ANALYSIS OF RESEARCH ON DEVELOPMENT OF DNSSEC ON THE INTERNET

Authors

DOI:

https://doi.org/10.18372/2410-7840.23.15729

Keywords:

security of information resources, cybersecurity, DNS, DNSSEC, TLD, gTLD domain, domain zone, ICANN.

Abstract

The domain name system is an integral part of addressing on the Internet. Disadvantages in the implementation of the DNS protocol allow it to be used for malicious actions, during which the integrity and availability of data may be violated when exchanging data between the DNS client and the DNS server. DNSSEC technology is designed to protect the integrity of DNS data exchange, which prevents DNS clients from receiving false data. The article examines the current state of use of DNSSEC domain name enhancement technology and discusses the demand for DNSSEC deployment indicators and the problems that currently exist with obtaining the fullest possible understanding of the scale of deployment of this protocol on the Internet. DNSSEC allows domain name owners to use the method of digitally signing the information they enter into the DNS domain name system. This provides consumer protection, as DNS data that has been corrupted, accidentally or with malicious intent, does not reach them. Question addressed by DNSSEC: Can DNS answers be trusted? Since 2010, it has been possible to use the DNSSEC signature at the top level of the DNS, called the root, which greatly facilitates the global deployment of DNSSEC. However, even ten years
 later, the pace of DNSSEC implementation remains low. The article presents the current state, comparative analysis, problems and prospects of implementation of this technology for the protection of information resources. The relative complexity of the technology and the lack of ready-made solutions at the level of Internet users constrain the pace of DNSSEC implementation. At the same time, this is due to the additional costs of telecommunications operators and service providers for administration, as well as the lack of DNSSEC support for operator-level equipment and domain name registrars. DNS security should be an integral part of the plan to ensure the security of all Internet users, because the system, whose main task is to convert the names of network nodes into IP addresses, are used by virtually all applications and services on the network.

References

Протокол DNSSEC развернут во всех доменах общего пользования. [Електронний ресурс]. – Режим доступу: https://www.icann.org/ru/ announcements/details/domain-name-system-security -extensions-now-deployed-in-all-generic-top-level-domains-23-12-2020-ru.

Counting DNSSEC. [Електронний ресурс]. – Режим доступу: https://labs.ripe.net/author/gih/ counting-dnssec/.

ICANN призывает к полному развертыванию DNSSEC и сотрудничеству в рядах сообщества для защиты интернета. [Електронний ресурс]. – Режим доступу: https://www.icann.org/ru/anno uncements/details/icann-calls-for-full-dnssec-deplo yment-promotes-community-collaboration-to-pro tect-the-internet-22-2-2019-ru.

Запрос предложений: исследование показателей развертывания DNSSEC. [Електронний ресурс]. – Режим доступу: https://www.icann.org/ru/ announcements/details/request-for-proposal - resear ching-dnssec-deployment-metrics-17-5-2021-ru.

DNSSEC: Защита DNS. [Електронний ресурс]. – Режим доступу: https://www.icann.org/en/ system/files/files/octo-006-24jul20-ru.pdf.

ПОСТАНОВА КАБІНЕТУ МІНІСТРІВ УКРАЇ-НИ "Про внесення змін до деяких постанов Кабінету Міністрів України щодо функці¬о-нування офіційних веб-сайтів органів виконавчої влади". [Електронний ресурс]. – Режим доступу: https:// zakon.rada.gov.ua/laws/show/493-2019-%D0% BF# Text.

DNSSEC validation revisited By Geoff Huston on 2 Mar 2020. [Електронний ресурс]. – Режим доступу: https://blog.apnic.net/2020/03/02/dnssec-va lidation-revisited/.

Project Overview for the DNSSEC Deployment Metrics Research RFP 17 May 2021. [Електронний ресурс]. – Режим доступу: https://www.icann.org /en/system/files/files/rfp-dnssec-deployment-met rics-research-17may21-en.pdf.

NORDUnet conference. [Електронний ресурс]. – Режим доступу: https://events.nordu.net/display /ndn2012web/Programme.

Downloads

Published

2021-07-30

How to Cite

Prykhodko, T. (2021). ANALYSIS OF RESEARCH ON DEVELOPMENT OF DNSSEC ON THE INTERNET. Ukrainian Information Security Research Journal, 23(2), 123–130. https://doi.org/10.18372/2410-7840.23.15729

Issue

Vol. 23 No. 2 (2021)

Section

Articles

License

The scientific journal adheres to the principles of Open Access and provides free, immediate, and permanent access to all published materials without financial, technical, or legal barriers for readers.

All articles are published in Open Access under the Creative Commons Attribution 4.0 International (CC BY 4.0) license.

Copyright

Authors who publish their works in the journal:

  • retain the copyright to their publications;

  • grant the journal the right of first publication of the article;

  • agree to the distribution of their materials under the CC BY 4.0 license;

  • have the right to reuse, archive, and distribute their works (including in institutional and subject repositories), provided that proper reference is made to the original publication in the journal.