Situatie
Arhivele SRV,DNSSEC si DANE impreuna cu altele intaresc „Domain Name System” ca centrul de informatie in spatele internetului. Foarte bine ascuns de ultimul utilizator, un numar in crestere de protocoale si decizii de incredere sunt conditionate pe DNS. Neglijarea sau atacurile asupra DNS-urilor au un impact mult mai mare astazi decat in trecut, acum punand in pericol securitatea, mult peste negarea serviciului. Opportunistic Persistent DNS (opDNS) se ocupa de aceste probleme, abordand pessimistic caching si eliminand traficul dispensabil. Infrastructura DNS-ului actual tine cont de hosts forgetting si reimprospatarea arhivelor DNS-urilor intr-un timp relativ scurt. In colaborare cu TLS, opDNS reduce remarcabil numarul listelor de asteptare si sporeste intimitatea, siguranta si eficienta. Va vom arata cum ultimele sistemele de ultima ora pot profita de de opDNS fara sa trebuiasca sa astepte pentru ajutor de la operatorii server-ului sau creatorii aplicatiei, activand cea mai eficienta metoda de implemetare.
Solutie
BibTeX (Download)
@inproceedings{Waldvogel2015Boost, title = {Boost DNS Privacy, Reliability, and Efficiency with opDNS Safe Query Elimination}, author = {Marcel Waldvogel, Thomas Zink}, url = {https://netfuture.ch/wp-content/uploads/2014/12/waldvogel2015boost.pdf https://netfuture.ch/wp-content/uploads/2015/03/opdns-poster.pdf}, year = {2015}, date = {2015-03-10}, booktitle = {NetSys 2015}, publisher = {Gesellschaft für Informatik}, abstract = {SRV records, DNSSEC, and DANE among others fortify the Domain Name System as the central information hub behind the Internet. Largely hidden from the end user, an increasing number of protocol and trust decisions are contingent on DNS. Neglect or attacks on DNS have much more impact today than ever, now endangering security far beyond denial of service. Opportunistic Persistent DNS (opDNS) addresses these problems by abandoning pessimistic caching and eliminating unnecessary traffic. Today’s DNS infrastructure relies on the hosts forgetting and refreshing DNS records in relatively short time. In conjunction with TLS, opDNS greatly reduces the number of queries and in turn increases privacy, reliability, and efficiency. Even with DNS lookups all but eliminated for frequently visited secure services, changes to the server addresses will be recognized almost immediately, unlike standard DNS. We will show how end systems can take advantage of opDNS without having to wait for support by server operators or application developers, enabling the most effective way of deployment.}, keywords = {DNS, Privacy, Security}, pubstate = {published}, tppubtype = {inproceedings} }
Leave A Comment?