再保险:你的法律顾问在击败DDOS攻击

帕斯卡贝写道:>美国policy-setters应该意识到如果>互联网将是一个经济的基础设施,>然后应该照顾对待,资源和法律>执法力量,其他基础设施。迈克·普罗塞写道:>谁来设置这些标准,实施....我>不知道这个问题的答案。我们有“大政府”>设置标准?信息是如何被驱动的>英国,但如何飞其他地方吗?我们做>标准自愿?任何人都可以遵守它们,>那些不不会....没有牙齿,你如何执行> ?介于两者之间是我最好的猜测。,帕斯卡和迈克的言论引发了一些不错的讨论在主教法冠。虽然这可能太迟了阿兰的最后期限,这是我的这些讨论。认为这是一个潜在的警告所有的已经提供良好的技术建议。 Dave Mann ********************************************************** As responsible technologists, we must always be aware of the limitations of what technology can accomplish. To that end, we must be careful to not perpetrate the myth that the information security problem and its solutions are purely technological. In particular, there are important legal and political issues that must be addressed for real change to take effect. Until the legal landscape of cyberspace becomes better defined and until issues surrounding liability, criminality and jurisdiction are decided, we are doomed to an ineffectual game of technological cat and mouse with cyber-criminals. Definitions of responsibility and liability must be determined, and meaningful consequences must be established for all who are involved with the internet in any way. While the government is a critical part of the solution, we also recognize that there are good reasons for the broader community to shape and define as much of this landscape as possible, especially in the early phases. The establishment of the internet (like the establishment of other technologies such as the automobile, the telephone, electric power, railroads and others) is fundamentally altering how we live and conduct business. It is difficult to determine issues of legality during those times when new infrastructures are being established. However, eventually citizens demand the rule of law to protect the rights of the individual, and business demands the rule of law to protect commerce. The ultimate solution for preventing or mitigating the distributed denial of service attacks of the future will necessarily involve both technological advances and the creation of a larger legal framework that will allow those who are responsible to be held accountable. -- ========================================================= David Mann || phone: (781) 271 - 2252 INFOSEC Engineer/Scientist, Sr || Enterprise Security Solutions || fax: (781) 271 - 3957 The MITRE Corporation || Bedford, Mass 01730 || e-mail: damann@mitre.org