Olaf Kolkman, open standards advocate and CTO of the Internet Society (ISOC) (an affirming partner of the OpenStand Principles) has long been focused on the need for collaborative security.
This last summer, Kolkman gave the keynote address for the 27th Annual FIRST Conference on the topic of: “Collaborative Security – Reflections about Security and the Open Internet.”
Kolkman addressed how security policies are often premised at “stopping bad things and not on what the properties are that need protected.” When thinking about Internet security, contributors also need an “external perspective in order to trade off their actions towards the bigger internet.” This is called Collaborative Security.
Within a collaborative security framework, contributors must “reflect on resiliency, about outward facing security, governance, and give some examples of collaborative security and the difficulty of them getting traction,” said Kolkman.
During his talk, Kolkman discussed how an “open Internet is a powerful driver for social, technical, and economic interaction. Its success is based on invariants like openness and permissionless innovation – properties that not only create opportunities but also contribute an increased threat surface to the Internet.”
Kolkman’s talk also focused on the Internet Society’s April 2015 report on Collaborative Security in which describes their approach for tackling Internet security issues. In this report, Collaborative Security is characterized by five key elements:
- Fostering confidence and protecting opportunities: The objective of security is to foster confidence in the Internet and to ensure the continued success of the Internet as a driver for economic and social innovation.
- Collective Responsibility: Internet participants share a responsibility towards the system as a whole.
- Fundamental Properties and Values: Security solutions should be compatible with fundamental human rights and preserve the fundamental properties of the Internet — the Internet Invariants.
- Evolution and Consensus: Effective security relies on agile evolutionary steps based on the expertise of a broad set of stakeholders.
- Think Globally, Act Locally: It is through voluntary bottom-up self-organization that the most impactful solutions are likely to reached.
To view the video of Kolkman’s talk or review his slides, click here.