July 19, 2005 1 Secure Messaging Models Co-existence and Interoperability Russell W. Chung New York, NY July 19, 2005.

Slides:



Advertisements
Similar presentations
Chapter 14 – Authentication Applications
Advertisements

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
Grid Computing Basics From the perspective of security or An Introduction to Certificates.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter 10 Securing Exchange Server 2003.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.
Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.
Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Application of Attribute Certificates in S/MIME Greg Colla & Michael Zolotarev Baltimore Technologies 47 th IETF Conference Adelaide, March 2000.
Guide to Operating System Security Chapter 10 Security.
PRISM-PROOF Phillip Hallam-Baker Comodo Group Inc.
Deployment Models A. client (no S/MIME) »NHIN-Direct developed security agent »off-the-shelf S/MIME proxy B. client using Native S/MIME »Internet.
SMUCSE 5349/49 Security. SMUCSE 5349/7349 Threats Threats to the security of itself –Loss of confidentiality s are sent in clear over.
Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.
Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)
Digital Certificates With Chuck Easttom. Digital Signatures  Digital Signature is usually the encryption of a message or message digest with the sender's.
Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Public-key Cryptography Strengths and Weaknesses Matt Blumenthal.
Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
Wireless and Security CSCI 5857: Encoding and Encryption.
Securing Data at the Application Layer Planning Authenticity and Integrity of Transmitted Data Planning Encryption of Transmitted Data.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
Masud Hasan Secue VS Hushmail Project 2.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
Introduction to Secure Messaging Issues Russ Chung, American Eagle Group The Open Group Messaging Forum July 24, 2003.
Module 6 Planning and Deploying Messaging Security.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Module 9: Fundamentals of Securing Network Communication.
Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.
1 Information Security Practice I Lab 5. 2 Cryptography and security Cryptography is the science of using mathematics to encrypt and decrypt data.
Symmetric Cryptography, Asymmetric Cryptography, and Digital Signatures.
1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.
Module 12 Integrating Exchange Server 2010 with Other Messaging Systems.
X.509 Topics PGP S/MIME Kerberos. Directory Authentication Framework X.509 is part of the ISO X.500 directory standard. used by S/MIME, SSL, IPSec, and.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Chapter 29 Internet Security.
Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training WatchGuard XCS What’s New in version 10.1.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Module 2: Introducing Windows 2000 Security. Overview Introducing Security Features in Active Directory Authenticating User Accounts Securing Access to.
7.6 Secure Network Security / G.Steffen1. In This Section Threats to Protection List Overview of Encrypted Processing Example.
2/19/2016clicktechsolution.com Security. 2/19/2016clicktechsolution.com Threats Threats to the security of itself –Loss of confidentiality.
Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
X509 Web Authentication From the perspective of security or An Introduction to Certificates.
Appendix B Advanced Topics in Exchange Server 2010.
Encryption and Security Tools for IA Management Nick Hornick COSC 481 Spring 2007.
VIRTUAL SERVERS Chapter 7. 2 OVERVIEW Exchange Server 2003 virtual servers Virtual servers in a clustering environment Creating additional virtual servers.
Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.
Key management issues in PGP
CS 465 Secure Last Updated: Nov 30, 2017.
S/MIME T ANANDHAN.
Chapter 7 STRENGTH OF ENCRYPTION & Public Key Infrastructure
Public Key Infrastructure
Unit 8 Network Security.
Electronic Payment Security Technologies
Presentation transcript:

July 19, Secure Messaging Models Co-existence and Interoperability Russell W. Chung New York, NY July 19, 2005

July 19, Agenda  Secure Messaging Models  End to End Secure Messaging  Gateway to Gateway Secure Messaging  Web Enabled Secure Messaging  Hybrid Models  Co-existence and Interoperability  Importance of Interoperability  Issues  A Call to Action

July 19, End to End Secure Messaging  Messages are encrypted by sender; remain encrypted until decrypted by recipient  Messages are signed by sender; signature is verified by recipient  Uses a combination of symmetrical and public key algorithms  Established standards  Examples: S/MIME, PGP

July 19, End to End Secure Messaging  Certificate administration a challenge  Internal: renewal, revocation, support  External: cross certification  Messages cannot be scanned for viruses  Messages cannot be filtered for content

July 19, Gateway to Gateway Secure Messaging  Messages are encrypted by outbound MTA typically at domain boundary, decrypted by inbound MTA  Messages are signed by outbound MTA, typically at domain boundary, signature is verified by inbound MTA  Uses a combination of symmetrical and public key algorithms  Emerging standards  Examples: TLS, SMG

July 19, Web Enabled Secure Messaging  Variation #1  Sender deposits message in a secure web server, sends a URL link to recipient  Recipient opens a web browser, establishes SSL session, authenticates to server, reads message  Variation #2  Sender encrypts message with a one-time use key, deposits key in a secure web server, sends encrypted message together with instructions to retrieve key  Recipient authenticates to server, retrieves key, reads message

July 19, Web Enabled Secure Messaging  Procedures for issuing certificates, key distribution and authentication of senders and recipients vary by service provider  Components of these systems are based on standards  Examples: ZixCorp, PostX, HushMail

July 19, ZixCorp

July 19, PostX

July 19, HushMail

July 19, HushMail

July 19, Co-existence and Interoperability  Co-existence - ability to utilize existing SMTP infrastructure to send unsigned/unencrypted messages between users of different secure messaging models  Interoperability - ability to send an encrypted or signed message between users of different secure messaging models

July 19, Importance of Interoperability  “One size does NOT fit everyone”  Lack of interoperability creates islands of secure messaging  Lack of interoperability prevents growth of secure messaging  Lessons Learned  Networking history  history

July 19, Issues  S/MIME, PGP, Web Enabled SMG  Certificate Interoperability  Certificate Exchange  Certificate validation  S/MIME, PGP > Web Enabled  Transparent to senders but recipients may need credentials for multiple service providers  In General  Establishing and maintaining trust  Patents

July 19, Call to Action

July 19, Secure Messaging Models Russell W. Chung earthlink.net