30(a) Security Policy: Summary of the security policy for the proposed registry
Prototypical answer:
gTLD | Full Legal Name | E-mail suffix | Detail | .ruhr | regiodot GmbH & Co. KG | dotzon.com | View |
1. Security Policy Registry Service Provider
As regiodot does not perform the technical operation of the registry itself, but has contracted Knipp for that purpose, regiodot defines a general security policy framework that is imposed over itself, Knipp and all further contractors and subcontractors. All participating entities have to ensure that their security policies meet the requirements of the framework.
The security policy framework has the following key objectives:
* confidentiality
* access
* accountability
* availability
1.1 Confidentiality
Confidentiality means the protection of private, proprietary and other sensitive information from entities that neither have a right or a need to gain it. Information includes, but is not limited to, registration data, registrar data, financial data, contracts, human resources data and other business and technical data. To achieve this, each managed data is classified into ʺhigh riskʺ, ʺconfidentialʺ and ʺpublicʺ. It is defined
* where the data is stored
* how it is backed up
* what protective measures are taken both for the data itself and its backups
* how long the data is retained and how it is safely destroyed once the information is no longer required
* how it is protected from illicit access
* how legitimate access and modification is controlled
* the auditability of data
1.2 Access
Access defines the rights, privileges and the mechanisms by which assets are being protected. Assets may refer to physical items like desktop computers, notebooks, servers, network devices and other equipment, or to logical items like registration data, e-mails and communication logs, passwords, cryptographic key material. For each entity that is granted access, it is clearly defined
* for which purpose the access is granted
* to which level, i.e. can the entity view partial or whole data, can the entity change the data fully or partially
* which obligations are attendant to the access rights
* at which period the grant is revisited
1.3 Accountability
Accountability defines the responsibilities of staff members and management in respect to security aspects. This includes
* handling of passwords and security tokens
* reviewing audit logs and identifying potential security violations
* management of security and access control
* reporting of potential security breaches
Staff members have to be made aware of their responsibilities on the assignment of duties and on a regular basis.
1.4 Availability
For each facet of the registry operation, beyond the requirements of ICANN, it is determined which service level is required, i.e.
* the availability requirements, i.e. desired relative availability over a period of time (typically month), including the allowed maximum planned and and unplanned outage times
* the recovery time objective
* the recovery point objective, if applicable
2. Security Commitments to Users of the .RUHR TLD
2.1 Abuse Prevention and Mitigation
As discussed in detail in the answer to Question 28, the registry has taken various precautions to reduce the probability that the domain names within .RUHR are being used in connection with criminal activities.
2.2 Reliability and Availability of DNS
Various technical measures ensure a 100% availability of the DNS and reliable, accurate and fast responses. A highly protected DNSSEC infrastructure ensures the trustability of the digital signatures contained in the DNS.
3. Security Commitments to Registrants
3.1 Protection of Investment
With the commercialisation of the Internet, domain names have become valuable assets. Domain names are no longer simply a more or less cryptic handle for IP addresses, but as brands they have become the base for whole businesses worth millions to billions. Also, with domain names, lifestyles (ʺtwitterʺ, ʺfacebookʺ generations) and communities are associated. Therefore, the loss, abuse or unavailability of a domain name, be it temporary or permanently, may cause significant damage to the domain name registrant.
Regiodot fully recognises this. With its highly developed technical and administrative security framework, regiodot has taken the necessary measures to protect the investments of registrants in their names. Due to the domain auto-renew mechanism, a valid domain is never deleted by the registry itself. In addition, the Redemption Grace Period provides extra protection if request to delete the domain is inadvertently issued by the registrant himself or by the entrusted registrar. Also, if it can be proven that a domain has been illegally moved to a different registrant, this is reverted by the registry to to original state.
3.2 Adherence to Registration Policy
The registration policy clearly defines the conditions by which potential registrants may register domain names. The registrants can rely upon that the registry strictly adheres to these rules. In detail,
* the registry guarantees equal opportunity if multiple registrants meet the conditions in the same way.
