Explain to Shane

Securing the Web with Route Origin Authorizations (with Grace Abuhamad and Robert Cannon)

Jun 10, 2024

Cybersecurity experts Grace Abuhamad and Robert Cannon discuss NTIA's push for ROAs and FCC's proposed rules on BGPs. They highlight the importance of routing security, preventing hijacking, validating website authenticity, and securing web traffic to defend against cyber threats. The podcast delves into the policy behind these decisions, challenges in internet security, and efforts to enhance routing security within the US government.

37:59

Creator website

Episode guests

Robert Cannon

Grace Abuhamad

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

ROAs validate website legitimacy to prevent hijacking and routing errors.

BGP hijacks are thwarted by verifying routing announcements, critical for network security.

Deep dives

Importance of Route Origin Authorizations (ROAs) in Validating Destinations

ROAs serve to validate the legitimacy of websites by ensuring their accurate placement on the network map. This security measure helps prevent accidental misconfigurations and malicious activities like hijacking destinations. For instance, ROAs would have prevented incidents like the accidental YouTube censorship by Pakistan, illustrating the need for accurate destination validation to avoid widespread routing errors.

Intro

3min

Implementation of Route Origin Authorizations (ROAs) in Internet Security

5min

Explaining the Importance of Border Gateway Protocol and Internet Routing

2min

Navigating Policy and Engineering Challenges in Internet Security

3min

Enhancing Routing Security in the US Government

25min

NTIA is championing Route Origin Authorizations or ROA’s as part of the Biden Administration’s cybersecurity plan to fend off nation-state hackers and cyberattacks.

In tandem with this effort, on June 6, the Federal Communications Commission (FCC) advanced a Notice of Proposed Rulemaking aimed at strengthening internet security through the implementation of border gateway protocols (BGPs) for internet service providers (ISPs). While the National Telecommunications and Information Administration (NTIA) already encourages federal agencies to embrace these routing security protocols, the FCC's proposed rule would mandate broadband providers to submit confidential reports on their BGP usage.

This move is an effort to defend against cyber-attacks by validating the legitimacy of websites and securing web traffic, preventing hackers from spoofing government domains, stealing data, and hijacking critical communications.

Here to discuss the policy behind this decision, including routing security, BGPs, and efforts to secure government infrastructure, are Grace Abuhamad and Robert (Bob) Cannon. Grace is the chief of staff at the NTIA, where she previously served as a policy analyst in the Office of International Affairs. Bob is a Senior Telecommunications Policy Analyst at the NTIA. Before joining NTIA, he was a Senior Attorney at the FCC's Office of Policy Analysis.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Explain to Shane

Securing the Web with Route Origin Authorizations (with Grace Abuhamad and Robert Cannon)

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Importance of Route Origin Authorizations (ROAs) in Validating Destinations

Significance of ROAs in Preventing BGP Hijacks

Contractual Challenges in Implementing Routing Security Measures

Collaborative Efforts Towards Enhanced Routing Security

Remember Everything You Learn from Podcasts