DocumentCode :
2320849
Title :
Autonomous DNSSEC: Secured pseudo DNS domains for personal networks
Author :
Kubota, Ayumu ; Miyake, Yutaka
Author_Institution :
KDDI R&D Labs. Inc., Saitama, Japan
fYear :
2010
fDate :
6-10 Dec. 2010
Firstpage :
1576
Lastpage :
1580
Abstract :
Although security protocols like TLS/SSL are widely used in the Internet, it is still difficult to secure communications among personal network devices, typically seen in P2P applications and pervasive computing environment. This is because it is uncommon among such personal devices to have public key certificates to authenticate themselves, and furthermore, most of them do not have persistent names or addresses to identify themselves. In this paper, we propose Autonomous DNSSEC, which allows people to generate pseudo DNS domains for personal networks by themselves and to secure them with DNSSEC. By having a secured DNS domain, people can register names and authentication information like public keys of personal devices under their pseudo domain, and make that information securely accessible by other people. In our proposal, DNS records of pseudo domains are separately stored in the distributed hash tables (DHTs) dedicated to this purpose, and thus no modification to existing DNS servers is required. By modifying the DNS resolver mechanism on the client side, even unmodified applications can securely access the information registered under pseudo domains. Therefore, applications that can use the DNS for storing public keys or their certificates can instantly utilize our system for securing their communication. We demonstrate this by showing how an unmodified OpenSSH client can properly authenticate its target host using our system.
Keywords :
Internet; computer network security; personal area networks; public key cryptography; ubiquitous computing; DNS; Internet; OpenSSH; P2P; authentication information; autonomous DNSSEC; distributed hash tables; personal network; pervasive computing; pseudo DNS domains; pseudo domain; public key certificates; secure communications; security protocols; DNSSEC; P2P security; PKI;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
GLOBECOM Workshops (GC Wkshps), 2010 IEEE
Conference_Location :
Miami, FL
Print_ISBN :
978-1-4244-8863-6
Type :
conf
DOI :
10.1109/GLOCOMW.2010.5700204
Filename :
5700204
Link To Document :
بازگشت