Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security

Slides:



Advertisements
Similar presentations
Enabling Secure Internet Access with ISA Server
Advertisements

Basic Communication on the Internet:
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
INTRANET MAIL SERVER (DESIGN OF SMTP and POP3)
Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Principles of Information Security, 2nd edition1 Cryptography.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
Lesson 7: Business, , & Personal Information Management
1 Pertemuan 12 Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Circuit & Application Level Gateways CS-431 Dick Steflik.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Guidelines on Securing Public Web Servers
Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden
Guide to Operating System Security Chapter 10 Security.
1 Enabling Secure Internet Access with ISA Server.
» Explain the way that electronic mail ( ) works » Configure an client » Identify message components » Create and send messages.
 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.
SMUCSE 5349/49 Security. SMUCSE 5349/7349 Threats Threats to the security of itself –Loss of confidentiality s are sent in clear over.
Chapter 5. Learning Objectives Understand the need for secure Outline benefits of PGP and S/MIME Understand vulnerabilities and how.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
Chapter 7: Internet-Based Applications Business Data Communications, 6e.
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 12 Electronic Mail.
 TCP/IP is the communication protocol for the Internet  TCP/IP defines how electronic devices should be connected to the Internet, and how data should.
Securing Data at the Application Layer Planning Authenticity and Integrity of Transmitted Data Planning Encryption of Transmitted Data.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
Security+ All-In-One Edition Chapter 14 – and Instant Messaging Brian E. Brzezicki.
1 TCP/IP Applications. 2 NNTP: Network News Transport Protocol NNTP is a TCP/IP protocol based upon text strings sent bidirectionally over 7 bit ASCII.
The Internet 8th Edition Tutorial 2 Basic Communication on the Internet: .
Krerk Piromsopa. Network Security Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.
INTRODUCTION. The security system is used as in various fields, particularly the internet, communications data storage, identification and authentication.
Chapter 6 Electronic Mail Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
Module 9: Fundamentals of Securing Network Communication.
1 Chapter 5 Electronic mail security. 2 Outline Pretty good privacy S/MIME Recommended web sites.
Module 6: Integrating ISA Server 2004 and Microsoft Exchange Server.
Security Technology Clients and Mail Servers
Application Security: (April 10, 2013) © Abdou Illia – Spring 2013.
OV Copyright © 2005 Element K Content LLC. All rights reserved. Hardening Internetwork Devices and Services  Harden Internetwork Connection Devices.
Module 7: Advanced Application and Web Filtering.
CSCE 201 Security Fall CSCE Farkas2 Electronic Mail Most heavily used network-based application – Over 210 billion per day Used across.
SMTP / MIME Florin Zidaru.
Chapter 32 Internet Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
INTERNET PROTOCOLS. Microsoft’s Internet Information Server Home Page Figure IT2031 UNIT-3.
Security fundamentals Topic 9 Securing internet messaging.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Chapter 9 Networking & Distributed Security (Part C)
Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy
7.6 Secure Network Security / G.Steffen1. In This Section Threats to Protection List Overview of Encrypted Processing Example.
2/19/2016clicktechsolution.com Security. 2/19/2016clicktechsolution.com Threats Threats to the security of itself –Loss of confidentiality.
Lesson Background  is the most popular application on the Internet and the intranet.  Twelve million s were sent each day in.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.
CIW LESSON 7 PART A. INTRODUCTION TO BUSINESS ELECTRONIC MAIL The use of has given rise to the term ______________________, which is a slang term.
Lecture 8 (Chapter 18) Electronic Mail Security Prepared by Dr. Lamiaa M. Elshenawy 1.
Network System Security - Task 2. Russell Johnston.
Application layer tcp/ip
Internet Business Associate v2.0
Security Pretty Good Privacy (PGP)
CIW Lesson 7 Part A Name: _______________________________________
S/MIME T ANANDHAN.
Security at the Application Layer: PGP and S/MIME
ELECTRONIC MAIL SECURITY
Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls
ELECTRONIC MAIL SECURITY
Unit 8 Network Security.
Chapter 7 Network Applications
Module 4 System and Application Security
Presentation transcript:

Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security

Information Networking Security and Assurance Lab National Chung Cheng University 2 Background The process starts with  Message composition  Transmitted  Mail server processing

Information Networking Security and Assurance Lab National Chung Cheng University 3 Multipurpose Internet Mail Extensions (MIME) RFC 822: transmitting messages containing textual content does not address messages that contain attachments MIME were developed  Audio  Application  Image  Message  Multipart

Information Networking Security and Assurance Lab National Chung Cheng University 4 Mail Transport Standards To ensure reliability and interoperability among various applications Simple Mail Transfer Protocol (SMTP)

Information Networking Security and Assurance Lab National Chung Cheng University 5 Simple Mail Transfer Protocol Extensions

Information Networking Security and Assurance Lab National Chung Cheng University 6 Post Office Protocol developed in 1984 a way to copy messages from the mail server mailbox to the mail client RFC 918, nine commands were originally available for POP

Information Networking Security and Assurance Lab National Chung Cheng University 7 Internet Message Access Protocol

Information Networking Security and Assurance Lab National Chung Cheng University 8 -Related Encryption Standards PGP and S/MIME  Based on public key cryptography symmetric key

Information Networking Security and Assurance Lab National Chung Cheng University 9 Pretty Good Privacy

Information Networking Security and Assurance Lab National Chung Cheng University 10 S/MIME proposed in 1995 by RSA Data Security, Inc. S/MIME version 3

Information Networking Security and Assurance Lab National Chung Cheng University 11 Choosing an Appropriate Encryption Algorithm Required security Required performance System resources Import, export, or usage restrictions Encryption schemes

Information Networking Security and Assurance Lab National Chung Cheng University 12 Key Management difference between PGP and S/MIME  PGP “circle of trust”  S/MIME & some newer PGP “CA”

Information Networking Security and Assurance Lab National Chung Cheng University 13 Hardening the Mail Server Application Securely Installing the Mail Server Securely Configuring Operating System and Mail Server Access Controls  configure access controls  Typical files to which access should be controlled are  use the mail server operating system to limit files accessed by the mail service processes.  directories and files (outside the specified directory tree) cannot be accessed, even if users know the locations of those files.  using a “chroot jail” for the mail server application  To mitigate the effects of certain types of DoS attacks

Information Networking Security and Assurance Lab National Chung Cheng University 14 Protecting from Malicious Code Virus Scanning  at the firewall (application proxy) or mail relay  The benefits  weaknesses

Information Networking Security and Assurance Lab National Chung Cheng University 15 Protecting from Malicious Code Virus Scanning  on the mail server itself  The benefits  weaknesses  Mail servers support the integration of virus scanning at the mail server

Information Networking Security and Assurance Lab National Chung Cheng University 16 Protecting from Malicious Code Virus Scanning  on client hosts  The benefits  weaknesses  Mail servers support the integration of virus scanning at the mail server

Information Networking Security and Assurance Lab National Chung Cheng University 17 Unsolicited Bulk unsolicited commercial (UCE) or spam To control UCE messages open relay blacklists (ORBs)

Information Networking Security and Assurance Lab National Chung Cheng University 18 Miscs Authenticated Mail Relay  benefits  Two methods Secure Access  Most protocols did not initially incorporate any form of encryption or cryptographic authentication  Transport Layer Security protocol  RFC 2595 Enabling Web Access

Information Networking Security and Assurance Lab National Chung Cheng University 19 Using Mail Gateways

Information Networking Security and Assurance Lab National Chung Cheng University 20 Network Element Configuration Router/Firewall Configuration Routers, stateful firewalls, proxy firewalls Which ports Router: network layer (packet filter) firewall

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.