Enhancing DNS Security using the SSL Trust Infrastructure

Publikation: Beitrag zu KonferenzenPaperBeigetragenBegutachtung

Beitragende

Abstract

The main functionality of the domain name system (DNS) is to translate symbolic names into IP addresses. Due to the criticality of DNS for the proper functioning of the Internet, many improvements have been proposed for DNS in terms of security and dependability. However, the current secure DNS (DNSSEC) standard has still several problems that need further consideration. For example, online updates and denial of service attacks are not sufficiently addressed. These problems are serious obstacles that might prevent DNSSEC from replacing the traditional DNS. In this paper we discuss several of these technical and economic problems. To address these issues, we propose a simple extension to the existing DNS. It is SSL based and individual domains can decide independently of each other if and when to adopt the extensions. We show how to implement these extensions with the help of a simple proxy DNS server.

Details

OriginalspracheEnglisch
Seiten21-27
Seitenumfang7
PublikationsstatusVeröffentlicht - 2005
Peer-Review-StatusJa

Konferenz

Titel10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems
Veranstaltungsnummer
Dauer2 Februar 2005
BekanntheitsgradInternationale Veranstaltung
Ort
StadtSedona
LandUSA/Vereinigte Staaten

Externe IDs

Scopus 27544448817

Schlagworte

Forschungsprofillinien der TU Dresden

DFG-Fachsystematik nach Fachkollegium

Schlagwörter

  • Domain Name System, computer crime, Web server, Data security, Computer architecture, Web and Internet services, Standards development, Large-Scale system, Delay, security of data, DNS security, SSL trust infrastructure, IP adressess, online updates, denial of services attacks, proxy DNS server