Robustness analysis of DNS paths and web access paths in public administration websites

Attacks at the naming or the routing infrastructure of the Internet have long become a reality and one single such attack has the potential of affecting access to Internet-facing services in many organizations. An important question to address is assessing the potential impact of attacks of this sort on the web infrastructure of an entire nation. In this work we examine the dependence of a large set of public administration websites on DNS entities and autonomous systems of four different countries: Italy, Germany, UK and US. We collected the dependencies of those websites from DNS zones, nameservers, networks, autonomous systems, and assessed the potential global impact of localized attacks on those entities. We also analyzed the prevalence of such defensive technologies as BGP Route Origin Authorization, DNSSEC and HTTPS Strict Transport Security. Our analysis highlights the structural interdependencies within the web infrastructures of public interest and illustrates the corresponding open problems, issues whose relevance can only grow.