Browse Prior Art Database

Method and System for User Based Access Control to a Domain Name System (DNS) Server

IP.com Disclosure Number: IPCOM000199353D
Publication Date: 2010-Aug-31
Document File: 2 page(s) / 64K

Publishing Venue

The IP.com Prior Art Database

Abstract

A method and system for accessing a Domain Name System (DNS) server based on identity of a user is disclosed.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 53% of the total text.

Page 1 of 2

Method and System for User Based Access Control to a Domain Name System (DNS) Server

Disclosed is a method and system for user based access control to a Domain Name System (DNS) server.

DNS servers resolve human recognizable alphanumeric characters used in domain names or Uniform Resource Locators (URL) to machine understandable IP addresses. The DNS servers are distributed all over the Internet and maintain a database that maps the URLs to the corresponding IP addresses. When a client computer wants to resolve a URL, it queries its DNS server for the IP address corresponding to a host associated with the URL. In response to the query, the DNS server provides the IP address corresponding to the URL to the requesting client. However, the public availability of IP addresses for specific hosts makes them easy targets for various types of attacks, such as Denial of Service (DoS) attacks.

The method and system disclosed herein controls the access to IP addresses of hosts based on identity of the user thereby preventing unauthorized access to the IP addresses.

Fig. 1 illustrates a flow chart of a method for a user based access control to a DNS Server.

The method and system disclosed herein uses an Access Control List (ACL) to control accesses to the IP addresses of hosts. The ACL specifies a list of clients approved to receive an IP address corresponding to a URL or domain name of a target host. The ACL contains the IP address of the client along with user specific inf...