DHT expanded DNS mapping system and method for realizing DNS security

A DNS server and security technology, applied in the field of network communication, can solve the problems that the trust chain cannot be established, DNSSEC cannot be realized, etc., and achieve the effects of reducing huge workload, preventing data fraud, and high efficiency

Inactive Publication Date: 2011-05-04
BEIJING UNIV OF POSTS & TELECOMM
View PDF3 Cites 27 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0022] In the original DNS mapping system, DNSSEC has a relatively perfect method of protecting the integrity and security of mapping information. However, after using the DHT ring to expand the DNS mapping system, DNSSEC cannot be reali

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DHT expanded DNS mapping system and method for realizing DNS security
  • DHT expanded DNS mapping system and method for realizing DNS security
  • DHT expanded DNS mapping system and method for realizing DNS security

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments.

[0045] see Figure 4 and Figure 5 , introducing the structural composition of the domain name system DNS mapping system through DHT expansion of the present invention: the mapping system includes: a mobile or fixed host with a DNS resolver, a local DNS server, an authorized DNS server and a DHT server in the DHT ring, The DNS server and the DHT server are used as the mapping server to jointly manage the mapping information from the identity to the location and query the mapping information for the host. The upper layer of the system is that each authorized DNS server adopts a traditional DNS tree hierarchy structure, and the bottom layer is a DHT ring structure; the upper layer DNS tree structure is composed of hierarchical and hierarchical index...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a distributed hash table (DHT) expanded domain name system (DNS) mapping system and a method for realizing DNS security. The mapping system comprises a host with a DNS resolver, a local and authorized DNS server and a DHT server in a DHT ring, wherein the DNS server and the DHT server serving as mapping servers manage mapping information from identity to position together and query mapping information for the host. The system synthesizes the advantages of the DNS and the DHT, absorbs a DNS tree structure, supports hierarchical query of the mapping information, is provided with reasonable commercial and trust models, and succeeds the advantages of DHT redundancy backup, strong robustness and the like; and the system can be realized on the basis of the conventional DNS mapping system so as to reduce a large amount of financial resource and manpower of network construction. A complete trust chain is established between the DHT ring and the upper DNS server, a transaction signature (TSIG) key is automatically distributed by using an ID management server positioned in an identity and position separation architecture, and the original DNS signature (DNSSEC) and TSIG security mechanisms of the DNS are ensured to be completely realized in the DHT expanded DNS mapping system.

Description

technical field [0001] The invention relates to a DHT-extended DNS mapping system and a method for realizing DNS security, belonging to the technical field of network communication. Background technique [0002] The network architecture based on the separation of the identity ID and the location Locator on the host side, such as the host identification protocol HIP (Host Identity Protocol) and the next generation Internet routing architecture RANGI (Routing Architecture for the Next Generation Internet) is based on the existing TCP / IP protocol stack network The host identification ID layer is introduced between the transport layer and the transport layer, so that the transport layer session is only bound to the host ID layer, thus solving the dual semantic problem of IP addresses in the existing Internet. Each host or terminal in the network has its own identity, that is, the host ID. The host ID must be globally unique, topology-independent, and portable. Locator is the lo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/12H04L29/06H04L9/08
Inventor 卢美莲龚向阳王文东阙喜戎张爱华张晶晶
Owner BEIJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap