IPSec and DNSSEC to Support GRID Application Security
CCGRID '02 Proceedings of the 2nd IEEE/ACM International Symposium on Cluster Computing and the Grid
The Anatomy of the Grid: Enabling Scalable Virtual Organizations
International Journal of High Performance Computing Applications
Layering Public Key Distribution Over Secure DNS using Authenticated Delegation
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
ICNS '06 Proceedings of the International conference on Networking and Services
New directions in cryptography
IEEE Transactions on Information Theory
Hi-index | 0.00 |
The Internet today is a highly dynamic environment which frequently requires secure communication between peers that do not have a direct trust relationship. Current solutions for establishing trust often require static and application-specific Public Key Infrastructures (PKIs). This paper presents trusted directory services as a key infrastructural technology for setting up secure Internet connections, providing an alternative to application-specific PKIs. The directory securely binds public keys to peers through their names in a flexible way that matches the dynamic nature of the Internet. We elaborate on this concept by showing how the Domain Name System (DNS) and its security extensions (DNSSEC) can be leveraged for establishing secure Transport Layer Security (TLS) connections in a dynamic way. A simple enhancement of the TLS protocol, called Extended TLS (E-TLS), required for this purpose, is proposed. We describe our E-TLS implementation and we conclude with an evaluation of our results.