 Status WHOIS has been discussed for over 10

WHOIS Taxonomy Jim Galvin, SSAC Vice Chair 1 Status WHOIS has been discussed for over 10

WHOIS Taxonomy Jim Galvin, SSAC Vice Chair 1 Status WHOIS has been discussed for over 10 years. The SSAC has issued 5 advisories. From the AoC: ICANN commits to "enforcing its existing policy relating to WHOIS, subject to

270 views • 9 slides
requested WHOIS studies Liz Gasster Senior Policy Counselor February 2011 Goals of WHOIS

requested WHOIS studies Liz Gasster Senior Policy Counselor February 2011 Goals of WHOIS

Update report on GNSO- requested WHOIS studies Liz Gasster Senior Policy Counselor February 2011 Goals of WHOIS studies WHOIS policy has been debated for many years Many competing interests with valid viewpoints GNSO Council

313 views • 7 slides
GNSO-requested WHOIS studies Liz Gasster, Senior Policy Counselor June 2010 Goals of WHOIS

GNSO-requested WHOIS studies Liz Gasster, Senior Policy Counselor June 2010 Goals of WHOIS

Update report on GNSO-requested WHOIS studies Liz Gasster, Senior Policy Counselor June 2010 Goals of WHOIS studies WHOIS policy has been debated for many years Many competing interests with valid viewpoints GNSO Council hopes that

159 views • 13 slides
IPC/BC Presentation: Community Work on Accreditation and Access Model for Non-Public WHOIS 26

IPC/BC Presentation: Community Work on Accreditation and Access Model for Non-Public WHOIS 26

IPC/BC Presentation: Community Work on Accreditation and Access Model for Non-Public WHOIS 26 June 2018 ICANN62 GAC Plenary Meeting Agenda Item 8 - GDPR Discussion Agenda | 2 Context & Timeline 25-May-2018 May-2019 New P/P

366 views • 8 slides
Update report on GNS O- requested WHOIS studies Liz Gasster S enior Policy Counselor October

Update report on GNS O- requested WHOIS studies Liz Gasster S enior Policy Counselor October

Update report on GNS O- requested WHOIS studies Liz Gasster S enior Policy Counselor October 2010 Goals of WHOIS studies WHOIS policy has been debated for many years Many competing interests with valid viewpoints GNS O

347 views • 8 slides
WHOIS RT Update GNSO Council Workshop Brian Winterfeldt 13 October 2012 WHOIS Review Team Final

WHOIS RT Update GNSO Council Workshop Brian Winterfeldt 13 October 2012 WHOIS Review Team Final

WHOIS RT Update GNSO Council Workshop Brian Winterfeldt 13 October 2012 WHOIS Review Team Final Report Current Status: Board requested GNSO Council Input by July 2012 WHOIS RT on Board Agenda for 18 Oct 2012 GNSO Council unable to

293 views • 4 slides
Public Safety Overview Stephen N. Baker Director of Public Safety & Chief of Police PUBLIC

Public Safety Overview Stephen N. Baker Director of Public Safety & Chief of Police PUBLIC

Department of Public Safety Public Safety Overview Stephen N. Baker Director of Public Safety & Chief of Police PUBLIC SAFETY OPERATIONS 8 Divisions - 80 Employees 24/7 Operations 3 Buildings on Kingston Campus 44 Lower

208 views • 8 slides
Verifying Safety and Accuracy of Approximate Parallel Programs via Canonical Sequentialization

Verifying Safety and Accuracy of Approximate Parallel Programs via Canonical Sequentialization

Verifying Safety and Accuracy of Approximate Parallel Programs via Canonical Sequentialization Vimuth Fernando , Keyur Joshi, Sasa Misailovic University of Illinois at Urbana-Champaign CCF-1629431 CCF-1703637 CCF-1846354 Compression

665 views • 63 slides
Next Gen Startup Cultures INNOVATING AS YOU GROW > whoami Jim Plush Sr Director of

Next Gen Startup Cultures INNOVATING AS YOU GROW > whoami Jim Plush Sr Director of

Next Gen Startup Cultures INNOVATING AS YOU GROW > whoami Jim Plush Sr Director of Engineering, CrowdStrike Employee 30 of > 500 Member of the Culture Team @jimplush > whois > whois Endpoint security > whois

1.33k views • 83 slides
whois My name is Vincent Vincent D. Warmerdam - [@fishnets88] - GoDataDriven - koaning.io 1

whois My name is Vincent Vincent D. Warmerdam - [@fishnets88] - GoDataDriven - koaning.io 1

whois My name is Vincent Vincent D. Warmerdam - [@fishnets88] - GoDataDriven - koaning.io 1 whois My name is Vincent I solve data problems, AMA! PyData Chair Rstudio Partner Meetup Organiser koaning.io bayesian Fan of

1.13k views • 94 slides
PLAYFLEX Beautifully simple. Playfmex Safety Tiles Playfmex Safety Tiles Color and Accuracy.

