Today Internet relies on a proper operating name services over the Internet, such as Domain Name System (DNS) services and other similar name services. These name services translate a service name, or a resource name into one or more network or service addresses corresponding to servers providing the service or resource. To ensure availability of the service or resource, it is common to have many servers offering the service or resource. Such availability may address one or more service problems such as server failure, server maintenance, network delays, network traffic congestion, service scaling with expected large numbers of service sessions, service restrictions to geographical areas, secure access for private networks, or other service considerations.
When a host sends a name service request, the response it receives may contain service addresses that are not appropriate for the host or the service name requested. For example, abc.com may have different services for different geographic location. A host on the East coast should be served by a resource server on the East coast, while hosts on the West coast should be served by servers on the West coast. In another example, movies.universal-studio.com has different distribution agreements with studios over different countries. Hosts from Japan should be directed to servers that enforces Japan's services. Hosts from Belgium should be directed to servers enforcing European services.
For example, a geo-location based name service gateway is deployed between a host and a name service server. The service gateway receives a response from the name service server. The service gateway filters the response according to a set of location based rules and the host before sending the modified response to the host. Typically the service gateway stores the response and uses it to respond to another request for the same service or resource name from another host. The process allows the service gateway to use the same response for many name service requests. The process not only reduces the load onto the name service servers, but also improves the service quality the hosts receive.
However, this process does not works well with a secure name service, where the response from the name service server is encrypted and where the modified response needs to be encrypted before sending to the host. Decryption and encryption are computationally complex and consume valuable CPU cycles of the service gateway. The service quality offered by the service gateway would degrade during a busy period when a large number of name service requests are received by the service gateway over a short period of time. Busy periods are common in many networks and for many Internet services.
Therefore, there is a need for a method to generate a plurality of secure name records based on a name record response from a name service server so as to reduce the need to generate a secure modified response for each name service request.