• DocumentCode
    2148691
  • Title

    A performance view on DNSSEC migration

  • Author

    Migault, Daniel ; Girard, Cédric ; Laurent, Maryline

  • Author_Institution
    Orange Labs., Issy-les-Moulineaux, France
  • fYear
    2010
  • fDate
    25-29 Oct. 2010
  • Firstpage
    469
  • Lastpage
    474
  • Abstract
    In July 2008, the Kaminsky attack showed that DNS is sensitive to cache poisoning, and DNSSEC is considered the long term solution to mitigate this attack. A lot of technical documents provide configuration and security guide lines to deploy DNSSEC on organization´s servers. However, such documents do not provide ISP or network administrators inputs to plan or evaluate the cost of the migration. This paper describes current deployment of DNSSEC and provides key elements to consider when planning DNSSEC deployment. Then we focus our work on performance aspects and provide experimental measurements for both DNS and DNSSEC architecture. Experimental results evaluate the cost of DNSSEC for authoritative and recursive server with different implementations.
  • Keywords
    security of data; DNSSEC migration; Kaminsky attack; network administrators; security guide lines; Communities; Internet; Organizations; Security; Servers; Testing; Time factors; DNS; DNSSEC; migration; performance;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Network and Service Management (CNSM), 2010 International Conference on
  • Conference_Location
    Niagara Falls, ON
  • Print_ISBN
    978-1-4244-8910-7
  • Electronic_ISBN
    978-1-4244-8908-4
  • Type

    conf

  • DOI
    10.1109/CNSM.2010.5691275
  • Filename
    5691275
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2148691