최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | US-0286436 (2016-10-05) |
등록번호 | US-RE47019 (2018-08-28) |
발명자 / 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 | 피인용 횟수 : 0 인용 특허 : 522 |
A method, computer readable medium, and device for providing authenticated domain name service includes forwarding at a traffic management device a request for a domain name from a client device to one or more servers coupled to the traffic management device. The traffic management device receives a
A method, computer readable medium, and device for providing authenticated domain name service includes forwarding at a traffic management device a request for a domain name from a client device to one or more servers coupled to the traffic management device. The traffic management device receives a first response comprising at least a portion of the domain name from the one or more servers. The traffic management device attaches a first signature to the first response when the first response is determined by the traffic management device to be an unauthenticated response, and provides the first response with the first signature to the client device.
1. A method for providing authenticated domain name service comprising: forwarding at a traffic management device a domain name system security extension (DNSSEC) type request for a domain name received from a client device to one or more domain name system (DNS) servers;receiving at the traffic man
1. A method for providing authenticated domain name service comprising: forwarding at a traffic management device a domain name system security extension (DNSSEC) type request for a domain name received from a client device to one or more domain name system (DNS) servers;receiving at the traffic management device a response for at least a portion of the domain name from the one or more servers, wherein the one or more servers are not domain name system security extension (DNSSEC) compliant;creating at the traffic management device a resource record when the response is determined to be a denial of existence response for the requested domain name;generating at the traffic management device a signature and signing the response or the resource record using the signature; andsending at the traffic management device the signed resource record or response to the client device in response to the request. 2. The method as set forth in claim 1, wherein the one or more servers are authoritative for a zone associated with the at least a portion of the domain name. 3. The method as set forth in claim 1, wherein the signing further comprises encrypting the response or the resource record using a stored private key, the method further comprising performing at the traffic management device a hash of the encrypted response or resource record prior to the sending. 4. The method as set forth in claim 1, wherein the at least a portion of the domain name comprises a top-level domain name that is known to be authenticated. 5. The method as set forth in claim 1, wherein at least one of the first or second server is authoritative for a zone associated with the at least a portion of the domain name. 6. A non-transitory computer readable medium having stored thereon instructions for providing authenticated domain name service comprising machine executable code which when executed by at least one processor, causes the processor to perform steps comprising: forwarding a domain name system security extension (DNSSEC) type request for a domain name received from a client device to one or more domain name system (DNS) servers;receiving a response for at least a portion of the domain name from the one or more servers, wherein the one or more servers are not domain name system security extension (DNSSEC) compliant;creating a resource record when the response is determined to be a denial of existence response for the requested domain name;generating a signature and signing the response or the resource record using the signature; andsending the signed resource record or response to the client device in response to the request. 7. The medium as set forth in claim 6, wherein the one or more servers are authoritative for a zone associated with the at least a portion of the domain name. 8. The medium as set forth in claim 6, wherein the signing further comprises encrypting the response or the resource record using a stored private key, the medium further having stored thereon instructions comprising machine executable code which when executed by the at least one processor causes the processor to perform steps further comprising performing a hash of the encrypted response or resource record prior to the sending. 9. The medium as set forth in claim 6, wherein the at least a portion of the domain name comprises a top-level domain name that is known to be authenticated. 10. A traffic management device comprising: at least one processor; anda memory coupled to the at least one processor which is configured to be capable of executing programmed instructions stored in the memory to perform steps comprising: forwarding a domain name system security extension (DNSSEC) type request for a domain name received from a client device to one or more domain name system (DNS) servers;receiving a response for at least a portion of the domain name from the one or more servers, wherein the one or more servers are not domain name system security extension (DNSSEC) compliant;creating a resource record when the response is determined to be a denial of existence response for the requested domain name;generating a signature and signing the response or the resource record using the signature; andsending the signed resource record or response to the client device in response to the request. 