article

Free access

DNSSEC: a protocol toward securing the internet infrastructure

Authors:

Amy Friedlander,

Allison Mankin,

W. Douglas Maughan,

Stephen D. CrockerAuthors Info & Claims

Communications of the ACM, Volume 50, Issue 6

Pages 44 - 50

https://doi.org/10.1145/1247001.1247004

Published: 01 June 2007 Publication History

All formats PDF

Abstract

DNSSEC is properly understood as a component in an ecology of security protocols and measures.

References

[1]

Arends, R., Austein, R., Larson, M., Massey, D., and Rose, S. DNS Security Introduction and Requirements. RFC 4035, Oct. 10, 2004; www.ietf.org/rfc/rfc4033.txt.

Google Scholar

[2]

Arends, R., Austein, R., Larson, M., Massey, D., and Rose, S. Resource Records for the DNS Security Extensions. RFC 4034, Oct. 10, 2004; www.ietf.org/rfc/rfc4034.txt.

Google Scholar

[3]

Arends, R., Austein, R., Larson, M., Massey, D., and Rose, S. Protocol Modifications for the DNS Security Extensions. RFC 4033, Oct. 10, 2004; www.ietf.org/rfc/rfc4035.txt.

Google Scholar

[4]

Atkins, D. and Austein, R. Threat Analysis of the Domain Name System. RFC 3833, Aug. 2004; www.ietf.org/rfc/rfc3833.txt.

Google Scholar

[5]

Chandramouli, R. and Rose, S. Secure Domain Name System Deployment Guide: Recommendations of the National Institute of Standards and Technology, Special Publication 800-81. U.S. Department of Commerce, Technology Administration, NIST, Gaithersburg, MD, May 2006; csrc.nist.gov/publications/nistpubs/800-81/SP800-81.pdf.

Google Scholar

[6]

Cole, J. et al. The UCLA Internet Report: Surveying the Digital Future, Year 3. UCLA Center for Communication Policy, Los Angeles, Feb. 2003; www.digitalcenter.org/pdf/InternetReportYearThree.pdf.

Google Scholar

[7]

Fox, S., Quitney Anderson, J., and Rainie, L. The Future of the Internet. Pew Internet & American Life Project, Jan. 9, 2005; www.pewinternet.org/pdfs/PIP_Future_of_Internet.pdf.

Google Scholar

[8]

Haugsness, K. and the ISC Incident Handlers. DNS Cache Poisoning Detailed Analysis Report, Version 2. Internet Storm Center, Mar. 2005; www.dshield.org/presentations/dnspoisoning.html.

Google Scholar

[9]

ICANN. Transcript of DNSSec Mini Workshop, ICANN Meetings, Mar del Plata, Argentina, Apr. 5, 2005; www.icann.org/ meetings/mardelplata/captioning-dnssec-05apr05.htm.

Google Scholar

[10]

Ross, R., Katzke, S., Johnson, A., Swanson, M., Stoneburner, G., and Rogers, G. Information Security, Special Publication 800-53, Revision 1. U.S. Department of Commerce, Technology Administration, National Institute of Standards and Technology, Gaithersburg, MD, Dec. 2006; csrc.nist.gov/publications/nistpubs/800-53-Rev1/800-53-rev1-final-clean-sz.pdf; and the Federal Information Security Act Implementation Project: Protecting the National Critical Information Infrastructure. U.S. Department of Commerce, Technology Administration, National Institute of Standards and Technology, Gaithersburg, MD, May 8, 2006; csrc.nist.gov/sec-cert/.

Google Scholar

[11]

SecSpider Web site. DNSSEC Monitoring Project; secspider.cs.ucla.edu/.

Google Scholar

[12]

Souppaya, M., Wack, J., Harris, A., Johnson, P., and Kent, K. Security Configuration Checklists Program for IT Products: Guidance for Checklist Users and Developers. Special Publication 800-70 (Draft). U.S. Department of Commerce, Technology Administration, National Institute of Standards and Technology, Gaithersburg, MD, May 2005; csrc.nist.gov/checklists/download_sp800-70.html.

Google Scholar

Cited By

View all

Fainchtein RAviv ASherr MRibaudo SKhullar A(2021)Holes in the Geofence: Privacy Vulnerabilities in “Smart” DNS ServicesProceedings on Privacy Enhancing Technologies10.2478/popets-2021-00222021:2(151-172)Online publication date: 29-Jan-2021
https://doi.org/10.2478/popets-2021-0022
Bumanglag KKettani H(2020)On the Impact of DNS Over HTTPS Paradigm on Cyber Systems2020 3rd International Conference on Information and Computer Technologies (ICICT)10.1109/ICICT50521.2020.00085(494-499)Online publication date: Mar-2020
https://doi.org/10.1109/ICICT50521.2020.00085
Cazarotto Pda Costa Cda Rosa Righi RBarbosa J(2017)GTTracker: Location-aware hierarchical model for identifying M-commerce business opportunitiesPeer-to-Peer Networking and Applications10.1007/s12083-017-0621-1Online publication date: 29-Nov-2017
https://doi.org/10.1007/s12083-017-0621-1
Show More Cited By

