Call for Action: The Internet Threat Model Needs a Change
Jari Arkko is a Senior Expert with Ericsson Research. He has also served as the Chair of the Internet Engineering Task Force (IETF), the Internet technology standards development organisation, has worked on routers, testing tools, AAA systems, AI, and cellular networks. He likes to personally build and and use the technology that he works with. Today he works on Internet evolution and 5G. He is a member of the Internet Architecture Board (IAB) and a frequent contributor in matters relating to the Internet architecture and trends. He has also worked on a number of Internet administration-related topics, including the IANA transition.
Communications security has been at the center of many recent security improvements in the Internet, to protect communications against outside observers and attackers. Communications security is, however, alone sufficient to cater for the pressing security issues in the Internet. Given the advances in encrypting most Internet communications, the current security challenges are largely in the endpoint systems, and how trustworthy they are. For instance, compromised IoT devices, applications on a user’s device that are not acting on the best interests of the user, connecting to services that are compromised, or services whose interests simply do not align with the interests of the users. There is also an increased risk for pervasive monitoring through applications even when their communications are protected cryptographically. This talks reviews recent security advances and current threats. The talk discusses the challenges ahead and how those affect the IoT technology community in particular.