Issue No. 05 - September/October (2009 vol. 7)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2009.126
Eric Osterweil , University of California, Los Angeles
Lixia Zhang , University of California, Los Angeles
The Domain Name System (DNS) has been a critical component of the Internet since the 1980s. Incidents from the wild, such as recent cache poisoning exploits, emphasize that it's vulnerable to attacks. DNS Security Extensions (DNSSEC) define a way to use cryptography for end-to-end protection of DNS data. Although the visible deployment of DNSSEC has grown at a tremendous rate, evidence suggests that the management of cryptographic keys is deceptively complex and has led to visible misconfigurations. Here, the authors outline the problem of managing DNSKEYs as it stands today, and where there exist competing proposed solutions, present a survey comparison.
network-level security and protection, communication/networking and information technology, computer systems organization, network management, network operations, public key cryptosystems, data encryption
E. Osterweil and L. Zhang, "Interadministrative Challenges in Managing DNSKEYs," in IEEE Security & Privacy, vol. 7, no. , pp. 44-51, 2009.