Recommendations

Understanding the role of registrars in DNSSEC deployment
IMC '17: Proceedings of the 2017 Internet Measurement Conference

The Domain Name System (DNS) provides a scalable, flexible name resolution service. Unfortunately, its unauthenticated architecture has become the basis for many security attacks. To address this, DNS Security Extensions (DNSSEC) were introduced in ...
Quantifying the operational status of the DNSSEC deployment
IMC '08: Proceedings of the 8th ACM SIGCOMM conference on Internet measurement

This paper examines the deployment of the DNS Security Extensions (DNSSEC), which adds cryptographic protection to DNS, one of the core components in the Internet infrastructure. We analyze the data collected from the initial DNSSEC deployment which ...
DNSSEC in Practice: Using DNSSEC-Tools to Deploy DNSSEC
CATCH '09: Proceedings of the 2009 Cybersecurity Applications & Technology Conference for Homeland Security

The Domain Name System (DNS) is one of the core infrastructure components of the Internet. DNS data is also trivial to spoof. The security extensions to DNS (DNSSEC) provide a mechanism for users to verify the origin authenticity and integrity of DNS ...

Comments

Information & Contributors

Information

Published In

Communications of the ACM Volume 50, Issue 6

Smart business networks

June 2007

84 pages

ISSN:0001-0782

EISSN:1557-7317

DOI:10.1145/1247001

Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 June 2007

Published in CACM Volume 50, Issue 6

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

17
Total Citations
View Citations
2,434
Total Downloads

Downloads (Last 12 months)203
Downloads (Last 6 weeks)32

Reflects downloads up to 03 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Fainchtein RAviv ASherr MRibaudo SKhullar A(2021)Holes in the Geofence: Privacy Vulnerabilities in “Smart” DNS ServicesProceedings on Privacy Enhancing Technologies10.2478/popets-2021-00222021:2(151-172)Online publication date: 29-Jan-2021
https://doi.org/10.2478/popets-2021-0022
Bumanglag KKettani H(2020)On the Impact of DNS Over HTTPS Paradigm on Cyber Systems2020 3rd International Conference on Information and Computer Technologies (ICICT)10.1109/ICICT50521.2020.00085(494-499)Online publication date: Mar-2020
https://doi.org/10.1109/ICICT50521.2020.00085
Cazarotto Pda Costa Cda Rosa Righi RBarbosa J(2017)GTTracker: Location-aware hierarchical model for identifying M-commerce business opportunitiesPeer-to-Peer Networking and Applications10.1007/s12083-017-0621-1Online publication date: 29-Nov-2017
https://doi.org/10.1007/s12083-017-0621-1
Yong Wang Xiaochun Yun Gang Xiong Zhen Li Yao Yao (2012)Availability analysis of DNSSEC resolution and validation service7th International Conference on Communications and Networking in China10.1109/ChinaCom.2012.6417444(35-42)Online publication date: Aug-2012
https://doi.org/10.1109/ChinaCom.2012.6417444
Wang YYun XYao YXiong GLi Z(2012)Traffic Measurement Based DNSSEC AnalysisProceedings of the 2012 IEEE 12th International Conference on Computer and Information Technology10.1109/CIT.2012.37(62-69)Online publication date: 27-Oct-2012
https://dl.acm.org/doi/10.1109/CIT.2012.37
Yan ZHu AWang W(2012)A cache-splitting scheme for DNS recursive server2012 IEEE 2nd International Conference on Cloud Computing and Intelligence Systems10.1109/CCIS.2012.6664588(1267-1271)Online publication date: Oct-2012
https://doi.org/10.1109/CCIS.2012.6664588
Pappas VKeromytis A(2011)Measuring the Deployment Hiccups of DNSSECAdvances in Computing and Communications10.1007/978-3-642-22720-2_5(44-53)Online publication date: 2011
https://doi.org/10.1007/978-3-642-22720-2_5
Wong WNikander PBriscoe BSteenkiste P(2010)Secure naming in information-centric networksProceedings of the Re-Architecting the Internet Workshop10.1145/1921233.1921248(1-6)Online publication date: 30-Nov-2010
https://dl.acm.org/doi/10.1145/1921233.1921248
Wijngaards WOvereinder B(2009)Securing DNSIEEE Security and Privacy10.1109/MSP.2009.1337:5(36-43)Online publication date: 1-Sep-2009
https://dl.acm.org/doi/10.1109/MSP.2009.133
Alnajim AMunro M(2009)An Approach to the Implementation of the Anti-Phishing Tool for Phishing Websites Detection2009 International Conference on Intelligent Networking and Collaborative Systems10.1109/INCOS.2009.37(105-112)Online publication date: Nov-2009
https://doi.org/10.1109/INCOS.2009.37
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Magazine Site

View this article on the magazine site (external)

Magazine Site

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

References

Cited By

Recommendations

Understanding the role of registrars in DNSSEC deployment

Quantifying the operational status of the DNSSEC deployment

DNSSEC in Practice: Using DNSSEC-Tools to Deploy DNSSEC

Comments

Information

Published In

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

PDF

eReader

Magazine Site

Login options

Full Access

Share

Share this Publication link

Share on social media

Affiliations