In the Internet We Trust? Security Issues in Internet Governance

Embargo until
Date
2014-09-25
Journal Title
Journal ISSN
Volume Title
Publisher
Johns Hopkins University
Abstract
Underlying all military, political, and individual use of the Internet is trust. The ability of the Internet to live up to that trust is weakening, in part due to increasing demands for ever-expanding applications, and in part due to the increasing diversity of malicious actors, including states, seeking to control or conform the Internet to their purposes. This thesis argues that a systemic, global loss of trust is just starting to broadly occur in the Internet’s ability to transmit data securely and in the current multistakeholder model of Internet governance to govern fairly. This ebbing of trust in both the technical and the policy levels creates a need to apply a new generation of accountability mechanisms that extend beyond market dynamics. Each of the three chapters in this thesis focuses on an aspect of waning trust due to global vulnerabilities in the Internet’s infrastructure and governance. The first chapter posits that certificate authorities possess a degree of immunity to traditional reputational pressures, and suggests drawing from lessons learned in the private military contractor industry to make reputation more important and increase accountability. The second chapter evaluates whether security solutions to Border Gateway Protocol (BGP) vulnerabilities are adequate to address deliberate, state-sponsored attacks. The third chapter analyzes schools of thought on Internet governance models and asks whether U.S. policy positions regarding surveillance and historic legislation regarding access position the country for continued leadership in the current model. All three chapters used case studies primarily of cyber incidents, as well as trust-based frameworks, to examine evidence. The paper concludes that trust-based mechanisms, including reputational levers, trust frameworks, and national accountability structures, are available for use by individual companies, networks of networks, and at the state level, respectively, but current policy prescriptions are not widely taking advantage of them. Most significantly, the U.S. government’s ability to push for trust-based solutions in the Internet’s technical infrastructure may weaken if the U.S. cannot inspire trust in its own leadership. Thesis Advisors and Readers: Dr. Benjamin Ginsberg, Dr. Kathryn Wagner Hill, Dr. Sarah O’Byrne, Mr. Thomas Stanton, and Dr. Jacob Straus.
Description
Keywords
Internet, governance, cybersecurity, trust, information technology, data breach, certificate authorities
Citation