What if I told you that cyber attacks could be prevented long before they ever happened, years before any would-be attacker seized on the opportunity to probe your network’s intrusion detection and prevention system?
You’d probably tell me I had lost my mind, or maybe that the internet would need to be rebuilt from the ground up. Or perhaps you’d just ignore me altogether because there’s no possible way this idea could ever see the light of day.
Believe it or not (and no one would blame you for not believing it) – this “internet utopia” is what researchers are currently working toward.
The project is called the Bright Internet, and its construction, infrastructure, protocols, and technologies are night and day from the internet we use every day.
Today’s internet exists in a defensive, reactive posture. Organizations do everything they can to add defensive layers to protect themselves against cyber threats, but we all know that those cyber threats will continue to evolve, making it harder to detect and prevent attacks.
During the time I spent in the U.S. Army, a big part of my job was providing near-real-time threat intelligence to soldiers on the battlefield. These teams of soldiers were actively seeking out threats to eliminate, and it was in the military that I learned the importance of a proactive posture to security in a hostile environment.
Much of today’s work takes place in hostile territory – the internet.
Perhaps that’s why I’m so excited about the potential of the Bright Internet project – it 'flips the script'.
The Bright Internet takes a preventive approach to security, implementing this preventive approach at the protocol and policy level.
With measures built-in to prevent privacy issues (ensuring anonymity), but also structured in such a way as to ensure attackers do not have ‘safespaces’, etc, the Bright Internet can arguably be thought of as Information Security 2.0.
Sounds cool! What IS the Bright Internet?
In short, it is a new framework for global societal information infrastructure. Or in other words, the Bright Internet is a new way for the world to connect and share information.
Researchers understand that effective preventive security has the potential to impact online anonymity, and to ensure those potential impacts are remedied, have proposed five design principles for the inception and implementation of the Bright Internet.
While I don’t have the room in this blog to dive into each of the design principles, the short version is that these principles place responsibility for nefarious activity at various levels throughout the internet, while also ensuring innocent people can maintain anonymity while online. I’ll list each of the principles with a short explanation:
- Principle of Origin Responsibility – This principle insists that originators of malicious code, illegal hacking, etc should be held responsible for the consequences arising from their malicious behaviors. In other words, threat actors should be held responsible for their actions.
- Principle of Deliverer Responsibility – This principle means that internet service providers, compromised machines, or anyone else who is involved in the delivery process of cyber attacks (even if that involvement is unintentional) should cooperate to prevent delivering harmful information to a potential victim. In today’s internet, the only measure in place along these same lines is litigation against the company which owned the servers from which the attack sources.
- Principle of Identifiable Anonymity – This principle is probably the most controversial of all and insists that the real name or identity of the criminal sending the malicious code or launching the cyber attack should be identifiable in near-real-time within the context of a valid search warrant. This principle also insists though, that the privacy of innocent netizens should be protected.
- Principle of Global Collaborative Search – This principle notes that it is essential countries collaborate globally “in terms of communication, cooperation, execution, and reporting”.
- Principle of Privacy Protection – This principle is put in place to ensure that the design of the Bright Internet must ensure the protection of netizens’ privacy, which is arguably threatened by implementing preventive security principles, where threat actors’ nefarious actions are spotlighted globally.
The easiest way to understand the Bright Internet is to see its design in comparison to today’s internet.
Figure 1 below provides a graphical, though simplified, comparison.
Today’s internet is protective (and reactive) in nature, and the responsibility for sending malware, for example, lies only with the anonymous sender.
The preventive (and proactive) security system on which the Bright Internet is built spreads responsibility across each layer of the path – from sender to targeted victim.
Figure 1. Protective Security (Today’s Internet) vs. Preventive Security (Bright Internet) – see references for source.
If the above system sounds difficult to implement, it most certainly is. At the highest levels of academia, government, and policy, conversations surrounding this next generation of the internet are currently taking place.
The Bright Internet won’t launch tomorrow, and there is still much work to be done before global acceptance and implementation, but if we can collaborate and come to mutually beneficial agreements on a never-before seen global scale, then the future of the internet, global collaboration, and global sharing – the future is indeed…‘Bright’.
Lee, J. K., Cho, D. and Lim G.G. (2018). Design and Validation of the Bright Internet. Journal of the Association for Information Systems 19(2), pp. 63-85
For more ideas, thoughts and analysis from our security experts, check out our technical blog here.