Online government services are increasingly regarded as critical national infrastructure. Because these services directly influence public trust, any disruption can have significant societal and political consequences. Yet their supporting infrastructures remain vulnerable to outages from natural disasters, geopolitical tensions, and targeted attacks. Central to their operation is the authoritative Domain Name System (DNS) infrastructure, the single source of truth that maps government domain names to service endpoints. While indispensable, this infrastructure also represents a potential and critical point of system failure. In this paper, we introduce a comprehensive assessment framework with purpose-designed mechanisms to systematically evaluate the operational resilience of authoritative DNS infrastructure supporting government services. Complementing prior studies on website hosting, recursive resolution, and DNS record integrity, our work provides a holistic view of authoritative DNS operation. Our first contribution develops a multi-sourced data schema that characterizes a (government) domain's authoritative DNS infrastructure across four hierarchical levels: physical hosting infrastructure, server functionality, name servers, and individual hosting instances. Using data collected from six representative countries, our second contribution identifies resilience attributes at their finest applicable hierarchy across three operational phases: infrastructure placement, service configuration, and DNS record dispatch. Our method assigns numerical scores to each attribute and aggregates them algorithmically to enable consistent and cross-domain comparisons. We apply our method to government domains in the six countries, highlighting their strengths and weaknesses in authoritative DNS resilience and pinpointing operational practices that require improvement.

翻译：在线政府服务日益被视为关键的国家基础设施。由于这些服务直接影响公众信任，任何中断都可能带来重大的社会和政治后果。然而，其支持的基础设施仍易受自然灾害、地缘政治紧张局势和针对性攻击导致的故障影响。其运行的核心是权威域名系统（DNS）基础设施，作为将政府域名映射至服务端点的唯一真实来源。尽管不可或缺，该基础设施也代表了系统潜在的、关键的故障点。本文提出一个综合评估框架，采用专门设计的机制，系统性地评估支持政府服务的权威DNS基础设施的运行弹性。本研究补充了先前关于网站托管、递归解析和DNS记录完整性的工作，提供了权威DNS运行的整体视图。我们的第一个贡献是开发了一个多源数据模式，从四个层次结构表征（政府）域名的权威DNS基础设施：物理托管基础设施、服务器功能、域名服务器和个体托管实例。利用从六个代表性国家收集的数据，我们的第二个贡献在三个运行阶段（基础设施部署、服务配置和DNS记录分发）中，于其最细适用的层次上识别弹性属性。我们的方法为每个属性分配数值分数，并通过算法进行聚合，以实现一致且跨域的比较。我们将该方法应用于六个国家的政府域名，突出其在权威DNS弹性方面的优势与不足，并指出需要改进的运行实践。