Revisiting DNS and WHOIS in the cloud era

Abstract

If the Internet is the original cloud, then ubiquitous Internet information services such as the Domain Name System (DNS) and WHOIS are among the classic cloud services. Although protocols from the 1980s running over ports 53 and 43 may appear to be a long way from today's cloud computing model, the services' profile - with points of presence around the world sharing a common data set and fulfilling billions of transactions per day - is much closer to "cloud" than one might expect. Indeed, all five essential characteristics of cloud computing appear, to varying extents, in the implementation of these early examples of the Software as a Service model. In this talk, I'll reintroduce these protocols from a cloud perspective, describe their security mechanisms, including the DNS Security Extensions (DNSSEC), and share some emerging work on next-generation WHOIS in a more contemporary style that should also make it more secure. I'll also explain the essential role that cloud services play in mitigating Distributed Denial of Service (DDoS) attacks.