Addressing Complexity in DNS Security: A Case for Improved Security Status Indication Based on a Trust Model

The Domain Name System (DNS) is a hierarchical distributed naming system for Internet resources, but in some instances the protocol´s insecurity threatens its proper functionality. To overcome this, the use of DNS Security Extensions (DNSSEC) has been proposed, and a partial deployment exists today. For the case of mobile devices that are connected to the Internet, there is possible use of different DNS servers at each location, with infrastructure warranting different degrees of trust for disaster management. In this work we propose the development of a trust model for DNS for cases of trust management. In particular we focus on different name resolution scenarios and protocols. Finally we propose a new user interface showing DNS security status, so that users can become aware of potentially compromised web sites.