NIST releases standards for securing domain names

The National Institute of Standards and Technology released new guidelines for securing the Domain Name System (DNS) yesterday. Special Publication 800-81 details threats and how best to approach them as well as specific recommendations on secure configurations for domain names and their associated mechanisms.

Domain names have two unique characteristics that set them apart from other distributed systems: They have no defined system boundaries and no confidentiality because Web site domains are accessible to anyone. Conventional network-level attacks can cause denial-of-service and access problems.

NIST recommends that agencies implement appropriate system and network security controls to secure the DNS hosting, protect transactions such as name resolution data and data replication, and protect query/response transactions by using digital signatures. The publication also recommends enforcing content control of DNS name resolution using integrity constraints.

The publication can be downloaded in PDF format.

Featured

  • Workforce
    Avril Haines testifies SSCI Jan. 19, 2021

    Haines looks to restore IC workforce morale

    If confirmed, Avril Haines says that one of her top priorities as the Director of National Intelligence will be "institutional" issues, like renewing public trust in the intelligence community and improving workforce morale.

  • Defense
    laptop cloud concept (Andrey Suslov/Shutterstock.com)

    Telework, BYOD and DEOS

    Telework made the idea of bringing your own device a top priority as the Defense Information Systems Agency begins transitioning to a permanent version of the commercial virtual remote environment.

Stay Connected