Improving Technical Security Mutually Agreed Norms for Routing Security (MANRS)

A new approach to Internet security comes to Cape Town

The Internet Society will present its approach to online security – Collaborative Security –  at the Mobile 360 conference and people who are there to contribute their share in ensuring trust on the Internet.

Mobile 360 is a conference that gathers telecom and Internet operators, governments, civil society and others. The meeting takes place in Cape Town, South Africa, from October 7 to 9. This year, one of the hot topics of the conference is Internet Security, which has become the leading preoccupation of network operators, governments and users alike.

The Internet Society will present its Collaborative Security approach to Internet Security. This strategy is based around the thought that, since it’s people who hold the Internet together, a truly secure Internet can only come from people cooperating and working together.

In the last three decades, the Internet has changed the lives of most of us around the world. It has been a cornerstone in remarkable social and economic innovation in ways that we could never have imagined.

This has been possible thanks to the intrinsic properties of the Internet that never change.  

However, these same features have made attacks to the Internet and its users by criminals easy. Its “openness and global reach” have made cross-border attacks and cyber crime easy to operate. Its “permission-free innovation” has facilitated the development and deployment of malware. Even its “spirit of cooperation” is misused by people with malicious intent.

Until recently, the most dominant approach to Internet security has been targeted towards fighting external and internal threats. This paradigm has proved to be inefficient and sometimes a risk for the growth of the Internet. There is, however, a growing recognition of a new paradigm that Internet security should be about protecting opportunities for economic and social prosperity, as opposed to a model based on preventing perceived harm. 

The collaborative security approach is built on this and has five key elements:

  1. Fostering confidence and protecting opportunities: The objective of security is to foster confidence in the Internet.
  2. Collective Responsibility: Internet participants share a responsibility towards the system as a whole.
  3. Fundamental Properties and Values: Security solutions should be compatible with fundamental human rights and preserve the fundamental properties of the Internet, thus the Internet Invariants.
  4. Evolution and Consensus: Effective security relies on agile evolutionary steps based on the expertise of a broad set of stakeholders.
  5. Think Globally, act Locally: It is through voluntary bottom-up self-organization that the most impactful solutions are likely to be reached.

Network operators are major stakeholders that can contribute to the collaborative security.

One very practical way for operators to implement their share in bringing trust for users is by implementing best practices in operating their networks. Mutually Agreed Norms for Routing Security (MANRS) defines four concrete actions that network operators should implement including

  1. Prevention of propagation of incorrect routing information.
  2. Prevent traffic with spoofed source IP addresses.
  3. Facilitate global operational communication and coordination between network operators.
  4. Facilitate validation of routing information on a global scale. 

The Internet Society urges African network operators to subscribe to MANRS and contribute to making Internet routing more secure for the benefit of all.

Learn more about ‘The Power to Browse: Internet Governance for Digital Africa’ Panel Discussion from Mobile 360 Conference Agenda