11. The device as set forth in claim 10, wherein the one or more servers are authoritative for a zone associated with the at least a portion of the domain name. 12. The device as set forth in claim 10, wherein the signing further comprises encrypting the response or the resource record using a stored private key, the at least one processor further configured to be capable of executing programmed instructions stored in the memory to perform steps further comprising performing a hash of the encrypted first response or resource record prior to the sending. 13. The device as set forth in claim 10, wherein the at least a portion of the domain name comprises a top-level domain name that is known to be authenticated. 14. A method for providing authenticated domain name service comprising: forwarding at a traffic management device a domain name system security extension (DNSSEC) type request for a domain name received from a client device to a global server load balancer coupled to at least first domain name system (DNS) server that is not DNSSEC compliant and a second DNS server that is DNSSEC compliant;receiving at the traffic management device first and second responses for at least a portion of the domain name from the global server load balancer, wherein the first response is from the first server and the second response is from the second server;generating at the traffic management device a signature and signing the first response using the signature when the first response is determined to be more current than the second response; andsending at the traffic management device the signed first response to the client device in response to the request. 15. The method as set forth in claim 1, wherein the first and second responses are denial of existence responses and the method further comprises: creating at the traffic management device a resource record;generating at the traffic management device a signature and signing the first or second response or the resource record using the signature; andsending at the traffic management device the signed resource record or first or second response to the client device in response to the request. 16. The method as set forth in claim 15, wherein the signing further comprises encrypting the first or second response or the resource record using a stored private key, the method further comprising performing at the traffic management device a hash of the encrypted first or second response or resource record prior to the sending. 17. A non-transitory computer readable medium having stored thereon instructions for providing authenticated domain name service comprising machine executable code which when executed by at least one processor, causes the processor to perform steps comprising: forwarding a domain name system security extension (DNSSEC) type request for a domain name received from a client device to a global server load balancer coupled to at least first domain name system (DNS) server that is not DNSSEC compliant and a second DNS server that is DNSSEC compliant;receiving first and second responses for at least a portion of the domain name from the global server load balancer, wherein the first response is from the first server and the second response is from the second server;generating a signature and signing the first response using the signature when the first response is determined to be more current than the second response; andsending the signed first response to the client device in response to the request. 18. The medium as set forth in claim 17, wherein the first and second responses are denial of existence responses and the medium further has stored thereon instructions comprising machine executable code which when executed by the at least one processor causes the processor to perform steps further comprising: creating at the traffic management device a resource record;generating at the traffic management device a signature and signing the first or second response or the resource record using the signature; andsending at the traffic management device the signed resource record or first or second response to the client device in response to the request. 19. The medium as set forth in claim 18, wherein the signing further comprises encrypting the first or second response or the resource record using a stored private key, the medium further having stored thereon instructions comprising machine executable code which when executed by the at least one processor causes the processor to perform steps further comprising performing a hash of the encrypted first or second response or resource record prior to the sending. 20. The medium as set forth in claim 17, wherein at least one of the first or second server is authoritative for a zone associated with the at least a portion of the domain name. 21. A traffic management device comprising: at least one processor; anda memory coupled to the at least one processor which is configured to be capable of executing programmed instructions stored in the memory to perform steps comprising: forwarding a domain name system security extension (DNSSEC) type request for a domain name received from a client device to a global server load balancer coupled to at least first domain name system (DNS) server that is not DNSSEC compliant and a second DNS server that is DNSSEC compliant;receiving first and second responses for at least a portion of the domain name from the global server load balancer, wherein the first response is from the first server and the second response is from the second server;generating a signature and signing the first response using the signature when the first response is determined to be more current than the second response; andsending the signed first response to the client device in response to the request. 