Wenfeng Liu1, *, Yu Zhang1, Wenjia Zhang1, Lu Liu1, Hongli Zhang1, Binxing Fang1
CMC-Computers, Materials & Continua, Vol.63, No.1, pp. 521-536, 2020, DOI:10.32604/cmc.2020.07982
- 30 March 2020
Abstract As a critical Internet infrastructure, domain name system (DNS) protects the authenticity and integrity of domain resource records with the introduction of security extensions (DNSSEC). DNSSEC builds a single-center and hierarchical resource authentication architecture, which brings management convenience but places the DNS at risk from a single point of failure. When the root key suffers a leak or misconfiguration, top level domain (TLD) authority cannot independently protect the authenticity of TLD data in the root zone. In this paper, we propose self-certificating root, a lightweight security enhancement mechanism of root zone compatible with DNS/DNSSEC protocol. More >