DNS SECURITY EXTENSIONS FOR EMULATED APPLICATIONS
First Claim
Patent Images
1. A method, comprising:
- receiving, at a non-emulated interface, a DNS query from a program executed in an emulated environment;
comparing, by the non-emulated interface, a domain name associated with the DNS query to a list of secured zones comprising secured domain names;
determining, by the non-emulated interface, whether the domain name resides in a zone on the list of secured zones; and
when the domain name resides in a zone on the list of secured zones, performing the steps comprising;
sending an instruction to one or more DNS servers to resolve the DNS query and to authenticate the domain name associated with the DNS query;
receiving a response comprising an indication from the one or more DNS servers whether the domain name has been authenticated; and
sending a DNS query result to the program based, at least in part, on the received indication.
1 Assignment
0 Petitions
Accused Products
Abstract
The non-emulated interface may determine whether the domain-name-to-be-resolved resides in a zone on a list of secured zones. If so, the DNS query may be processed by a non-emulated interface in the host environment. The non-emulated interface may determine whether the domain-name-to-be-resolved resides in a zone on a list of secured zones. If so, the DNS query may be performed by the non-emulated interface using DNSSEC. DNS resolutions that do not pass the security checks may fail while DNS resolutions that pass the security checks will be returned to the customer.
-
Citations
21 Claims
-
1. A method, comprising:
-
receiving, at a non-emulated interface, a DNS query from a program executed in an emulated environment; comparing, by the non-emulated interface, a domain name associated with the DNS query to a list of secured zones comprising secured domain names; determining, by the non-emulated interface, whether the domain name resides in a zone on the list of secured zones; and when the domain name resides in a zone on the list of secured zones, performing the steps comprising; sending an instruction to one or more DNS servers to resolve the DNS query and to authenticate the domain name associated with the DNS query; receiving a response comprising an indication from the one or more DNS servers whether the domain name has been authenticated; and sending a DNS query result to the program based, at least in part, on the received indication. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer program product, comprising:
a non-transitory computer-readable medium comprising instructions which, when executed by a processor of a computing system, cause the processor to perform the steps of; receiving, at a non-emulated interface, a DNS query from a program executed in an emulated environment; comparing, by the non-emulated interface, a domain name associated with the DNS query to a list of secured zones comprising secured domain names; determining, by the non-emulated interface, whether the domain name resides in a zone on the list of secured zones; and when the domain name resides in a zone on the list of secured zones, performing the steps comprising; sending an instruction to one or more DNS servers to resolve the DNS query and to authenticate the domain name associated with the DNS query; receiving a response comprising an indication from the one or more DNS servers whether the domain name has been authenticated; and sending a DNS query result to the program based, at least in part, on the received indication. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
15. An apparatus, comprising:
-
a memory; and a processor coupled to the memory, wherein the processor is configured to execute the steps of; receiving, at a non-emulated interface, a DNS query from a program executed in an emulated environment; comparing, by the non-emulated interface, a domain name associated with the DNS query to a list of secured zones comprising secured domain names; determining, by the non-emulated interface, whether the domain name resides in a zone on the list of secured zones; and when the domain name resides in a zone on the list of secured zones, performing the steps comprising; sending an instruction to one or more DNS servers to resolve the DNS query and to authenticate the domain name associated with the DNS query; receiving a response comprising an indication from the one or more DNS servers whether the domain name has been authenticated; and sending a DNS query result to the program based, at least in part, on the received indication. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification