‹ Back
Building Trust 1 October 2017

DNSSEC

The Domain Name System (DNS), the Internet’s addressing system, is the most critical component of the Internet infrastructure. As with the majority of internet services, the DNS was not securely designed.  As a result, it is vulnerable to man-in-the-middle (MITM) attacks and cache poisoning. These threats use forged data to redirect Internet traffic to fraudulent sites and unintended addresses.

Domain Name System Security Extension (DNSSEC) adds security to the DNS. It is designed to help address MITM attacks and cache poisoning by authenticating the origin of DNS data and verifying its integrity while moving across the Internet. DNSSEC is an Internet Engineering Task Force (IETF) set of specifications that secures communication between DNS name servers and clients.  

DNSSEC mitigates the risk of customers becoming the unwitting victims of cyber crimes when they attempt to access a resource. It is vital for organizations with a large online presence, e-commerce operations, and high-value brands. DNSSEC increases trust for a multitude of Internet activities, including e-commerce, online banking, email, VoIP, and online software distribution. The more widely it’s deployed, the greater the benefits of DNSSEC for the global Internet community.

When DNSSEC is used in conjunction with other best practices including use of Extended Validation Secure Sockets Layer (SSL) certificates, Email Authentication and a comprehensive data stewardship and a data loss readiness plan, users and online brands protection from online threats can be maximized.  

Resources

‹ Back

Related articles

Building Trust 31 August 2020

Policy Toolkit on IoT Security and Privacy

The Policy Toolkit on IoT Security and Privacy is a practical resource for policymakers and regulators to strengthen the...

Building Trust 1 November 2019

Security Factsheet: Keeping Your Workplace Safe Online

For many of us the Internet is a staple in our day-to-day lives – especially at our jobs. But...

Building Trust 1 November 2019

Security Factsheet: Why Should Municipalities Make Network and Data Security a Priority?

Communities can minimize risk by being intentional about how and by whom networks and devices are used. These are...

Join the conversation with Internet Society members around the world