PLAYFLEX Beautifully simple. Playfmex Safety Tiles Playfmex Safety Tiles Color and Accuracy.

Play safe. Playfmex Safety Tiles Playfmex Rubber Safety Tiles Safety surfacing to cushion falls and reduce the risk of injuries Prefabricated modular rubber tiles supplied from 15mm to 105mm in thickness Tested for Critical

450 views • 16 slides
the myth of accuracy Damian Harty, Lucid Motors the myth of accuracy Its easy to believe

the myth of accuracy Damian Harty, Lucid Motors the myth of accuracy Its easy to believe

the myth of accuracy Damian Harty, Lucid Motors the myth of accuracy Its easy to believe that the usefulness (utility?) of any modelling process is directly related to its accuracy Use Accuracy This simple misconception

383 views • 10 slides
Extensions to the ripe-dbase Whois software Manage your IP Address Space with a customized

Extensions to the ripe-dbase Whois software Manage your IP Address Space with a customized

Extensions to the ripe-dbase Whois software Manage your IP Address Space with a customized version of the ripe database whois software Tobias Cremer, Arnd Vehling av@nethead.de Cable & Wireless, Munich, Germany nethead.de, Cologne,

1.09k views • 82 slides
Safety Culture April 15, 2019 | 9:00 a.m. 4:15 p.m. Safety Announcement Safety is our number

Safety Culture April 15, 2019 | 9:00 a.m. 4:15 p.m. Safety Announcement Safety is our number

California Public Utilities Commission Public Discussion on Pacific Gas and Electric Forums on Governance, Management, and Safety Culture April 15, 2019 | 9:00 a.m. 4:15 p.m. Safety Announcement Safety is our number one priority Please

666 views • 42 slides
Public Safety and Public Safety and Homeland Security Homeland Security Bureau Bureau 2008

Public Safety and Public Safety and Homeland Security Homeland Security Bureau Bureau 2008

Public Safety and Public Safety and Homeland Security Homeland Security Bureau Bureau 2008 Hurricane Summit Background Advance statutory mandate for the purpose of promoting safety of life and property through the use of

480 views • 11 slides
Technical Evolution of the Whois Service Preliminary Draft, 15 November 2010 Executive Summary

Technical Evolution of the Whois Service Preliminary Draft, 15 November 2010 Executive Summary

Technical Evolution of the Whois Service Preliminary Draft, 15 November 2010 Executive Summary This preliminary discussion paper, prepared by ICANN staff, analyzes the technical shortcomings of the current Whois service 1 and identifies three

252 views • 8 slides
WA S H I N G T O N S T AT E U N I V E R S I T Y The Supervisor as Safety Manager Environmental

WA S H I N G T O N S T AT E U N I V E R S I T Y The Supervisor as Safety Manager Environmental

WA S H I N G T O N S T AT E U N I V E R S I T Y The Supervisor as Safety Manager Environmental Health & Safety, Public Safety, and the Office of Emergency Management Revised February 2019 Mission Washington State University is a public

198 views • 15 slides
Web Push Notifications Whois They are for push Whois They are for push Timely

Web Push Notifications Whois They are for push Whois They are for push Timely

Web Push Notifications Whois They are for push Whois They are for push Timely Whois They are for push Timely Relevant and Secure Whois They are for push Timely Relevant and Secure

664 views • 32 slides
STATE OF VERMONT DEPARTMENT OF PUBLIC SAFETY FY16 BUDGET PRESENTATION PRESENTED BY COMMISSIONER

STATE OF VERMONT DEPARTMENT OF PUBLIC SAFETY FY16 BUDGET PRESENTATION PRESENTED BY COMMISSIONER

STATE OF VERMONT DEPARTMENT OF PUBLIC SAFETY FY16 BUDGET PRESENTATION PRESENTED BY COMMISSIONER OF PUBLIC SAFETY KEITH W. FLYNN DEPARTMENT OF PUBLIC SAFETY MISSION STATEMENT The Department of Public Safety provides planning, prevention, and

613 views • 48 slides
NDPERS Public Safety Retirement Plan DEFINED BENEFIT Public Safety Plan Funded by

NDPERS Public Safety Retirement Plan DEFINED BENEFIT Public Safety Plan Funded by

NDPERS Public Safety Retirement Plan DEFINED BENEFIT Public Safety Plan Funded by contributions and investments Defines the benefit payment using formula Guaranteed member account balance Eligibility At least 18 years of age

616 views • 38 slides

More recommend