* the registry executes a clear procedure for handling violations of the registration policy. The registrant has the ability to correct the violations before further actions are taken by the registry; he has also the right to apeal if he believes that the evaluation of the facts is incorrect
* the registry maintains its neutrality in conflicts, unless forced by ICANNʹs Uniform Dispute Resolution Policy (UDRP), Uniform Rapid Suspension (URS) Registry Restrictions Dispute Resolution Procedure (RRDRP).
3.3 Privacy of Registrant Data
While the registry is strongly committed to data protection and privacy, only limited commitments can made in respect to registrant data. This is owed to various requirements imposed by ICANN for the allowance to operate the registry.
First, the registry is required to provide so-called Registration Data Directory Services (RDDS). This allows on one hand the anonymous public to retrieve information on the registrant of a domain name. The registry tries to mitigate the impact on taking measures against data mining and by fully supporting EPPʹs disclosure settings, which allow the registrant (via the registrar) to limit the exposure of specific data fields, to the extent ICANN demands their exposure.
As part of the RDDS, the registry is also required to grant access to the data to eligible users and institutions with legitimate interest, not limited to law enforcement agencies. The registry will monitor the activities of these entities and will withdraw the access if there a indications of excessive or abusive use.
Second, the registry has to give access to the registrant data to ICANN as part of the escrow requirement. While the data is encrypted by a public key of ICANN and thus safe from access by third parties, no guarantees can be given about the data handling by ICANN.
The registry adds a declaration of the data handling to the registration policy in order to make a potential registrant aware about the limited privacy and to make the agreement of the registrant a part of the policy.
2. Security policy at regiodot
Regiodot’s business is governed by German law. The German Federal Data Protection Act provides for a high level of both data protection as well as data security. These requirements are particularly enshrined in Art. 9 of the Federal Data Protection Act and its appendix:
Section 9 Technical and organizational measures
Public and private bodies which collect, process or use personal data on their own behalf or on behalf of others shall take the necessary technical and organizational measures to ensure the implementation of the provisions of this Act, especially the requirements listed in the Annex to this Act. Measures shall be necessary only if the effort required is in reasonable proportion to the desired purpose of protection.
Annex (to Section 9, first sentence)
Where personal data are processed or used in automated form, the internal organization of authorities or enterprises is to be such that it meets the specific requirements of data protection. In particular, measures suited to the type of personal data or categories of data to be protected shall be taken
1. to prevent unauthorized persons from gaining access to data processing systems for processing or using personal data (access control),
2. to prevent data processing systems from being used without authorization (access control),
3. to ensure that persons authorized to use a data processing system have access only to those data they are authorized to access, and that personal data cannot be read, copied, altered or removed without authorization during processing, use and after recording (access control),
4. to ensure that personal data cannot be read, copied, altered or removed without authorization during electronic transfer or transport or while being recorded onto data storage media, and that it is possible to ascertain and check which bodies are to be transferred personal data using data transmission facilities (disclosure control),
5. to ensure that it is possible after the fact to check and ascertain whether personal data have been entered into, altered or removed from data processing systems and if so, by whom (input control),
6. to ensure that personal data processed on behalf of others are processed strictly in compliance with the controller’s instructions (job control),
7. to ensure that personal data are protected against accidental destruction or loss (availability control),
8. to ensure that data collected for different purposes can be processed separately.
One measure in accordance with the second sentence Nos. 2 to 4 is in particular the use of the latest encryption procedures.
Regiodot staff will ensure ensure compliance with the Act and other data protection provisions.
The job specifications of regiodot staff will require expertise in this area and presence of the respective expertise will be an important aspect during the selection process. Staff will be able to adequately deal with this task according to the resource planning in the financial section.
Similar gTLD applications: (0)
gTLD | Full Legal Name | E-mail suffix | z | Detail |