Measuring DNS health, security

In early February, about fifty top DNS experts, engineers and practitioners assembled at an invitation-only symposium in Japan to talk about an esoteric but significant challenge to the future of the Internet: measuring the health of the domain name system (DNS). Determining the status of critical infrastructure of any kind can be difficult, but DNS is doubly so because it is a distributed infrastructure not run by one or even a handful of operators – there are thousands of “important” DNS operators.

In early February, about fifty top DNS experts, engineers and practitioners assembled at an invitation-only symposium at Kyoto University in Japan to talk about an esoteric but significant challenge to the future of the Internet: measuring the health of the domain name system (DNS), which is responsible for converting human readable names into computer-usable network addresses. Determining the status of critical infrastructure of any kind can be difficult, but DNS is doubly so because it is a distributed infrastructure not run by one or even a handful of operators – there are thousands of “important” DNS operators. Together with the domain name registries and registrars, they provide an important element of what makes the Internet work.

The Symposium, held during February 1-3, 2010 under the sponsorship of ICANN’s Security Group and DNS-OARC, provided an opportunity to exchange ideas among people from all parts of the DNS community about what it means for the DNS to be “healthy,” and how the community should go about measuring its health. Co-sponsoring the symposium were Kyoto University and Nara Advanced Institute of Science and Technology.

According to the conference keynote speaker, Andrew Sullivan [of Shinkuro, Inc.], one of the big challenges in defining health is that health of a large ecosystem such as a forest often supports — even encourages — locally unhealthy conditions. In other words, health is not a universal term that applies equally to all parts of a system at once; it implies a value of health that is relative to the entire system. Drawing a similar kind of parallel between the DNS and human health, many of the speakers and participants grappled with notions of measurement, privacy preservation, pattern analysis and, notably, the ongoing challenge posed by searching for unknowns in large data sets.

The conference website contains all of the symposium background material, and will also contain the final report, due to be published in March 2010.

Tagged with:
 

Leave a Reply



Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Visit our friends!

A few highly recommended friends...