Supporting DNS security in a multi-master environment

A multi-agent, DNS server technology, applied in secure communication devices and key distribution, can solve problems such as problems in implementing the DNSSEC protocol

Active Publication Date: 2012-07-04
MICROSOFT TECH LICENSING LLC
View PDF4 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Implementing the DNSSEC protocol in environments with more than one primary DNS server can be problematic

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Supporting DNS security in a multi-master environment
  • Supporting DNS security in a multi-master environment
  • Supporting DNS security in a multi-master environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0011] Supporting Domain Name System (DNS) security in a multi-principal environment is discussed here. A multi-principal environment that implements DNS security extensions includes multiple DNS servers that operate peer-to-peer to host a particular zone. One of the multiple peer DNS servers is the key master server, and is responsible for generating keys, managing key life cycles, and distributing keys to other peer DNS servers. Each of the plurality of peer DNS servers is responsible for generating its own digital signature using the same shared key or keys for the DNS data it returns in response to DNS requests submitted to the DNS server.

[0012] Reference is made herein to digital signatures and digital certificates. Although digital signatures and digital certificates are well known to those skilled in the art, a brief overview of digital signatures and digital certificates is included here to facilitate the reader's understanding. Typically, digital signatures and d...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Multiple peer domain name system (DNS) servers are included in a multi-master DNS environment. One of the multiple peer DNS servers is a key master peer DNS server that generates one or more keys for a DNS zone serviced by the multiple peer DNS servers. The key master peer DNS server can also generate a signing key descriptor that identifies the set of one or more keys for the DNS zone, and communicate the signing key descriptor to the other ones of the multiple peer DNS servers.

Description

Background technique [0001] A typical domain name system (DNS) server resolves names from Internet Protocol (IP) addresses. The DNS Security Extension (DNSSEC) protocol has been developed to add security extensions to the DNS system. However, a typical DNS system is set up with a primary DNS server and one or more secondary DNS servers. Implementing the DNSSEC protocol in an environment with more than one primary DNS server can be problematic. Contents of the invention [0002] This Summary is provided in a simplified form to introduce a selection of concepts that are further described below in the Detailed Description. This Summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter. [0003] According to one or more aspects, a signing key descriptor identifying how to sign a Domain Name System (DNS) zone is generated. Additionally, at the first peer ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/32H04L9/08H04L29/12
CPCH04L29/12066H04L61/2076H04L9/3247H04L9/083H04L29/12301H04L29/12132H04L61/1552H04L63/00H04L61/1511H04L63/1416H04L61/4552H04L61/4511H04L61/5076
Inventor S.塞沙德里J.J.维斯特赫德V.K.肯查拉D.R.西蒙A.G.琼斯F.罗内伯格G.V.贝利
Owner MICROSOFT TECH LICENSING LLC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap