The implementation strategy of DNSSEC in strengthening digital government security in Malaysia

Abstract

DNS is a well-known and important protocol on the Internet. Its main function is to translate domain names and Internet protocol addresses to allow users to access the Internet. However, it was created without consideration of security factors. Due to the vulnerabilities found in the DNS, it is often the main target of hackers for carrying out DNS spoofing attacks. To overcome this problem, DNSSEC is introduced. DNSSEC uses cryptographic public keys to create digital signatures in DNS and provides the origin authority, data integrity, and authenticated denial of existence. Therefore, in order to improve the security features of the domain in Malaysia, the implementation of DNSSEC is first performed on the domains of the Government of Malaysia. In this paper, we describe the DNSSEC implementation strategy which was performed on the Malaysian Government’s domains under the administration of MAMPU. This DNSSEC process took almost a year to implement and it involved a total of 439 domains. With the implementation of DNSSEC on the .gov.my domain names, the level of security is enhanced, and it brings a significant impact on the digital transformation and digital transactions that are provided by the Government of Malaysia to its people.