|Penn: First US University to Deploy DNS Security Throughout the Institution
November 10, 2009,
Volume 56, No. 11
The University of Pennsylvania, through Information Systems and Computing, has become the first US university to implement institution-wide Domain Name Security Extensions technology.
DNSSEC addresses many security vulnerabilities in the Domain Name System, allowing user-friendly domain names, such as www.upenn.edu, to be translated into numeric network addresses required to deliver information on the Internet. DNSSEC is also used to incorporate digital signatures, which can be used to verify user authenticity and prevent Web-based attacks.
A few US universities have deployed DNSSEC in parts of their infrastructure, but Penn is the first to have completed a DNSSEC deployment on a campus-wide scale.
“The University of Pennsylvania and ISC are honored to have this opportunity to contribute to enhancing Internet security,” Robin Beck, vice president of Information Systems and Computing, said. “Having a safe Internet is absolutely critical to the Penn community, which depends upon Web-based technology for a myriad of critical functions and services, including our undergraduate admissions system, student financial services, course registration and submission and award of research grants, to name just a few.”
Shumon Huque, an IT technical director in ISC’s Networking and Telecommunications Section, is coordinating with EDUCAUSE, a non-profit dedicated to furthering technology use in higher education, to place DNSSEC technology in the EDU top-level DNS domain.
“Higher education can take a leadership role in securing the DNS,” Mr. Huque said. “If a few universities in advanced networking adopt DNSSEC and share experiences, we can make broad deployment more straightforward for the larger community.”
When the project is complete, educational institutions across the country will have the ability to publish a digital signature for their EDU domain names.