work Infrastructures, held in Seoul, 20-22 May 2002, hosted by the Government of
the Republic of Korea. Thanks go to Sy Goodman, Andy Ozment, Davis King and Pamela Hassebroek for their
contributions to the paper. Other papers prepared for the workshop are available on the ITU site at
www.itu.int/cni
.
The paper has been edited by the ITU secretariat. The vie ws expressed in this paper are those of the author alone
and do not necessarily reflect the opinions of the ITU or its membership.

Introduction to critical network infrastructures

3/16
1.
Introduction
1.1
It is hard to think of all the countless ways in which todays info-communications affect our lives.
The phenomenal growth of the Internet and mobile communication, the WTO (World Trade Organization)
basic telecommunications agreement on trade liberalization, rapid technological change, have all played a
very important role, not only in forming a foundation for the information society, but also in influencing each
individuals life. In particular, through the digitization of many different fields of society and economy,
every nation has now established Internet communications in order to contend as an emerging leader in the
new economy. Due to the phenomenal growth of the information-oriented society, todays world has become
more dependent on the info-communication systems of organizations and companies. Also, as more
information has been opened to public access, more people can share information on a global basis.
Moreover, these trends are expected to intensify.
1.2
For these reasons, it is essential to guarantee the security of information that is considered of critical
importance, from a political, economic, financial or social standpoint. In order to safeguard countries critical
information resources and to guarantee network security, the technical aspects of network security are the
subject of much study. Although a network, or part of a network used to exchange information may have
state-of-the-art security, in practice the level of security is only as strong as the weakest link in the entire
network.
1.3
In the rush to move much of what we do in the real world onto info-communications networks, the
implications of failure in our critical network infrastructures (CNI) are but poorly understood. This paper
therefore aims to identify the explicit significance of CNIs, which are of crucial importance in politics,
economy and society. Securing national CNIs against vulnerability, while ensuring their continued
availability, will require creating trust among different parties. This will require collaboration and
cooperation among countries.
1.4
This paper is structured as follows: Chapter two provides a definition and description of CNIs. In
addition, it describes current trends in network design and their vulnerabilities. Chapter three explains
current problems for CNIs and possible solutions to resolve these security problems. Chapter four describes
cyber-terrorism and other areas impacting CNI. Finally, conclusions and areas for further study are presented
in Chapter five.
2.
What is critical network infrastructure (CNI)?
2.1
This chapter explains the significance of vulnerability in info-communications and distinguishes
between physical and logical aspects of CNIs. In addition, it describes current trends in network design based
on well-known and representative global networks.
2.1
Definition and description of CNI
2.2
The definition of CNI is dependent on the context in which it is used. A CNI can be identified as a
public or private network that carries information relevant to national security and safety or information of
high financial value.
2
CNI can also be defined physically as the whole network or a part of the network that
exchanges information of high significance. For example, if the objective of the network itself is to exchange
confidential information among nations, the whole network itself can be defined as a CNI. However, in the
case of the Internet, it is appropriate to define pertinent parts as CNIs, because its objective is to
simultaneously share information that is open to many anonymous users, and it has been increasingly used as
a means to exchange important information for society and the economy.
2.3
The security of CNIs, which are a medium for the exchange of information, is crucially important in
research, education, e-commerce, trade, etc. Previously, the important infrastructure of a country may have
existed separately from that of other countries, both physically and logically , and there may have been only
very limited contact between network designers and managers. However, network management functions are

2
http://www.itu.int/osg/spu/ni/security/index.html
Introduction to critical network infrastructures

4/16
becoming increasingly automated and interdependent. Accordingly, vulnerability to cyber attack, as well
as to aspects of equipment failure or human error, etc., is rising, especially in the case of e-business. In this
regard, because it is evident that CNIs will become a critical part of national competitiveness in the twenty-
first century. While much policy attention has been focused on CNI security policies, there has been a lack of
consistency owing to an absence of international standards and insufficient investment.
2.4
The most basic element for building the information society, in the pursuit of stability and
prosperity, is to safeguard information. However, as data transfers grow in scale and as dependence on
information becomes more intense, the security issue can only become more serious.
2.2
Network Trends and Vulnerabilities
2.5
This section outlines development trends of the Internet and the mobile Internet, and their potential
vulnerabilitie s.
2.2.1 Internet
2.6
The twenty-first century is the era of the Internet. The Internet combines techniques of traditional
industry and info-communication. However, it is still hard to provide a high quality of service due to various
problems related to the Internet
3
. With respect to the infrastructure, there are such problems as inefficient
communications, high costs and low transmission speeds to end-users, bottleneck impediments to the
construction of high-speed networks, unfair network access policies, and inefficient network extension, etc.
From a functional viewpoint, the Internet is sometimes associated with excessive waiting times and a service
with no guarantees of the bandwidth available to end-users and quality of service (QoS) for real-time
services. Moreover, security provision is often poor. In particular, the Internet is likely to be vulnerable to
hacking, denial of service attacks, etc. Internet users cannot be sure that confidential information, for
instance concerning their credit status, will not be leaked. For instance, Figure 2.1 shows the overall
hierarchical architecture of the Internet, which may cause bottlenecks, especially where many access
networks are interconnected.
2.7
Accordingly, it is necessary to develop a next-generation Internet (NGI) in order to resolve todays
Internet problems and to adjust to changes in demand as society becomes more information-oriented. In the
short term, the NGI presents potential solutions to the problems of network congestion, service delay, lack of
addresses, expensive charges, etc. Moreover, it supports multimedia and mobile services of a high speed and
performance with guaranteed quality in the longer term. There are many countries and regions working on
research and development (R&D) for the NGI, such as the United States, the European Union, Canada,
Japan, and so forth.

3

For a discussion of Internet security issues, see A tangled world wide web of security issues by Joris Claessens, Bert Preneel and
Joos Wanderwalle, at http://www.firstmonday.org/issues/issue7_3/claessens/index.html
Introduction to critical network infrastructures

5/16
2.8
The United States has carried out an R&D project on high performance networks including trials
running over high-speed testbed networks. This runs at speeds of between 100 to 1,000 times faster than the
existing Internet. In addition, by linking more than 100 sites through a point-to-point access over a
100 Mbit/s circuit , it has been constructing the testbed that links government agency networks: vBNS
4
of
NSF, DREN
5
, NREN
6
, ESnet
7
, etc. It is also working to construct a special infra-network linking
approximately ten or more NGI sites with point-to-point access at transmission speeds of more than 1 Gbit/s.
2.9
In Canada, many research groups, notably CANARIE
8,
have made great efforts to establish NGI
test networks promoting the CA*net2 project for a high speed transmission network based on ATM.
Furthermore, it has been carrying out a CA*net3 project to study methods for optical routing, switching
techniques, service applications, etc. The CA*net3 testbed utilizes DWDM (Dense Wavelength Division
Multiplexing) and is the first fully optical Internet in the world. A possible architecture for the NGI is
illustrated in Figure 2.2.
2.10
As depicted in Figure 2.2, there are NAPs (Network Access Points) linking networks and Giga-POP
(Gigabit Point of Presence), etc. in the NGI. The access points link NSP (Network Service Provider) and ISP
(Internet Service Provider) very efficiently, systematically, and reliably,

thereby overcoming disadvantages
inherent in the Internet structure. They manage routing efficiently, and combine high-speed networks and
traffic into a