The Global Culture of Cybersecurity

13 November 2007 - A Workshop on Security in Rio de Janeiro, Brazil

Agenda

The Workshop is going to explore the structure and main frame of the “global culture for cyber-security”, discuss the possible different view points on what should be included into this global awareness, what is not. There may be many important topics to be developed under this theme. We have already successfully organized the workshop of global culture for cyber security at the first IGF meeting. During the workshop a draft proposal of World Norm on Internet has been put forward and thoroughly discussed. At the second IGF meeting, we’d like to keep on with this important and interesting topic and further explore the way of arriving at the consensus on this issue. The emphases will be: (1) How to build and spread trust through the Internet, and how to construct the trust framework on the Internet; (2) How to build ethical principles concerning self-consciously resisting the use of Internet to spread junk mails, viruses, worms, Trojan horses, illegal or harmful information, interfere or attack information systems, steal confidential data and violate privacy. The workshop will also keep close watch on the similar issues such as the Guidance of Internet security suggested by the ITU.

Organizers

1.CCIT/CAST (Consultative Committee on UN Information Technology under China Association for Science and Technology) CAST is composed of 167 national academic and professional societies and associations for science and technology of China.

2) ISC (Internet Society of China) sponsored by more than 70 sponsors and now has 200 members including 177 organizational members and 23 individual members.

3) ISOC

4) WFEO-CIC (Committee on Information and Communication, World Federation of Engineering Organizations)

5) IT for Change (India)

6) Program for the study of International organization(s), Graduate Institute for International Studies(Geneva)

7) UN GAID ESDDC (Global Alliance for Enhancing Access to and Application of Scientific Data in Developing Countries), Twenty-nine organizations from 17 countries have already been participating in this alliance.

Panellists

1.Prof. Wolfgang Kleinwächter, International Communication Policy and Regulation, University of Aarhus; Special Advisers to the Chair of IGF. Speech title:Towards a Global Policy Framework for the Internet of the Future: From Internet Governance to the Governance of the Internet

2.Dr. William Drake, Director of the Project on the Information Revolution and Global Governance, the Graduate Institute of International Studies, Geneva, Switzerland. Speech title:The distributed global governance of cybersecurity.

3.Mr.Parminder Jeet Singh, Executive Director of IT for Change. Speech title:Freedom and Security in the cyberspace--Need for a Global Political Response to a Global Issue

4.Dr. Willie Currie, Communications and Information Policy Programme Manager, Association for Progressive Communications (APC) Speech title:'Identifying global public policy to address cyber-war, peace and security - a perspective from civil society'

5.MS.Leslie Daigle, ISOC's Chief Internet Technology Officer

6.Prof.Sihan QING,Director General of Engineering Research Center for Information Security Technology under Chinese Academy of Sciences (ERCIST, CAS).

7.Ms.Chuang LIU, Co-Chair of UN-GAID e-SDDC Executive Committee and Director of the Institute of Geography and Natural Resources at the Chinese Academy of Sciences,

Aditional Information
A Proposed Framework on World Norm of Internet (Ver. 2)

1. Preface
We all live in a single globe and each of us has a beautiful dream of having a peaceful world and a happy life. The Internet emerged as an information highway connecting more and more computers and people. Fascinating commerce activities such as banking, electronic shopping, bill payment, taxation, etc. are being shifted to the Internet for high efficiency and low cost. Doing things online has a great benefit of an always-on availability to the users everywhere in the world. We are witnessing a change of our society towards e-commerce, e-business and e-government and towards an increasing reliance on the Internet.
Nevertheless, new vulnerabilities and risks resulting from the development become a major barrier to the success of the Internet online usages. Not only the good guys, but also the criminals can use the state of the art technology to introduce harms on the Internet. On the other hand, even for the good guys, due to different social, cultural and religious background, they may have different understanding of nature and the society and thus may employ different strategies and approaches to the same goal.
Consequently, the governance of Internet is of great importance. Internet Governance can be regarded as complex system engineering, and it should cover all aspects of openness, security, diversity, and access. Realizing that the world is never going to be perfect, either on- or offline, we have to proceed to realize our final goal of having a better life step by step.
As the first step to approaching the goal, we are going to propose a Framework on World Norm of Internet (hereafter referred to as WNI for short). It is neither a legislative regulation, nor a technical standard, it is rather a self-disciplinary agreement that is expected to maximally conform to the benefits of the most individuals and groups of people on the globe and therefore could possibly gain the support from the related parties.
We triumphantly organized a Workshop entitled “Global Culture for Cyber-security” at the Inaugural IGF meeting taking place in Athens, Greece from 30 October to 2 November, 2006. A draft WNI (Ver. 1) was proposed at the workshop and attracted significant coverage from the participants. Although the version one of the Norm proposed may not come to perfection, but we may improve it gradually and we hope that it may finally become the consensus of opinion at the some subsequent meeting.
According to the feedbacks and comments, we proposed a refinement of the WNI (Ver. 2) here, and welcome more comments and suggestions.

