Domain Name Server (DNS) Protection Techniques
Department of Defense
Agency Tracking Number:
Solicitation Topic Code:
Small Business Information
SCIT Labs Inc
13834 Springstone Dr, Clifton, VA, 20124
Socially and Economically Disadvantaged:
AbstractThe Domain Name System (DNS) is a critical part of the internet infrastructure. It is a distributed data base that maps domain names (URL) on to their respective IP Address. DNS was designed for a trusted environment. Todayâ€™s malicious activity has reduced the trustworthiness of the DNS mapping. DNSSEC has been proposed as a secure alternative, but is not suited for all environments. For example, in the tactical environment DNSSEC implementations are particularly challenging. In this proposal we seek to evaluate and prototype a new DNS server â€“ such server should have security close to DNSSEC and operational convenience similar to current DNS servers. Our research in Self Cleansing Intrusion Tolerance (SCIT) technology has yielded an Authoritative DNS server which meets this challenge, by resetting the server every minute or so. In this project we will evaluate alternate approaches and formulate an appropriate strategy for DNS servers that meet the above conditions for new DNS server. We will explore the authoritative and recursive DNS servers that are suitable for the Armyâ€™s environment. Although, we are motivated by SCIT in this project we will explore alternate approaches and formulate the best approach to meet the security and operational requirements.
* information listed above is at the time of submission.