CSCE 201 Email Security Fall 2010. CSCE 201 - Farkas2 Electronic Mail Most heavily used network-based application – Over 210 billion per day Used across.

Slides:



Advertisements
Similar presentations
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Advertisements

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
PGP Overview 2004/11/30 Information-Center meeting peterkim.
Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
Principles of Information Security, 2nd edition1 Cryptography.
Lesson 7: Business, , & Personal Information Management
1 Pertemuan 12 Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.
NS-H / Security. NS-H / Security is one of the most widely used and regarded network services currently message.
Electronic mail security -- Pretty Good Privacy.
Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Guide to Operating System Security Chapter 10 Security.
Electronic Mail Security. Authentication and confidentiality problems Two systems: - PGP (Pretty Good Privacy) - S/MIME (Science Multipurpose Internet.
» Explain the way that electronic mail ( ) works » Configure an client » Identify message components » Create and send messages.
Lecture 9: Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.
 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.
SMUCSE 5349/49 Security. SMUCSE 5349/7349 Threats Threats to the security of itself –Loss of confidentiality s are sent in clear over.
SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Electronic Mail Security
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 12 Electronic Mail.
Security Awareness Chapter 3 Internet Security. Security Awareness, 3 rd Edition2 Objectives After completing this chapter, you should be able to do the.
A form of communication in which electronic messages are created and transferred between two or more devices connected to a network.
Security+ All-In-One Edition Chapter 14 – and Instant Messaging Brian E. Brzezicki.
1 TCP/IP Applications. 2 NNTP: Network News Transport Protocol NNTP is a TCP/IP protocol based upon text strings sent bidirectionally over 7 bit ASCII.
Electronic mail security. Outline Pretty good privacy S/MIME.
Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Chapter 6 Electronic Mail Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
1 Firewalls. 2 What is a firewall? Device that provides secure connectivity between networks (internal/external; varying levels of trust) Used to implement.
Cryptography and Network Security (CS435) Part Twelve (Electronic Mail Security)
Chapter 15: Electronic Mail Security
1 Electronic Mail Security Outline Pretty good privacy S/MIME Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
1 Chapter 5 Electronic mail security. 2 Outline Pretty good privacy S/MIME Recommended web sites.
Pretty Good Privacy (PGP) Security for Electronic .
CSCE 815 Network Security Lecture 11 Security PGP February 25, 2003.
SECURITY – Chapter 15 SECURITY – Chapter 15 ….for authentication and confidentiality PGP 1.Uses best algorithms as building blocks 2.General.
NETWORK SECURITY.
Security PGP IT352 | Network Security |Najwa AlGhamdi 1.
Application Security: (April 10, 2013) © Abdou Illia – Spring 2013.
Security Using PGP - Prajakta Bahekar. Importance of Security is one of the most widely used network service on Computer Currently .
Security fundamentals Topic 9 Securing internet messaging.
PGP & IP Security  Pretty Good Privacy – PGP Pretty Good Privacy  IP Security. IP Security.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy
7.6 Secure Network Security / G.Steffen1. In This Section Threats to Protection List Overview of Encrypted Processing Example.
2/19/2016clicktechsolution.com Security. 2/19/2016clicktechsolution.com Threats Threats to the security of itself –Loss of confidentiality.
Security  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.
1 CNLab/University of Ulsan Chapter 16 Electronic Mail Security  PGP (Pretty Good Privacy)  S/MIME.
Lecture 8 (Chapter 18) Electronic Mail Security Prepared by Dr. Lamiaa M. Elshenawy 1.
第五章 电子邮件安全. Security is one of the most widely used and regarded network services currently message contents are not secure –may be inspected.
Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel:
Electronic mail security
Internet Business Associate v2.0
Security is one of the most widely used and regarded network services
CIW Lesson 7 Part A Name: _______________________________________
MAIL AND SECURITY PERTEMUAN 13
Security in Network Communications
Electronic Mail Security
Protocols 2 Key Revision Points.
Presentation transcript:

CSCE 201 Security Fall 2010

CSCE Farkas2 Electronic Mail Most heavily used network-based application – Over 210 billion per day Used across different architectures and platforms Send to others connected directly or indirectly to the Internet regardless of host operating systems and protocols NEED: – Authentication – Confidentiality

CSCE Farkas3 Why Security? Message confidentiality Message integrity Sender authentication Nonrepudiation

How works? TCP sub-protocols: – Simple Mail Transfer Protocol (SMTP): outgoing mail, port 25 – Post Office Protocol (POP): incoming mail, port 110 CSCE Farkas4 SMTP POP3 Sender Receiver Internet

Internet Mail Access Protocol POP3: is downloaded to the client’s computer and deleted from the server IMAP4: remains on the server – Can be organized into folders – Can be accessed remotely – Can be used offline CSCE Farkas5

attacks Spam: unsolicited – Costly: time spent on looking at and deleting – Text, image spam Protection: spam filters – Set level of spam protection – Block specific senders (black list) – Allow only specific senders (white list) – Block top level domains CSCE Farkas6

Attacks Malicious attachments and embedded hyperlink – Virus, spyware, adware, etc. Protection: – Malware detection tool – Read messages using a reading pane – Block external content – Preview attachments – Use postmark CSCE Farkas7

8 Secure Approaches PEM: Privacy-Enhanced Mail S/MIME PGP: Pretty good Privacy

CSCE Farkas9 Pretty Good Privacy Phil Zimmermann (early 90’) Confidentiality and authentication for – Electronic mail and – Storage applications

CSCE Farkas10 PGP – Evolution 1.Best available cryptographic algorithms (90’) 2.Integrate these algorithms such that 1.Independent of operating system and processor 2.Based on a small set of commands 3.Make the application and the documentation available through the Internet 4.Agreement with a company to provide compatible, low-cost commercial version of PGP

CSCE Farkas11 PGP - Usage PGP became widely used within a few years – Available worldwide for different platforms – Based on proven secure algorithms such as RSA, IDEA, MD5 – Wide range of applicability – Was not developed or controlled by government standards

CSCE Farkas12 PGP Services  Digital Signature: RSA, MD5  Hash code of message is created using MD5, encrypted using RSA, with sender’s private key, and attached to the message  Confidentiality: RSA, IDEA  Message is encrypted using IDEA, with one-time session key generated by the sender, session key is encrypted, using RSA and the recipient’s public key, and attached to the message

CSCE Farkas13 PGP Services  Compression: ZIP  Message may be compressed for storage or transmission  compatibility  Encrypted message is converted to ACSII string  Segmentation  To accommodate maximum message size, PGP performs segmentation and reassembly

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.