DNSSEC : A Protocol towards securing
Abstract: Unlike spam, worms, viruses, and phishingâ€all of which confront end users directlyâ€ infrastructure attacks occur outside their normal frame of reference and control. But attacks on the Domain Name System (DNS), an engine of the Internet infrastructure, appear to be increasing in length and severity, affecting DNS information associated with financial services institutions, Internet service providers, and major corporations in the travel, health, technology, and media/ entertainment sectors. Such attacks can result in, say, dropped or intercepted email messages or users unknowingly redirected to fraudulent sites where they inadvertently hand over personal informationDNSSEC introduces security at the infrastructure level through a hierarchy of cryptographic signatures attached to DNS records. In the context of DNSSEC, users are assured that the source of the data is verifiable as the stated source, and the mapping of a name to an IP address is accurate. DNSSEC - capable name servers also provide denial of- existence; that is, they tell a user that a name does not exist.