DNSSEC

FCC chairman calls on ISPs to help fight cyber attacks

Federal Communications Commission Chairman Julius Genachowski wants Internet service providers to work with government and security experts to adopt voluntary standards to protect consumers from cyber attacks.

On Wednesday, the chairman gave a speech in Washington, D.C., in which he discussed voluntary measures that ISPs and other technology companies could take to help protect the public from three major cyber threats: botnets, domain name fraud, and IP hijacking.

"Cyber attacks pose a critical threat to our economic future and national security," he said in his speech. "If you shut down the Internet, you'd shut down … Read more

New flap over SOPA copyright bill: Anti-Web security?

Hollywood-backed legislation to knock suspected copyright-infringing Web sites offline could hinder efforts to secure Internet domain names, a key member of Congress said today.

Rep. Dan Lungren, who heads the Homeland Security subcommitteee on cybersecurity, said his panel has been working on ways to tighten the security of the Internet's domain names through a set of security improvements called DNSSEC.

An "unintended consequence" of the Stop Online Piracy Act, or SOPA, would be to "undercut the real effort that would practically help us secure the Internet" through DNSSEC, Lungren said during a hearing this morning. &… Read more

DNSSEC protocol to plant security at Net's roots

The DNSSEC initiative to embed security at the heart of the Internet by preventing URL spoofing and other attacks has passed an important milestone.

The secure domain name server (DNS) protocol DNSSEC guarantees the authenticity of the mechanism that converts human-friendly Internet addresses to the Internet Protocol numeric address system. DNSSEC--short for Domain Name System Security Extensions--uses digital signatures to assure name servers that the DNS data they receive has not been intercepted or tampered with.

The organization responsible for managing the assignment of IP addresses and domain names, ICANN, published on Thursday the root zone trust anchor. This allows … Read more

DNS Security Extensions not a panacea

In 2003, the federal government released a report titled "The National Strategy to Secure Cyberspace," offering numerous recommendations to improve overall security. One suggestion was to replace insecure Domain Name System (DNS) servers with DNS Security Extensions, or DNSSEC. Simply stated, standard DNS has a relatively open method for updating information, making it vulnerable to an attack. DNSSEC, on the other hand, marries DNS with a public key infrastructure (PKI) for authentication and digital signatures addressing this particular vulnerability.

Since the original call to arms in 2003, DNSSEC implementation remained on the backburner--that is until recently. Now federal … Read more