Security department may oversee Internet infrastructure
The Homeland Security Department may take more of a direct role coordinating the security of the Internet's infrastructure, a top administration official said Tuesday.
The Bush administration's acting cybersecurity adviser Howard Schmidt said in an interview that homeland security and government agencies officials are working to formalize a security apparatus for the global Internet root servers, a series of computer systems that underpin the Internet's address system.
After an attack on those servers and the Internet domain-name system last October, Schmidt, several agencies officials, computer-security experts and root-server operators discussed in January how they could better respond to such incidents.
Their talks identified the need to develop a framework for determining when individuals and companies that operate the Internet's mission-critical domain system should report an attack or disturbance to government officials.
"We're doing two things in that vein: One is we're looking at what are things we really care about or that the government should know about" concerning Internet attacks, he said.
"We're looking at institutionalizing the standard protocols for communication back and forth" between the root-server community and the U.S. government, Schmidt said in comments to Technology Daily following his speech to the SecurE-Biz conference in Arlington, Va.
The Internet Corporation for Assigned Names and Numbers (ICANN) was created in 1998 to provide oversight and coordination for the Internet's domain-name system, which includes issues like root-server security. The Commerce Department's National Telecommunications and Information Administration (NTIA) delegated that authority to the ICANN under an agreement that has been extended annually.
"Obviously, ICANN and NTIA ...have a play in this. But when we look at it as it relates to homeland security's new information-protection piece, [the Homeland Security Department] has a play in it as well," Schmidt said.
"What we want to do is look at the role ICANN has to play and how it relates to the day to day operations of what we are doing. They are working on an annual basis as opposed to a ... real-time basis," he said.
When asked whether the discussion could lead to the Homeland Security Department executing a direct role in root-server security through the government's relationship with ICANN, Schmidt said "the roles and responsibilities are going to be determined as we pull this group together."
There are plans for the group to meet again, Schmidt said. He added that Homeland Security Secretary Tom Ridge is very concerned about cybersecurity and pays close attention to it.