22. The device as set forth in claim 21, wherein the first and second responses are denial of existence responses and the at least one processor is further configured to be capable of executing programmed instructions stored in the memory to perform steps further comprising: creating at the traffic management device a resource record;generating at the traffic management device a signature and signing the first or second response or the resource record using the signature; andsending at the traffic management device the signed resource record or first or second response to the client device in response to the request. 23. The device as set forth in claim 22, wherein the signing further comprises encrypting the first or second response or the resource record using a stored private key, the at least one processor further configured to be capable of executing programmed instructions stored in the memory to perform steps further comprising performing a hash of the encrypted first or second response or resource record prior to the sending. 24. The device as set forth in claim 21, wherein at least one of the first or second server is authoritative for a zone associated with the at least a portion of the domain name. 25. A non-transitory computer readable medium having stored thereon instructions for providing authenticated domain name service comprising machine executable code which when executed by at least one processor, causes the processor to: receive a domain name system security extension (DNSSEC) request for a domain name from a DNSSEC compliant computing device;generate a domain name system (DNS) request corresponding to the DNSSEC request for the domain name;send the DNS request for the domain name to one or more DNS servers that are not DNSSEC compliant;receive a DNS compliant response for at least a portion of the domain name from the one or more DNS servers;create a signed resource record that is DNSSEC compliant when the DNS compliant response from the one or more DNS servers is a denial of existence response for the requested domain name; andsend the signed resource record to the requesting DNSSEC compliant computing device. 26. The medium as set forth in claim 25, wherein the DNS servers are authoritative for a zone associated with the at least a portion of the domain name. 27. The medium as set forth in claim 25, wherein the executable code, when executed by the processor, further causes the processor to: encrypt the signed resource record using a stored private key; andperform a hash of the encrypted signed resource record prior to sending the signed resource record to the requesting DNSSEC compliant computing device. 28. The medium as set forth in claim 25, wherein the at least a portion of the domain name comprises a top-level domain name that is known to be authenticated. 29. A method for providing authenticated domain name service implemented by a system comprising one or more network traffic management devices, one or more servers, or one or more clients, the method comprising: receiving a domain name system security extension (DNSSEC) request for a domain name from a DNSSEC compliant computing device;generating a domain name system (DNS) request corresponding to the DNSSEC request for the domain name;sending the DNS request for the domain name to one or more DNS servers that are not DNSSEC compliant;receiving a DNS compliant response for at least a portion of the domain name from the one or more DNS servers;creating a signed resource record that is DNSSEC compliant when the DNS compliant response from the one or more DNS servers is a denial of existence response for the requested domain name; andsending the signed resource record to the requesting DNSSEC compliant computing device. 30. The method as set forth in claim 29, wherein the DNS servers are authoritative for a zone associated with the at least a portion of the domain name. 31. The method as set forth in claim 29, further comprising: encrypting the signed resource record using a stored private key; andperforming a hash of the encrypted signed resource record prior to sending the signed resource record to the requesting DNSSEC compliant computing device. 32. The method as set forth in claim 25, wherein the at least a portion of the domain name comprises a top-level domain name that is known to be authenticated. 33. A system comprising one or more network traffic management devices, one or more servers, or one or more clients, the system comprising: one or more processors; andmemory comprising programmed instructions stored in the memory, the one or more processors configured to be capable of executing the programmed instructions stored in the memory to: receive a domain name system security extension (DNSSEC) request for a domain name from a DNSSEC compliant computing device;generate a domain name system (DNS) request corresponding to the DNSSEC request for the domain name;send the DNS request for the domain name to one or more DNS servers that are not DNSSEC compliant;receive a DNS compliant response for at least a portion of the domain name from the one or more DNS servers;create a signed resource record that is DNSSEC compliant when the DNS compliant response from the one or more DNS servers is a denial of existence response for the requested domain name; andsend the signed resource record to the requesting DNSSEC compliant computing device. 34. The system as set forth in claim 33, wherein the DNS servers are authoritative for a zone associated with the at least a portion of the domain name. 35. The system as set forth in claim 33, wherein the one or more processors are further configured to be capable of executing the programmed instructions stored in the memory to: encrypt the signed resource record using a stored private key; andperform a hash of the encrypted signed resource record prior to sending the signed resource record to the requesting DNSSEC compliant computing device. 36. The system as set forth in claim 33, wherein the at least a portion of the domain name comprises a top-level domain name that is known to be authenticated.
Copyright KISTI. All Rights Reserved.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.