SCIT-DNS: Critical infrastructure protection through secure DNS server dynamic updates
نویسندگان
چکیده
Domain Name Systems (DNS) provide the mapping between easily remembered host names and their IP addresses. While domain name information is typically created and updated off-line, dynamic DNS updates allow clients to manage domain names online, in real time. The current secure DNS standards (DNSSEC) require private keys to be kept online to sign dynamic updates, leaving private keys subject to network-
منابع مشابه
Selected papers from Trusted Internet Workshop (TIW) 2004
Security was not an inherent feature of the Internet when it was originally deployed. The tremendous success and growth of the wired Internet has led to a wealth of applications ranging from e-commerce to grid computing. Quality of Service (QoS), reliability, and security are necessities for many of the applications. Furthermore, the growing number of wireless devices capable of connecting to I...
متن کاملIncorruptible Self-Cleansing Intrusion Tolerance and Its Application to DNS Security
Despite the increased focus on security, critical information systems remain vulnerable to cyber attacks. The trend lends importance to the concept of intrusion tolerance: there is a high probability that systems will be successfully attacked and a critical system must fend off or at least limit the damage caused by unknown and/or undetected attacks. In prior work, we developed a Self-Cleansing...
متن کاملSecurity for Future Internet Architecture - Motivation from DNSSEC
DNS has a long history of being the primary target of malicious network attacks. These attacks take advantage of the weakness that the domain name mapping information is not authenticated. This motivates the need of security global infrastructure for future internet architecture. DNSSEC is a secure extension of DNS, and is considered as one of the most important mechanisms for critical informat...
متن کاملApplying decentralized trust management to DNS dynamic updates
DNS dynamic updates can be used to modify the data of a DNS zone. This can be used to update DNS records of hosts with dynamic IP addresses, for example. DNS dynamic updates can be authenticated using the DNSSEC transaction signatures or the TSIG mechanism. While there are existing mechanisms for authenticating the source of update requests, mechanisms for authorization, i.e. specifying who is ...
متن کاملSecure Online DNS Dynamic Updates: Architecture and Implementation
AbstRAct Domain Name System (DNS) is the system for the mapping between easily memorizable host names and their IP addresses. Due to its criticality, the Internet Engineering Task Force (IETF) has defined a DNS Security Extension (DNSSEC) to provide data-origin authentication. In this paper, we point out two drawbacks of the DNSSEC standard in its handling of DNS dynamic updates: 1) the on-line...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- J. High Speed Networks
دوره 15 شماره
صفحات -
تاریخ انتشار 2006