{"draft":"draft-moriarty-post-inch-rid-12","doc_id":"RFC6045","title":"Real-time Inter-network Defense (RID)","authors":["K. Moriarty"],"format":["ASCII","HTML"],"page_count":"75","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"IETF - NON WORKING GROUP","abstract":"Network security incidents, such as system compromises, worms,\r\nviruses, phishing incidents, and denial of service, typically\r\nresult in the loss of service, data, and resources both human and\r\nsystem.  Network providers and Computer Security Incident Response\r\nTeams need to be equipped and ready to assist in communicating and\r\ntracing security incidents with tools and procedures in place\r\nbefore the occurrence of an attack.  Real-time Inter-network\r\nDefense (RID) outlines a proactive inter-network communication method to\r\nfacilitate sharing incident handling data while integrating\r\nexisting detection, tracing, source identification, and mitigation\r\nmechanisms for a complete incident handling solution.  Combining\r\nthese capabilities in a communication system provides a way to\r\nachieve higher security levels on networks.  Policy guidelines for\r\nhandling incidents are recommended and can be agreed upon by a\r\nconsortium using the security recommendations and considerations.\r\n\r\nRID has found use within the international research communities,\r\nbut has not been widely adopted in other sectors.  This publication\r\nprovides the specification to those communities that have adopted\r\nit, and communities currently considering solutions for real-time\r\ninter-network defense.  The specification may also accelerate\r\ndevelopment of solutions where different transports or message\r\nformats are required by leveraging the data elements and structures\r\nspecified here.  This document is not an Internet Standards Track \r\nspecification; it is published for informational purposes.","pub_date":"November 2010","keywords":["Coordinated Incident Response","CSIRT","CIRT","IODEF","Incident Object Exchange","Description Format"],"obsoletes":[],"obsoleted_by":["RFC6545"],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC6045","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc6045"}