Research On Key Technologies Of DNS Root Zone Management Based On Blockchain

The Domain Name System(DNS)is a critical infrastructure of the Internet and the cornerstone of cyberspace security.The root zone is located at the top of the DNS namespace hierarchy and is the origin of domain name authorization and resolution.There are several centralization problems in the current DNS root zone management,that is,centralization of top-level domain authorization,centralization of root zone data management and centralization of root service provision.The centralized management model creates structural contradictions with the demand for decentralization,such as the difficulty of national attribution of cc TLDs in the current root zone management system.Therefore the above contradictions need to be urgently resolved.Blockchain is a distributed ledger technology that can run in a weak trust environment,with features of decentralization,tamper-proof,high reliability and traceability,which makes blockchain have natural advantages and application scenarios in multi-party governance,data asset validation and digital identity management.In this paper,we focus on the decentralized solution of root zone management based on blockchain technology for how to improve the multiparty participation,transparency and automation of root zone management,as well as to guarantee the autonomy of national top-level domains.The main work and innovation points of this paper are as follows.(1)To solve the contradiction between the current centralized management of root zone and the demand for decentralized management of cc TLDs,we propose a local root chain root zone management architecture,in which different local roots jointly manage top-level domain authorizations through blockchain and smart contract technologies to ensure the uniqueness of domain name namespace while meeting the autonomy of cc TLDs.Each local root independently authorizes root server operators to achieve open provision and localization of root services.(2)Decentralization of identity management is a prerequisite for decentralization of root zone management and autonomy of cc TLDs.To solve the current problems of centralized storage and insufficient privacy protection of digital identity management,a hybrid digital identity management framework is constructed,and a multicenter federated identity management model based on multiple peer certificate authority and an autonomous identity management model based on decentralized identifiers and verifiable credentials are proposed respectively.Under the premise of satisfying the local root chain permission-based management,it enables users to manage identity data autonomously and become the real owner of digital identity.It provides reliable support for the asset management on the chain.(3)In response to the current problems such as insufficient transparency and automation of DNS root zone management,an approval-based multi-party management framework for on-chain assets is proposed,which updates on-chain assets through three stages of propose-review-conclude,and provides complete approval lifecycle management and flexible review strategies.The asset data in root zone management is abstracted into procedure,agreements and resources,and templating techniques are used to improve the scalability of the smart contract architecture.Related experiments show that the local root chain smart contract functional integrity and performance meets the requirements.