ANALYSIS OF RESEARCH ON DEVELOPMENT OF DNSSEC ON THE INTERNET
DOI:
https://doi.org/10.18372/2410-7840.23.15729Keywords:
security of information resources, cybersecurity, DNS, DNSSEC, TLD, gTLD domain, domain zone, ICANN.Abstract
The domain name system is an integral part of addressing on the Internet. Disadvantages in the implementation of the DNS protocol allow it to be used for malicious actions, during which the integrity and availability of data may be violated when exchanging data between the DNS client and the DNS server. DNSSEC technology is designed to protect the integrity of DNS data exchange, which prevents DNS clients from receiving false data. The article examines the current state of use of DNSSEC domain name enhancement technology and discusses the demand for DNSSEC deployment indicators and the problems that currently exist with obtaining the fullest possible understanding of the scale of deployment of this protocol on the Internet. DNSSEC allows domain name owners to use the method of digitally signing the information they enter into the DNS domain name system. This provides consumer protection, as DNS data that has been corrupted, accidentally or with malicious intent, does not reach them. Question addressed by DNSSEC: Can DNS answers be trusted? Since 2010, it has been possible to use the DNSSEC signature at the top level of the DNS, called the root, which greatly facilitates the global deployment of DNSSEC. However, even ten years
later, the pace of DNSSEC implementation remains low. The article presents the current state, comparative analysis, problems and prospects of implementation of this technology for the protection of information resources. The relative complexity of the technology and the lack of ready-made solutions at the level of Internet users constrain the pace of DNSSEC implementation. At the same time, this is due to the additional costs of telecommunications operators and service providers for administration, as well as the lack of DNSSEC support for operator-level equipment and domain name registrars. DNS security should be an integral part of the plan to ensure the security of all Internet users, because the system, whose main task is to convert the names of network nodes into IP addresses, are used by virtually all applications and services on the network.
References
Протокол DNSSEC развернут во всех доменах общего пользования. [Електронний ресурс]. – Режим доступу: https://www.icann.org/ru/ announcements/details/domain-name-system-security -extensions-now-deployed-in-all-generic-top-level-domains-23-12-2020-ru.
Counting DNSSEC. [Електронний ресурс]. – Режим доступу: https://labs.ripe.net/author/gih/ counting-dnssec/.
ICANN призывает к полному развертыванию DNSSEC и сотрудничеству в рядах сообщества для защиты интернета. [Електронний ресурс]. – Режим доступу: https://www.icann.org/ru/anno uncements/details/icann-calls-for-full-dnssec-deplo yment-promotes-community-collaboration-to-pro tect-the-internet-22-2-2019-ru.
Запрос предложений: исследование показателей развертывания DNSSEC. [Електронний ресурс]. – Режим доступу: https://www.icann.org/ru/ announcements/details/request-for-proposal - resear ching-dnssec-deployment-metrics-17-5-2021-ru.
DNSSEC: Защита DNS. [Електронний ресурс]. – Режим доступу: https://www.icann.org/en/ system/files/files/octo-006-24jul20-ru.pdf.
ПОСТАНОВА КАБІНЕТУ МІНІСТРІВ УКРАЇ-НИ "Про внесення змін до деяких постанов Кабінету Міністрів України щодо функці¬о-нування офіційних веб-сайтів органів виконавчої влади". [Електронний ресурс]. – Режим доступу: https:// zakon.rada.gov.ua/laws/show/493-2019-%D0% BF# Text.
DNSSEC validation revisited By Geoff Huston on 2 Mar 2020. [Електронний ресурс]. – Режим доступу: https://blog.apnic.net/2020/03/02/dnssec-va lidation-revisited/.
Project Overview for the DNSSEC Deployment Metrics Research RFP 17 May 2021. [Електронний ресурс]. – Режим доступу: https://www.icann.org /en/system/files/files/rfp-dnssec-deployment-met rics-research-17may21-en.pdf.
NORDUnet conference. [Електронний ресурс]. – Режим доступу: https://events.nordu.net/display /ndn2012web/Programme.
Downloads
Published
Issue
Section
License
Authors who publish with this journal agree to the following terms:- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).