Domain Name System Security Extensions

Why Trust Techopedia

What Does Domain Name System Security Extensions Mean?

The Domain Name System Security Extensions (DNSSEC) is a suite of specifications outlining details for securing certain information being provided by the Domain Name System (DNS) as it is being used on networks using the Internet Protocol (IP). The DNS SEC is a set of extensions of DNS that provide DNS clients with origin authentication of all DNS data, data integrity and authentication denial of existence. It does not provide confidentiality or availability. These standards were created by the Internet Engineering Task Force (IETF).

Advertisements

Techopedia Explains Domain Name System Security Extensions

The Domain Name System is what manages Internet navigation by associating domain names with their respective IP addresses. It has no way of telling if the information really comes from the true domain owner or not, which leaves it vulnerable to some attacks like DNS cache poisoning. In this attack, the attacker replaces the correct IP address in the DNS cache with a different one designed to lead users to websites with viruses, worms or adware.

The DNSSEC uses digital signatures and cryptographic keys to ensure that the lookup table data is intact and that they are pointing to legitimate servers. The implementation of this extension is voluntary and is quite complex, which has resulted to slow adoption. It is offered as a managed service and some vendors sell automation tools for it. Important entities like the U.S. government have mandated that all of its agencies implement DNSSEC.

Advertisements

Related Terms

Margaret Rouse
Technology expert
Margaret Rouse
Technology expert

Margaret is an award-winning writer and educator known for her ability to explain complex technical topics to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles in the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret’s idea of ​​a fun day is to help IT and business professionals to learn to speak each other’s highly specialized languages.