Μια πρώτη καταχώρηση με θέμα το RFC 4778 Current Operational Security Practices in Internet Service Provider Environments.
It presents several aspects of ISP security – threats and presents for each of them:
# what kind of threat/danger it constitutes
# what are the current practices for its mitigation
# maps the best practices to security services.
The security services that all practices boil down to are:
o User Authentication
o User Authorization
o Data Origin Authentication
o Access Control
o Data Integrity
o Data Confidentiality
o Auditing/Logging
o DoS Mitigation
The threats relate to:
#Device Physical Access
#Device Management – In-Band and Out-of-Band (OOB)
#Data Path
#Routing Control Plane
#Software Upgrades and Configuration
#Integrity/Validation
#Logging Considerations
#Filtering Considerations
#Denial-of-Service Tracking/Tracing