当前位置:
X-MOL 学术
›
Journal of Cybersecurity
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
Private active cyber defense and (international) cyber security—pushing the line?
Journal of Cybersecurity ( IF 2.9 ) Pub Date : 2021-03-30 , DOI: 10.1093/cybsec/tyab010 Dennis Broeders 1
Journal of Cybersecurity ( IF 2.9 ) Pub Date : 2021-03-30 , DOI: 10.1093/cybsec/tyab010 Dennis Broeders 1
Affiliation
Private sector Active Cyber Defence (ACD) lies on the intersection of domestic security and international security and is a recurring subject, often under the more provocative flag of ‘hack back’, in the American debate about cyber security. This article looks at the theory and practice of private cyber security provision and analyses in more detail a number of recent reports and publications on ACD by Washington DC based commissions and think tanks. Many of these propose legalizing forms of active cyber defence, in which private cyber security companies would be allowed to operate beyond their own, or their clients’ networks, and push beyond American law as it currently stands. Generally, public-private governance solutions for security problems have to manage a balance between (i) questions of capacity and assigning responsibilities, (ii) the political legitimacy of public–private security solutions and (iii) the mitigation of their external effects. The case of private active cyber defence reveals a strong emphasis on addressing the domestic security (and political) problem, while failing to convincingly address the international security problems. The proposals aim to create a legitimate market for active cyber defence, anchored to the state through regulation and certification as a way to balance capacity, responsibilities and domestic political legitimacy. A major problem is that even though these reports anticipate international repercussions and political pushback, against what is likely be received internationally as an escalatory and provocative policy, they offer little to mitigate it.
中文翻译:
私人主动网络防御和(国际)网络安全——推线?
私营部门的主动网络防御 (ACD) 位于国内安全和国际安全的交叉点,是美国关于网络安全的辩论中经常出现的主题,通常以更具挑衅性的“黑客攻击”的名义出现。本文着眼于私人网络安全提供的理论和实践,并更详细地分析了华盛顿特区委员会和智囊团最近关于 ACD 的一些报告和出版物。其中许多提议将主动网络防御形式合法化,其中允许私人网络安全公司在其自身或客户网络之外开展业务,并超越目前的美国法律。一般来说,针对安全问题的公私治理解决方案必须在 (i) 能力问题和分配责任之间取得平衡,(ii) 公私安全解决方案的政治合法性和 (iii) 减轻其外部影响。私人主动网络防御的案例显示出对解决国内安全(和政治)问题的高度重视,而未能令人信服地解决国际安全问题。这些提案旨在为积极的网络防御创建一个合法的市场,通过监管和认证以平衡国家的能力、责任和国内政治合法性。一个主要问题是,尽管这些报告预计会引起国际反响和政治阻力,但对于国际上可能接受的升级和挑衅政策,它们几乎没有提供任何缓解它的方法。
更新日期:2021-03-30
中文翻译:
私人主动网络防御和(国际)网络安全——推线?
私营部门的主动网络防御 (ACD) 位于国内安全和国际安全的交叉点,是美国关于网络安全的辩论中经常出现的主题,通常以更具挑衅性的“黑客攻击”的名义出现。本文着眼于私人网络安全提供的理论和实践,并更详细地分析了华盛顿特区委员会和智囊团最近关于 ACD 的一些报告和出版物。其中许多提议将主动网络防御形式合法化,其中允许私人网络安全公司在其自身或客户网络之外开展业务,并超越目前的美国法律。一般来说,针对安全问题的公私治理解决方案必须在 (i) 能力问题和分配责任之间取得平衡,(ii) 公私安全解决方案的政治合法性和 (iii) 减轻其外部影响。私人主动网络防御的案例显示出对解决国内安全(和政治)问题的高度重视,而未能令人信服地解决国际安全问题。这些提案旨在为积极的网络防御创建一个合法的市场,通过监管和认证以平衡国家的能力、责任和国内政治合法性。一个主要问题是,尽管这些报告预计会引起国际反响和政治阻力,但对于国际上可能接受的升级和挑衅政策,它们几乎没有提供任何缓解它的方法。
京公网安备 11010802027423号