PDoT

Security and privacy of the Internet Domain Name System (DNS) have been longstanding concerns. Recently, there is a trend to protect DNS traffic using Transport Layer Security (TLS). However, at least two major issues remain: (1) How do clients authenticate DNS-over-TLS endpoints in a scalable and extensible manner? and (2) How can clients trust endpoints to behave as expected? In this article, we propose a novel Private DNS-over-TLS (PDoT) architecture. PDoT includes a DNS Recursive Resolver (RecRes) that operates within a Trusted Execution Environment. Using Remote Attestation , DNS clients can authenticate and receive strong assurance of trustworthiness of PDoT RecRes. We provide an open source proof-of-concept implementation of PDoT and experimentally demonstrate that its latency and throughput match that of the popular Unbound DNS-over-TLS resolver.

Download Full-text

Structure and Organization of the Domain Name System

Domain Name Law And Practice ◽

10.1093/oso/9780199663163.003.0002 ◽

2015 ◽

Author(s):

Torsten Bettinger

Keyword(s):

Host Computer ◽

The Internet ◽

Domain Name System ◽

Domain Name ◽

Global Regulation ◽

Ip Address ◽

Domain Names ◽

Data Packets ◽

System P ◽

Administrative Tasks

Although the Internet has no cross-organizational, financial, or operational management responsible for the entire Internet, certain administrative tasks are coordinated centrally. Among the most important organizational tasks that require global regulation is the management of Internet Protocol (IP) addresses and their corresponding domain names. The IP address consists of an existing 32 bit (IP4) or 128 bit (IP6) sequence of digits and is the actual physical network address by which routing on the Internet takes place and which will ensure that the data packets reach the correct host computer.

Download Full-text

Trusted Execution Environment-Enabled Platform for 5G Security and Privacy Enhancement

10.1007/978-3-030-85428-7_9 ◽

2021 ◽

pp. 203-223

Author(s):

José María Jorquera Valero ◽

Pedro Miguel Sánchez Sánchez ◽

Alexios Lekidis ◽

Pedro Martins ◽

Pedro Diogo ◽

...

Keyword(s):

Security And Privacy ◽

Execution Environment ◽

5G Security ◽

Trusted Execution Environment

Download Full-text

TLS, SSL, and SET

Cryptography and Security Services ◽

10.4018/978-1-59904-837-6.ch012 ◽

2008 ◽

pp. 300-333

Author(s):

Manuel Mogollon

Keyword(s):

Credit Card ◽

Web Server ◽

Point Of View ◽

Transport Layer ◽

The Internet ◽

Secure Socket Layer ◽

End User ◽

Credit Card Number ◽

Transport Layer Security ◽

Commercial Transaction

In an Internet commercial transaction, the secure Web server and the buyer’s computer authenticate each other and encipher the data transmitted using transport layer security (TLS) or secure socket layer (SSL) protocols. When a purchase is made online using a credit card, does the customer’s bank need to know what was purchased? Not really. Does the seller need to know the customer’s credit card number? Actually, the answer is no. The responses to these questions were the main premises of the secure electronic transaction (SET). In the late 1990’s, SET was approved as the credit card standard, but it failed to be accepted because of its cost and the problems regarding distribution of end-user certificates. However, SET is explained in this chapter as an ideal protocol, from the point of view of certificates, digital signatures, and cryptography for securing credit card transactions over the Internet.

Download Full-text

Domain Name System during the Transition from IPv4 to IPv6

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.687-691.1912 ◽

2014 ◽

Vol 687-691 ◽

pp. 1912-1915

Author(s):

Hong Cheng Tian ◽

Hong Wang ◽

Jin Kui Ma

Keyword(s):

Transition Period ◽

Functional Unit ◽

Transition Phase ◽

The Internet ◽

Domain Name System ◽

Domain Name ◽

Network Address Translation ◽

Address Translation ◽

Operating Process ◽

Long Time

IPv4 and IPv6 will coexist for a long time, due to ISPes’ inertia in the transition from IPv4 to IPv6. Domain Name System (DNS) is a very important functional unit in the Internet. This paper describres the hierarchy and operating process of IPv6 DNS, IPv6 DNS resolver, and presents the DNS transition from IPv4 to IPv6 in particular. We suggest two methods to implement DNS service during the transition period: DNS-Application Level Gateway (DNS-ALG) with Network Address Translation-Protocol Translation (NAT-PT), and dual stacks. And we also propose their respective operational principles. This paper is of valuable reference for network engineers to construct DNS in the transition phase.

Download Full-text

Nombre de dominios y otros signos distintivos. Aproximación teórica y análisis practico

Revista Jurídica Piélagus ◽

10.25054/16576799.579 ◽

2007 ◽

Vol 6 ◽

pp. 39-63

Author(s):

Jorge Alberto Fierro Abella

Keyword(s):

Internet Protocol ◽

The Internet ◽

Domain Name System ◽

Domain Name ◽

Empirical Application ◽

Domain Names ◽

Registration Procedure ◽

Transmission Of Information ◽

Theoretical Frame ◽

La Red

El desarrollo de la llamada red de redes o internet ha supuesto un cambio sustancial en la forma de entender las relaciones comerciales. La extensión del acceso a aquella a un número cada vez mayor de agentes económicos, unido a un crecimiento continuo de los contenidos de toda índole disponibles en la red, implica que la facilidad con que se acceda a la información de una determinada compañía tenga un elevado valor. El objetivo de este documento de reflexión es ofrecer en primer lugar, un panorama general del marco teórico en el que se desarrolla la actividad de registro de nombres de dominio, tanto en el ámbito internacional como en el local (España) y su relación con el derecho de marcas, para a partir de ello exponer una serie de casos, que tienen una relación directa con España, bien por tratarse de resoluciones de nuestros tribunales, bien por ser asuntos en los que se discutía la titularidad de nombres de dominio en los que aparecía como perjudicado (real o pretendido) una marca o nombre comercial española o al menos con presencia en este país. Abstract Domain names are the familiar and easy-to-remember names for internet computers. They map to unique Internet Protocol (IP) numbers that serve as routing addresses on the Internet. The domain name system (DNS) translates internet names into the IP numbers needed for transmission of information across the network. The challenge pursued by the following research is to provide a general outlook of the theoretical frame for the technical activity of domain name registration procedure, as well as the implication of complementary sources of rules. The territorial context of the analysis is only apparent, since the empirical application of concepts can also be applied by other jurisdictions. Palabras Claves Nombre de dominio, marcas, marcas de internet, derecho de marcas, competencia desleal, usurpación de marcas. Keywords Nombre de dominio, marcas, marcas de internet, derecho de marcas, competencia desleal, usurpación de marcas

Download Full-text

"DNS SEHAT" Implementation on Automatic Replicated Recursive Domain Name System on PT. X

10.31227/osf.io/egktj ◽

2019 ◽

Author(s):

Muhammad Ilham Verardi Pradana

Keyword(s):

Search Engine ◽

Search Engines ◽

The Other ◽

The Internet ◽

Domain Name System ◽

Domain Name ◽

Search Results ◽

Search Result ◽

Google Search

Thanks to the existence of Search engines, all of informations and datas could be easily found in the internet, one of the search engine that users use the most is Google. Google still be the most popular search engine to provide any informations available on the internet. The search result that Google provide, doesn't always give the result we wanted. Google just displayed the results based on the keyword we type. So sometimes, they show us the negative contents on the internet, such as pornography, pornsites, and many more that seems to be related to the keyword, whether the title or the other that makes the result going that way. In this paper, we will implement the "DNS SEHAT" to pass along client's request queries so the Google search engine on the client's side will provide more relevant search results without any negative contents.

Download Full-text

A Blockchain-Based Spatial Data Trading Framework

10.21203/rs.3.rs-150049/v1 ◽

2021 ◽

Author(s):

liu hui ◽

WeiPeng Tai ◽

Yaofei Wang ◽

Wang Shenling

Keyword(s):

Data Storage ◽

Spatial Data ◽

Security And Privacy ◽

Distributed Data ◽

Distributed Data Storage ◽

Related Data ◽

Data Market ◽

Spatial Big Data ◽

Execution Environment ◽

Trusted Execution Environment

Abstract With the increasing utilization of space related data, the demand for spatial big data sharing and trading is growing rapidly, which promotes the emergence of spatial data market. However, in conventional data markets, both data buyers and data sellers have to use a centralized trading platform which might be dishonest. Blockchain is a decentralized distributed data storage technology, which uses the traceability and unforgeability to confirm and record each transaction, can solve the disadvantages of the centralized data market, however, it also introduces the problems of security and privacy. To address this issue, we propose a blockchain-based spatial data trading framework with Trusted Execution Environment to provide a trusted decentralized platform, including data storage, data query, data pricing and security computing. Based on this framework, a spatial data trading demonstration system was implemented and its feasibility and security were verified.