2. Contents
(A) The Openness of Internet
The openness of Internet is of vital significance. It reflects the vitality, universality and popularity of the Internet. The basic requirements for achieving the openness of Internet are the following.

A-1. All individuals and organizations have the privileges to contribute their trustworthy and valuable information/knowledge to other individuals and organizations by Internet.
A-2. The information and experience/knowledge stored in Internet should be allowed to freely disseminate around the world.
A-3. It is suggested that all nations and individuals open their doors for receiving and learning trustworthy and valuable information and knowledge provided by other nations and people.
A-4. It is suggested that all nations and individuals not set up barriers for blocking information flows to and from Internet.
A-5. Some universal architecture, framework, policies and protocols for the Internet should be established worldwide so that the openness and interoperability can be guaranteed.
A-6. The openness of Internet should, however, not be abused by any individuals and groups, such as to introduce harms to others, compromise confidential information protected by laws and regulations.

(B) The Security of Internet
Hackers today have become more sophisticated and the Internet security has faced more challenges. As a result, to defeat the various attacks dozens of tasks have to be done. The necessary measures need to be taken are as follows.

B-1. It is requested that all information created for, and contributed to, the Internet be trustworthy and valuable for the evolution of human being and prosperity of the world.
B-2. The contents created for, and contributed to, the Internet should be trustworthy and valuable for maintaining human ethics and morality, for the protection of privacy and human rights, for the protection of all people, particularly women and children, disabled people and weak group of people.
B-3. The contents created for, and contributed to, the Internet should be trustworthy and valuable to all nations and people, regardless of race or creed.
B-4. It is requested that the operators of the networks take on the responsibility for making efforts to keep the high reliability and high quality of services (QoS).
B-5. It is requested that the users of Internet be strictly observe the related regulations when accessing and utilizing the Internet.
B-6. All nations and individuals should go along shoulder to shoulder to take all measures to defeat various attacks and cyber crimes, such as Trojans, viruses, worms, spyware, spam and phishing.

(C) Diversity
The world is composed of many countries, big and small, with different political systems, living standards, races and nationalities. The world is also colorful; there are miscellaneous forms of religion and belief, philosophical systems, and natural environment. The Internet applications are required to have the characteristic of diversity.

C-1. The contents created for, and contributed to, the Internet should be allowed to embody all types of experience and knowledge from all over the world.
C-2. The information and knowledge stored in Internet should be able to be expressed in any different native languages. This should be protected by international regulations.
C-3. It is necessary for the related parties to assist the minorities and weak groups of people to modernize their languages, writing and spoken, by using ICT and Internet.
C-4. Individuals, companies and related parties are encouraged to develop advanced as well as affordable technology of Machine Translation that can make the mutual exchange and learning among different cultures more convenient.

(D) Access
To make the Internet more powerful and easy to use, especially resistant against the denial of service attacks, we need to set up the following self-disciplinary agreements.

D-1. The governments and the operators of Internet should do their best to spread the networks to cover every place where people are living, whether in city or in rural areas.
D-2. The governments and the operators of Internet as well as the related parties should make policy for people’s access to the networks with convenience and affordable prices.
D-3. The operators of Internet should provide the users with the roaming ability from one region to others so that users are able to access the information and knowledge with no barriers.
D-4. The users themselves, when using the Internet, should never violate the regulations that made for supporting the secure and efficient utilization of the networks.
D-5. The information society and individuals all over the world should do their best to defeat the denial of service and other attacks to make Internet an always-on accessible facility.

(E) International Collaboration
As we mentioned before, Internet Governance can be viewed as complex system engineering, hence in order to arriving at a better Internet Governance the international collaboration is a prerequisite.

E-1. It is desirable and necessary for Internet authority and telecommunications authority to have better cooperation on the integration between Internet and telecommunication so that more advanced information services can be provided to the public.
E-2. It is needed to have an organizational authority to monitor the quality of services maintaining, diagnose the faults of operations and arbitrate disputes. All related parties should give firm support to the authority.
E-3. It is desirable and necessary to establish several permanent forums, such as the Internet Governance Forum, each has its specific tasks, for timely and effectively soliciting the suggestions, comments and contributions from all parties, including governments, NGOs and professionals.

PS. The version 2 created on 2007-10-14.