Abstract
The Domain Name System (DNS) is a necessary component of the Internet that allows hosts on the Internet to communicate with other hosts without needing to know their cryptic IP addresses. When this protocol was first introduced it did not contain robust security features because scalability was an issue. One of the useful features added to DNS was the DNS update mechanism that allowed other hosts to dynamically change DNS entries. This feature, though, exposed new vulnerabilities to DNS servers which necessitated the implementation of new security protocols. Some of the security protocols introduced to address these issues were Transaction SIGnature (TSIG) and DNS Security Extension (DNSSEC). Although, in IPv4, these mechanisms did resolve most of the security issues dealing with authentication between a node and a DNS server, they are not viable in IPv6 networks. This is because the Neighbor Discovery Protocol (NDP) introduced to organize the large IPv6 address space automatically does not support DNS authentication or have an option for secure DNS updating. In this chapter, the authors first explain the common approaches used in IPv4 to address these security issues. Then they explain the differences between the use of these approaches in IPv4 and IPv6, where the focus is on new research with regard to authentication mechanisms between hosts and DNS servers.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
