Abstract
We propose a novel Secure Name Service (SNS) framework for protecting critical Internet resources from unauthorized accesses, denial of service (DoS) and other attacks. The key idea is to enforce packet-origin authentication through resource virtualization and utilize dynamic name binding for protecting servers under attacks and improving service availability. Different from static network-level security schemes such as IPsec and VPN, SNS is able to dynamically bind the names of critical resources at the service level, which allows us to actively protect the service resources through a distributed filtering mechanism built on authenticated packet forwarding paths. Our prototype implementation of authenticated packet forwarding components on Pentium 4 Linux machines demonstrates that regular Linux platforms are sufficient to support SNS authenticated packet forwarding on 100Mbps or lGbps LANs.KeywordsResource VirtualizationDomain Name ServiceSecure ZoneZone AuthenticatorSecurity CheckpointThese keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
