Title :
Challenges in securing the domain name system
Author :
Chandramouli, Ramaswamy ; Rose, Scott
Author_Institution :
US Nat. Inst. of Stand. & Technol., Gaithersburg, MD, USA
Abstract :
Two main security threats exist for DNS in the context of query/response transactions. Attackers can spoof authoritative name servers responding to DNS queries and alter DNS responses in transit through man-in-the-middle attacks, and alter the DNS responses stored in caching name servers. The IETF has defined the digital signature-based DNSSEC for protecting DNS query/response transactions through a series of requests for comments.
Keywords :
Internet; digital signatures; query processing; security of data; DNS security; digital signature; domain name system; query-response transactions; Data security; Digital signatures; Domain Name System; Information security; National security; Protection; Public key; Smart cards; US Government; Web server; DNS security extensions; DNSSEC; domain name system; name resolution; security;
Journal_Title :
Security & Privacy, IEEE