Download Full-text

21. Internet regulation and domain names

10.1093/he/9780198787556.003.0021 ◽

2017 ◽

Cited By ~ 1

Author(s):

Ian J. Lloyd

Keyword(s):

Internet Access ◽

The Internet ◽

Domain Name System ◽

Domain Name ◽

Domain Names ◽

Internet Regulation ◽

System P ◽

Functional Equivalent ◽

Technical Issues ◽

Major Factors

Internet access is dependent on two major factors: Internet (generally referred to as IP) addresses, which are a functional equivalent to telephone numbers, and domain names. The former element raises a number of technical issues but is generally non-contentious. Systems of domain names—which effectively serve as an alias for IP numbers—are much more controversial and raise major issues how the Internet should be regulated. This chapter begins with a discussion of the emergence of Internet regulation. It then turns to domain names and the regulation of the domain-name system.

Download Full-text

Icann’S New gTLD Program

Domain Name Law And Practice ◽

10.1093/oso/9780199663163.003.0005 ◽

2015 ◽

Author(s):

Torsten Bettinger ◽

Mike Rodenbaugh

Keyword(s):

Free Trade ◽

The Internet ◽

Domain Name System ◽

Domain Name ◽

Domain Names ◽

The World ◽

Stakeholder Model ◽

Business Entities ◽

The Stability ◽

Multi Stakeholder

Since its creation in 1998, the Internet Corporation for Assigned Names and Numbers (ICANN) has been responsible for ensuring free trade and marketplace competition in the sale and regulation of domain names, as well as overseeing the stability of the Domain Name System (DNS) and the creation of consistent, functional policies. Therefore, its responsibilities include assessing when, and to what degree, additional generic top-level domains (gTLDs) are needed in order to ensure the proper functioning of the DNS. In order to make such a determination, ICANN relied on the input of interested Internet stakeholders as mandated through its multi-stakeholder model, which involves interested business entities, individuals, and governments from around the world.

Download Full-text

Detecting Network Anomalies In ISP Network Using DNS And NetFlow

ICONIET PROCEEDING ◽

10.33555/iconiet.v2i3.38 ◽

2019 ◽

Vol 2 (3) ◽

pp. 238-242

Author(s):

Andreas Tedja ◽

Charles Lim ◽

Heru Purnomo Ipung

Keyword(s):

Service Providers ◽

The Internet ◽

Domain Name System ◽

Domain Name ◽

Internet Service ◽

Ip Address ◽

Traffic Characteristics ◽

The World ◽

Fast Flux ◽

Crucial Part

The Internet has become the biggest medium for people to communicate with otherpeople all around the world. However, the Internet is also home to hackers with maliciouspurposes. This poses a problem for Internet Service Providers (ISP) and its user, since it ispossible that their network is compromised and damages may be done. There are many types ofmalware that currently exist on the Internet. One of the growing type of malware is botnet.Botnet can infect a system and make it a zombie machine capable of doing distributed attacksunder the command of the botmaster. In order to make detection of botnet more difficult,botmasters often deploy fast flux. Fast flux will shuffle IP address of the domain of themalicious server, making tracking and detection much more difficult. However, there are stillnumerous ways to detect fast flux, one of them is by analysing DNS data. Domain Name System(DNS) is a crucial part of the Internet. DNS works by translating IP address to its associateddomain name. DNS are often being exploited by hackers to do its malicious activities. One ofthem is to deploy fast flux.Because the characteristics of fast flux is significantly different thannormal Internet traffic characteristics, it is possible to detect fast flux from normal Internettraffic from its DNS information. However, while detecting fast flux services, one must becautious since there are a few Internet services which have almost similar characteristics as fastflux service. This research manages to detect the existence of fast flux services in an ISPnetwork. The result is that fast flux mostly still has the same characteristics as found on previousresearches. However, current fast flux trend is to use cloud hosting services. The reason behindthis is that cloud hosting services tend to have better performance than typical zombie machine.Aside from this, it seems like there has been no specific measures taken by the hosting service toprevent this, making cloud hosting service the perfect medum for hosting botnet and fast fluxservices.

Download Full-text