DNS-BASED METHOD AND SYSTEM FOR USER AUTHENTICATION AND DOMAIN NAME ACCESS CONTROL

摘要

Disclosed are a DNS-based method and system for user authentication and domain name access control. The method comprises: a service provider establishing an authentication server for a service provided by the service provider, and registering an IP address of the authentication server in a DNS server, and the DNS server establishing a CA resource record according to the IP address and an authentication protocol type; a user initiating a domain name query request to the DNS server, and the DNS server returning a CA resource record corresponding to the domain name to the user; the user accessing the authentication server and performing authentication according to the CA resource record; after the authentication succeeds, the authentication server returning, to the user, key information required by secure connection, and assigning an application server; and the user having access to an Internet resource by using the application server. In the present invention, a new resource record is introduced to the DNS system, the user is authenticated and the application server is assigned to the user, and the security and reliability of service providing are ensured by using separation of the service from the authentication.