WWW95: reliability of WWW name servers

  1. abstract
  2. a Uniform Resource Name (URN) capability is being developed for the World Wide Web. while this will provide important new capabilities for the WWW, the reliability of name servers in which a URN will be used is questionable. this paper looks at the basis of unreliability for name servers and proposes a scaleable-cost solution for addressing the reliability problem.

  3. my comment
  4. the explosion in use of the Internet for distributed information services is a cause for increasing concern with respect to the reliability of the various name services, especially the Domain Name Service (DNS). name servers might be confused or compromised, either accidentally or maliciously !

    kenneth e. rowe from the national security agency, ft. meade, USA and charles k. nicholas from the computer science department of the university of maryland baltimore county, USA explained the problem of reliable name translation services and proposed a solution to it.

    reliable name translation services should overcome the problem of "laying" translation servers (servers that provide incorrect name translations for what ever reasons). if a name translation (e.g. an URN to URL translation) is done by a confused or compromised server, the returned URL might be incorrect. this may be fatal if sensitive data was entered into a WWW form, for instance the number and expiration date of a credit card. if the URN to URL translation server returns an incorrect URL, this sensitive information might be sent to an unfriendly person instead of the registration office where it was intended to be sent to. in such situations, we need reliable URN to URL translation.

    a possible way to improve reliability is to involve multiple servers into a decision. the byzantine generals problem (BGP) discusses reliability in terms of good and bad generals. if N bad generals can lie, then it requires 2N+1 generals to be involved in a decision to come to a reliable good decision. if a bad general can also impersonate a good general, then 3N+1 generals have to be involved.

    if documents may be replicated on various servers, URN to URL translation may result in many different but still valid URLs. the same is true if documents are cached between the original server and the client. therefore it is difficult to decide if two URLs are equal or not. unfortunately, this makes the process of reliable translation services even more complicated. one possible solution to that problem is to cluster translation servers in such a way that they all supply the same URL for a given URN.

    i think this paper has addressed one of the most difficult and most important problems not only of the World Wide Web, but of the Internet itself. many services rely on many different translation services and it is relatively simple to compromise such services. if more and more commercial services use the Internet, the security issue becomes even more important.
    URN to URL translation services is a good example of how difficult it will be to provide reliable but efficient name translation services.

this paper is available on the Web.
back to WWW95 main document

reliability_of_www_name_servers / 24-apr-95 (ra) / reto ambühler