Process and system providing internet protocol security without secure domain resolution
First Claim
1. A computer system providing Internet protocol security without secure domain name resolution, the system comprising:
- a local domain name service (DNS) server that is communicatively coupled to a processor and that includes a secure Internet security protocol (IPSEC) cache, wherein the secure IPSEC cache comprises a plurality of cache entries, wherein each cache entry comprises a domain name and information that uniquely associates the cache entry with a particular application process or execution time, wherein the secure IPSEC cache is readable only by an Internet protocol (IP) processing layer of an operating system that controls execution of an application program by the processor;
a security policy data store that is communicatively coupled to the IP processing layer;
a computer-readable medium accessible to the processor and comprising one or more sequences of instructions which, when executed by the processor, cause the processor to carry out the steps of;
receiving a message generated as a result of execution of the application program and that contains a domain name to be resolved by the local DNS server;
storing, in a first of the cache entries, the domain name contained in the message and identifying information that uniquely associates the first cache entry with a particular application process or execution time;
receiving a data packet from the application;
in response to receiving the data packet from the application, locating an entry in the secure IPSEC cache,based on the identifying information in the located cache entry, verifying that the domain name in the located entry matches the domain name in the message;
querying the security policy data store for an IPSEC policy matching the domain name in the located entry, wherein the IP processing layer verifies that the policy matches the domain name contained in the message;
in response to obtaining an IPSEC policy, applying the IPSEC policy to the data packet; and
purging the matching entry from the cache.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method providing Internet protocol security without secure domain name resolution are disclosed. A processor that periodically needs to resolve domain names into network addresses has a local DNS server that includes a secure IPSEC cache, a resolver function, a security policy database, and an IPSEC layer. The cache is readable only by the IPSEC layer. Resolved domain names are cached with process and transaction identifiers that uniquely associate the resolved names with an application process and time. When resolution is needed, the cache is used to ensure that IP addresses are resolved from names that came from the application. As a result, IPSEC connections may be established without use of DNSSEC to provide secure domain name resolution.
135 Citations
23 Claims
-
1. A computer system providing Internet protocol security without secure domain name resolution, the system comprising:
-
a local domain name service (DNS) server that is communicatively coupled to a processor and that includes a secure Internet security protocol (IPSEC) cache, wherein the secure IPSEC cache comprises a plurality of cache entries, wherein each cache entry comprises a domain name and information that uniquely associates the cache entry with a particular application process or execution time, wherein the secure IPSEC cache is readable only by an Internet protocol (IP) processing layer of an operating system that controls execution of an application program by the processor; a security policy data store that is communicatively coupled to the IP processing layer; a computer-readable medium accessible to the processor and comprising one or more sequences of instructions which, when executed by the processor, cause the processor to carry out the steps of; receiving a message generated as a result of execution of the application program and that contains a domain name to be resolved by the local DNS server; storing, in a first of the cache entries, the domain name contained in the message and identifying information that uniquely associates the first cache entry with a particular application process or execution time; receiving a data packet from the application; in response to receiving the data packet from the application, locating an entry in the secure IPSEC cache, based on the identifying information in the located cache entry, verifying that the domain name in the located entry matches the domain name in the message; querying the security policy data store for an IPSEC policy matching the domain name in the located entry, wherein the IP processing layer verifies that the policy matches the domain name contained in the message; in response to obtaining an IPSEC policy, applying the IPSEC policy to the data packet; and purging the matching entry from the cache. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for providing Internet protocol security without secure domain name resolution, the method comprising the computer-implemented steps of:
-
receiving a message generated as a result of execution of an application program and that contains a domain name to be resolved by the local DNS server; storing, in a first cache entry of a secure Internet security protocol (IPSEC) cache, the domain name contained in the message and identifying information that uniquely associates the first cache entry with a particular application process or execution time, wherein the secure IPSEC cache is communicatively coupled to a local domain name service (DNS) server, and wherein the secure IPSEC cache is readable only by an Internet protocol (IP) processing layer of an operating system that controls execution of the application program, and wherein each cache entry comprises information that uniquely associates the cache entry with a particular application process or execution time; receiving a data packet from the application; in response to receiving the data packet from the application, locating an entry in the secure IPSEC cache; based on the identifying information in the located cache entry, verifying that the domain name in the located entry matches the domain name in the message; in response to obtaining an IPSEC policy, querying a security policy data store that is communicatively coupled to the IP processing layer for an IPSEC policy matching the domain name in the located entry, wherein the IP processing layer verifies that the policy matches the domain name contained in the message; applying the IPSEC policy to the data packet; and purging the matching entry from the cache. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer-readable medium carrying one or more sequences of instructions for providing Internet protocol security without secure domain name resolution, which instructions, when executed by one or more processors, cause the one or more processors to carry out the steps of:
