The evolving ecosystem: ICANN’s role in the security and stability of the Internet

25 Nov 2019 15:05h - 16:35h

Event report

[Read more session reports and updates from the 14th Internet Governance Forum]

The Internet Corporation for Assigned Names and Numbers (ICANN) has played a vital role in the security and stability of the Internet. Moderated by Mr Nigel Hickson (Vice President, International Governmental Organisation (IGO) Engagement, CANN), this session discussed ICANN’s role, and focused on three main themes: the multistakeholder approach, the continued role of trust, and technical developments to facilitate both.

Placing the issue into a historical context, Ms Tripti Sinha (Board of Directors, ICANN) noted how the Internet’s scale, continued growth, and complexity were a part of its historical legacy. The Internet’s scale had expanded during that time, which brought more security issues, requiring countries to take more regulatory measures to mitigate risks.

Using the analogy ‘it takes a village’, Ms Merike Kaeo (Security and Stability Advisory Committee (SSAC) Liaison to ICANN’s Board of Directors) emphasised the continued need for a multistakeholder approach in order for the Domain Name System (DNS) to exist, operate, and be secure in the face of the changing vulnerability landscape in the DNS ecosystem. The Internet can be used for both good and bad, and when the ‘village’ is under attack, it can impact everyone. Individual users should take responsibility of cyber hygiene and awareness, such as ensuring that their passwords are strong and that the software they use is regularly updated.

Referring to ICANN’s work, Mr David Conrad (Chief Technical Officer (CTO), ICANN) highlighted the organisation’s mission, as specified in its bylaws, and invited participants to participate in ICANN’s reviews, which undergo a public comment period for people to give their comments about ICANN’s work. Ms Avri Doria (Board of Directors, ICANN) emphasised outreach, capacity building, the need for registrars and registries to operate within the law in their different locations, and ICANN’s commitment to implement standards set by the Internet Engineering Task Force (IETF) and other Internet standards making bodies as a means to engender this trust. She emphasised Kaeo’s point on ‘personal hygiene’ by end users, noting that if personal devices are not secure, it affects the global DNS and overall trust.

Focusing on security applications and solutions, Kaeo mentioned the Domain Name System Security Extensions (DNSSEC), DNS over Hypertext Transfer Protocol Secure (HTTPS), noting the need for basic Internet hygiene by end-users. Examples include stronger passwords and two-factor authentication. When it comes to the security and stability of unique identifiers, Conrad reiterated the need for openness, transparency, supporting community deliberations, capacity building, and encouraging deployment of additional security technologies such as DNSSEC.

Kaeo also shared SSAC’s advisories and reports, highlighting a quote by Virginia Burden Tower: ‘Co-operation is the thorough conviction that nobody can get there unless everybody gets there.’

And how is ICANN reacting to the emergence of so many technological developments? Sinha described the emergence of new technologies, applications, and tools – such as the Internet of Things (IoT), artificial intelligence (AI), machine learning (ML), 5G, mobile sensor networks, big data, and blockchain – as an inflection point. With these new technologies come new target points of the DNS, such as man in the middle attacks and cache positing on the technical side, as well as threats to authentication, confidentiality, and integrity on the registry part. With the growth of the Internet and associated technologies comes the generation of more data, which has become a critical resource of these emerging technologies. For the foreseeable future, Sinha stressed ICANN’s overall commitment to a secure, open, and interoperable DNS, supporting change and dynamism in the growth of the Internet, and the need to maintain a single unique namespace globally.

By Sarah Kiden