NIST releases standards for securing domain names

The National Institute of Standards and Technology released new guidelines for securing the Domain Name System (DNS) yesterday. Special Publication 800-81 details threats and how best to approach them as well as specific recommendations on secure configurations for domain names and their associated mechanisms.

Domain names have two unique characteristics that set them apart from other distributed systems: They have no defined system boundaries and no confidentiality because Web site domains are accessible to anyone. Conventional network-level attacks can cause denial-of-service and access problems.

NIST recommends that agencies implement appropriate system and network security controls to secure the DNS hosting, protect transactions such as name resolution data and data replication, and protect query/response transactions by using digital signatures. The publication also recommends enforcing content control of DNS name resolution using integrity constraints.

The publication can be downloaded in PDF format.

Featured

  • FCW Perspectives
    tech process (pkproject/Shutterstock.com)

    Understanding the obstacles to automation

    As RPA moves from buzzword to practical applications, agency leaders say it’s forcing broader discussions about business operations

  • Federal 100 Awards
    Federal 100 logo

    Fed 100 nominations are now open

    Help us identify this year's outstanding individuals in federal IT.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.