-
receiving a message generated as a result of execution of an application program and that contains a domain name to be resolved by the local DNS server; storing, in a first cache entry of a secure Internet security protocol (IPSEC) cache, the domain name contained in the message and identifying information that uniquely associates the first cache entry with a particular application process or execution time, wherein the secure IPSEC cache is communicatively coupled to a local domain name service (DNS) server, and wherein the secure IPSEC cache is readable only by an Internet protocol (IP) processing layer of an operating system that controls execution of the application program, and wherein each cache entry comprises information that uniquely associates the cache entry with a particular application process or execution time; receiving a data packet from the application; in response to receiving the data packet from the application, locating an entry in the secure IPSEC cache; based on the identifying information in the located cache entry, verifying that the domain name in the located entry matches the domain name in the message; in response to obtaining an IPSEC policy, querying a security policy data store that is communicatively coupled to the IP processing layer for an IPSEC policy matching the domain name in the located entry, wherein the IP processing layer verifies that the policy matches the domain name contained in the message; applying the IPSEC policy to the data packet; and purging the matching entry from the cache.
-
-
16. An apparatus for providing Internet protocol security without secure domain name resolution, comprising:
-
means for receiving a message generated as a result of execution of an application program and that contains a domain name to be resolved by the local DNS server; means for storing, in a first cache entry of a secure Internet security protocol (IPSEC) cache, the domain name contained in the message and identifying information that uniquely associates the first cache entry with a particular application process or execution time, wherein the secure IPSEC cache is communicatively coupled to a local domain name service (DNS) server, and wherein the secure IPSEC cache is readable only by an Internet protocol (IP) processing layer of an operating system that controls execution of the application program, and wherein each cache entry comprises information that uniquely associates the cache entry with a particular application process or execution time, means for receiving a data packet from the application; in response to receiving the data packet from the application, means for locating an entry in the secure IPSEC cache; based on the identifying information in the located cache entry, means for verifying that the domain name in the located entry matches the domain name in the message; means for querying a security policy data store that is communicatively coupled to the IP processing layer for an IPSEC policy matching the domain name in the located entry, wherein the IP processing layer verifies that the policy matches the domain name contained in the message; means for applying the IPSEC policy to the data packet; and means for purging the matching entry from the cache. - View Dependent Claims (17, 18, 19, 20, 21, 22)
-
-
23. An apparatus for providing Internet protocol security, without secure domain name resolution, for messages that are carried by a packet-switched data network, comprising:
-
a network interface that is coupled to the data network for receiving one or more packet flows therefrom; a processor; one or more stored sequences of instructions which, when executed by the processor, cause the processor to carry out the steps of; receiving a message generated as a result of execution of an application program and that contains a domain name to be resolved by the local DNS server; storing, in a first cache entry of a secure Internet security protocol (IPSEC) cache, the domain name contained in the message and identifying information that uniquely associates the first cache entry with a particular application process or execution time, wherein the secure IPSEC cache is communicatively coupled to a local domain name service (DNS) server, and wherein the secure IPSEC cache is readable only by an Internet protocol (IP) processing layer of an operating system that controls execution of the application program, and wherein each cache entry comprises information that uniquely associates the cache entry with a particular application process or execution time; receiving a data packet from the application; in response to receiving the data packet from the application, locating an entry in the secure IPSEC cache; based on the identifying information in the located cache entry, verifying that the domain name in the located entry matches the domain name in the message; in response to obtaining an IPSEC policy, querying a security policy data store that is communicatively coupled to the IP processing layer for an IPSEC policy matching the domain name in the located entry, wherein the IP processing layer verifies that the policy matches the domain name contained in the message; applying the IPSEC policy to the data packet; and purging the matching entry from the cache.
-
Specification