Colleagues [Apologies to Job for copying your email from the Routing WG but you explained it well :) ] The RIPE NCC has asked the Database WG Chairs to facilitate a working group conversation on framing the RIPE Database service subcomponents in terms of criticality. At the bottom of this email is a form that focuses on three components: confidentiality, integrity and availability. Each component is split into three questions (a, b, and c), a total of 9 questions are being put forward to the working group. We envisage this process to be a public consultation: WG participants can submit (free-form) responses, and also chime in by replying to each other's responses; hopefully bringing us to a degree of consensus in the coming weeks. We believe this is a unique opportunity to help the RIPE NCC! The goal is to help the RIPE NCC develop a deeper understanding of how the moving parts fit together, which in turn helps decide where and how to invest resources. >>> Your feedback is much appreciated! <<< cheers, denis, William DB WG co-chairs ----------------------- FORM STARTS HERE ----------------------- Service Criticality Form - RIPE Database Introduction ------------ This form is used to gather input from the community on the service criticality of the RIPE database. The framework is detailed in https://labs.ripe.net/author/razvano/service-criticality-framework/ The service criticality has three components: * Confidentiality What is the highest possible impact of a data confidentiality -related incident (data leak)? * Integrity What is the highest possible impact of a data integrity -related incident (hacking)? * Availability What is the highest possible impact of a service availability -related incident (outage)? All our services are designed with at least 99% availability, so please consider outages of up to 22 hours. Service Purpose --------------- The RIPE Database is the public internet registry for the RIPE NCC region, comprised of: * Internet Number Registry * Internet Routing Registry * Reverse Delegations The critical parts of the service are: * Query (Port 43, REST API, NRTM, Web Application) * FTP dumps (whole database and split files) The non-critical part of the service is: * Update (REST API, Mailupdates, Syncupdates) Service Criticality ------------------- Please review the following three areas. (1) Global Routing Incident Severity * Low (No / negligible impact) * Medium (One or a few ASes are unavailable) * High (Many ASes in a region are unavailable) * Very High (Global Internet routing disruptions) Please rate the incident severity (Low to Very High) in the following three areas. Please explain why. (a) Confidentiality (Impact level of incidents such as data leaks) (b) Integrity (Impact level of incidents such as hack attempts) (c) Availability (Impact level of service outage incidents, up to 22 hours per quarter) (2) IP addresses and AS Numbers Incident Severity * Low (No / negligible impact) * Medium (Local disruptions (registration information not being available for some entities)) * High (Regional disruptions (registration information not being available for the RIPE NCC region)) * Very High (Global disruptions (lack of registration information for all AS Numbers and IP addresses)) Please rate the incident severity (Low to Very High) in the following three areas. Please explain why. (a) Confidentiality (Impact level of incidents such as data leaks) (b) Integrity (Impact level of incidents such as hack attempts) (c) Availability (Impact level of service outage incidents, up to 22 hours per quarter) (3) Global DNS Incident Severity * Low (No / negligible impact) * Medium (Local disruptions) * High (Regional disruptions) * Very High (Global disruptions) Please rate the incident severity (Low to Very High) in the following three areas. Please explain why. (a) Confidentiality (Impact level of incidents such as data leaks) (b) Integrity (Impact level of incidents such as hack attempts) (c) Availability (Impact level of service outage incidents, up to 22 hours per quarter)