Colleagues
[Apologies to Job for copying your email from the Routing WG but you
explained it well :) ]
The RIPE NCC has asked the Database WG Chairs to facilitate a working
group conversation on framing the RIPE Database service subcomponents
in terms of criticality.
At the bottom of this email is a form that focuses on three
components: confidentiality, integrity and availability. Each
component is split into three questions (a, b, and c), a total of 9
questions are being put forward to the working group. We envisage this
process to be a public consultation: WG participants can submit
(free-form) responses, and also chime in by replying to each other's
responses; hopefully bringing us to a degree of consensus in the
coming weeks.
We believe this is a unique opportunity to help the RIPE NCC! The goal
is to help the RIPE NCC develop a deeper understanding of how the
moving parts fit together, which in turn helps decide where and how to
invest resources.
>>> Your feedback is much appreciated! <<<
cheers,
denis, William
DB WG co-chairs
----------------------- FORM STARTS HERE -----------------------
Service Criticality Form - RIPE Database
Introduction
------------
This form is used to gather input from the community on the service
criticality of the RIPE database.
The framework is detailed in
https://labs.ripe.net/author/razvano/service-criticality-framework/
The service criticality has three components:
* Confidentiality
What is the highest possible impact of a data confidentiality
-related incident (data leak)?
* Integrity
What is the highest possible impact of a data integrity -related
incident (hacking)?
* Availability
What is the highest possible impact of a service availability
-related incident (outage)?
All our services are designed with at least 99% availability, so
please consider outages of up to 22 hours.
Service Purpose
---------------
The RIPE Database is the public internet registry for the RIPE NCC
region, comprised of:
* Internet Number Registry
* Internet Routing Registry
* Reverse Delegations
The critical parts of the service are:
* Query (Port 43, REST API, NRTM, Web Application)
* FTP dumps (whole database and split files)
The non-critical part of the service is:
* Update (REST API, Mailupdates, Syncupdates)
Service Criticality
-------------------
Please review the following three areas.
(1) Global Routing
Incident Severity
* Low (No / negligible impact)
* Medium (One or a few ASes are unavailable)
* High (Many ASes in a region are unavailable)
* Very High (Global Internet routing disruptions)
Please rate the incident severity (Low to Very High) in the following
three areas. Please explain why.
(a) Confidentiality (Impact level of incidents such as data leaks)
(b) Integrity (Impact level of incidents such as hack attempts)
(c) Availability (Impact level of service outage incidents, up to 22
hours per quarter)
(2) IP addresses and AS Numbers
Incident Severity
* Low (No / negligible impact)
* Medium (Local disruptions (registration information not being
available for some entities))
* High (Regional disruptions (registration information not being
available for the RIPE NCC region))
* Very High (Global disruptions (lack of registration information for
all AS Numbers and IP addresses))
Please rate the incident severity (Low to Very High) in the following
three areas. Please explain why.
(a) Confidentiality (Impact level of incidents such as data leaks)
(b) Integrity (Impact level of incidents such as hack attempts)
(c) Availability (Impact level of service outage incidents, up to 22
hours per quarter)
(3) Global DNS
Incident Severity
* Low (No / negligible impact)
* Medium (Local disruptions)
* High (Regional disruptions)
* Very High (Global disruptions)
Please rate the incident severity (Low to Very High) in the following
three areas. Please explain why.
(a) Confidentiality (Impact level of incidents such as data leaks)
(b) Integrity (Impact level of incidents such as hack attempts)
(c) Availability (Impact level of service outage incidents, up to 22
hours per quarter)
--
To unsubscribe from this mailing list, get a password reminder, or change your
subscription options, please visit:
https://lists.ripe.net/mailman/listinfo/db-wg
