Deploying DNS Security Extensions

dc.contributor.authorROSTAMPOUR, SAM
dc.contributor.departmentChalmers tekniska högskola / Institutionen för data- och informationsteknik (Chalmers)sv
dc.contributor.departmentChalmers University of Technology / Department of Computer Science and Engineering (Chalmers)en
dc.date.accessioned2019-07-03T13:07:28Z
dc.date.available2019-07-03T13:07:28Z
dc.date.issued2012
dc.description.abstractThe number of attacks towards the Domain Name System (DNS) increases exponentially. Due to the essential role of the DNS in the Internet service, fast reaction is needed to secure this system. Domain Name System Security Extensions (DNSSEC) is an Internet scale solution for protecting the DNS. DNSSEC provides security for the DNS by adding integrity and data original authentication to the DNS messages. As this solution is rolling out fast in the top-level domains (TLDs) and some second-level domains (SLDs) the VOLVO Information Technology (VOLVO IT) company became interested in implementing this solution in their infrastructure. Therefore, they initiated a thesis to become aware of the procedure of deploying DNSSEC and its requirements. In this thesis, we have gone through the design of the DNS system. We demonstrated how this system is unsecure and why it is the target of many attacks. We explained how DNSSEC protects the DNS and highlighted the objectives of this solution. We also discussed about the current implementation of the DNSSEC. Implementing this solution in a large-scale network is not an easy task and adds lots of complexity to the administrators of the DNS infrastructure. In addition, some security concerns still exist regarding this solution. We have analysed the common attacks and availability issue related to the DNSSEC implementation. We used this analysis to avoid using any implementation, which makes the DNS infrastructure vulnerable to the DNSSEC related attacks. We covered the deployment of the DNSSEC within a particular organization (VOLVO IT). We used the best practice solutions to reduce the security issues regarding the deployment of the DNSSEC. This thesis is mainly divided in two parts. One part is the security analysis of the DNS and DNSSEC design. The other part deals with the best practice solutions that can be used to set up a secure DNSSEC deployment within the infrastructure of the VOLVO IT.
dc.identifier.urihttps://hdl.handle.net/20.500.12380/173693
dc.language.isoeng
dc.setspec.uppsokTechnology
dc.subjectInformations- och kommunikationsteknik
dc.subjectSystemvetenskap, informationssystem och informatik
dc.subjectInformation & Communication Technology
dc.subjectInformation Systems
dc.titleDeploying DNS Security Extensions
dc.type.degreeExamensarbete för masterexamensv
dc.type.degreeMaster Thesisen
dc.type.uppsokH
Ladda ner
Original bundle
Visar 1 - 1 av 1
Hämtar...
Bild (thumbnail)
Namn:
173693.pdf
Storlek:
1.67 MB
Format:
Adobe Portable Document Format
Beskrivning:
Fulltext