Enhancing DNS Security using the SSL Trust Infrastructure
Publikation: Beitrag zu Konferenzen › Paper › Beigetragen › Begutachtung
Beitragende
Abstract
The main functionality of the domain name system (DNS) is to translate symbolic names into IP addresses. Due to the criticality of DNS for the proper functioning of the Internet, many improvements have been proposed for DNS in terms of security and dependability. However, the current secure DNS (DNSSEC) standard has still several problems that need further consideration. For example, online updates and denial of service attacks are not sufficiently addressed. These problems are serious obstacles that might prevent DNSSEC from replacing the traditional DNS. In this paper we discuss several of these technical and economic problems. To address these issues, we propose a simple extension to the existing DNS. It is SSL based and individual domains can decide independently of each other if and when to adopt the extensions. We show how to implement these extensions with the help of a simple proxy DNS server.
Details
Originalsprache | Englisch |
---|---|
Seiten | 21-27 |
Seitenumfang | 7 |
Publikationsstatus | Veröffentlicht - 2005 |
Peer-Review-Status | Ja |
Konferenz
Titel | 10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems |
---|---|
Veranstaltungsnummer | |
Dauer | 2 Februar 2005 |
Bekanntheitsgrad | Internationale Veranstaltung |
Ort | |
Stadt | Sedona |
Land | USA/Vereinigte Staaten |
Externe IDs
Scopus | 27544448817 |
---|
Schlagworte
Forschungsprofillinien der TU Dresden
DFG-Fachsystematik nach Fachkollegium
Ziele für nachhaltige Entwicklung
Schlagwörter
- Domain Name System, computer crime, Web server, Data security, Computer architecture, Web and Internet services, Standards development, Large-Scale system, Delay, security of data, DNS security, SSL trust infrastructure, IP adressess, online updates, denial of services attacks, proxy DNS server