Presentation is loading. Please wait.

Presentation is loading. Please wait.

July 19, 2005 1 Secure Messaging Models Co-existence and Interoperability Russell W. Chung New York, NY July 19, 2005.

Published byEvan Ferdinand Booker Modified over 8 years ago

Similar presentations

Presentation on theme: "July 19, 2005 1 Secure Messaging Models Co-existence and Interoperability Russell W. Chung New York, NY July 19, 2005."— Presentation transcript:

1 July 19, 2005 1 Secure Messaging Models Co-existence and Interoperability Russell W. Chung New York, NY July 19, 2005

2 July 19, 2005 2 Agenda  Secure Messaging Models  End to End Secure Messaging  Gateway to Gateway Secure Messaging  Web Enabled Secure Messaging  Hybrid Models  Co-existence and Interoperability  Importance of Interoperability  Issues  A Call to Action

3 July 19, 2005 3 End to End Secure Messaging  Messages are encrypted by sender; remain encrypted until decrypted by recipient  Messages are signed by sender; signature is verified by recipient  Uses a combination of symmetrical and public key algorithms  Established standards  Examples: S/MIME, PGP

4 July 19, 2005 4 End to End Secure Messaging  Certificate administration a challenge  Internal: renewal, revocation, support  External: cross certification  Messages cannot be scanned for viruses  Messages cannot be filtered for content

5 July 19, 2005 5 Gateway to Gateway Secure Messaging  Messages are encrypted by outbound MTA typically at domain boundary, decrypted by inbound MTA  Messages are signed by outbound MTA, typically at domain boundary, signature is verified by inbound MTA  Uses a combination of symmetrical and public key algorithms  Emerging standards  Examples: TLS, SMG

6 July 19, 2005 6 Web Enabled Secure Messaging  Variation #1  Sender deposits message in a secure web server, sends a URL link to recipient  Recipient opens a web browser, establishes SSL session, authenticates to server, reads message  Variation #2  Sender encrypts message with a one-time use key, deposits key in a secure web server, sends encrypted message together with instructions to retrieve key  Recipient authenticates to server, retrieves key, reads message

7 July 19, 2005 7 Web Enabled Secure Messaging  Procedures for issuing certificates, key distribution and authentication of senders and recipients vary by service provider  Components of these systems are based on standards  Examples: ZixCorp, PostX, HushMail

8 July 19, 2005 8 ZixCorp

9 July 19, 2005 9 PostX

10 July 19, 2005 10 HushMail

11 July 19, 2005 11 HushMail

12 July 19, 2005 12 Co-existence and Interoperability  Co-existence - ability to utilize existing SMTP infrastructure to send unsigned/unencrypted messages between users of different secure messaging models  Interoperability - ability to send an encrypted or signed message between users of different secure messaging models

13 July 19, 2005 13 Importance of Interoperability  “One size does NOT fit everyone”  Lack of interoperability creates islands of secure messaging  Lack of interoperability prevents growth of secure messaging  Lessons Learned  Networking history  E-Mail history

14 July 19, 2005 14 Issues  S/MIME, PGP, Web Enabled SMG  Certificate Interoperability  Certificate Exchange  Certificate validation  S/MIME, PGP > Web Enabled  Transparent to senders but recipients may need credentials for multiple service providers  In General  Establishing and maintaining trust  Patents

15 July 19, 2005 15 Call to Action

16 July 19, 2005 16 Secure Messaging Models Russell W. Chung russ.chung @ earthlink.net

Download ppt "July 19, 2005 1 Secure Messaging Models Co-existence and Interoperability Russell W. Chung New York, NY July 19, 2005."

Similar presentations

Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.

By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
Grid Computing Basics From the perspective of security or An Introduction to Certificates.

Grid Computing Basics From the perspective of security or An Introduction to Certificates.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
70-284 MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter 10 Securing Exchange Server 2003.

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter 10 Securing Exchange Server 2003.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.

Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.
Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.

Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.
Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security

Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security
TrustPort Public Key Infrastructure. WWW.TRUSTPORT.COM Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Application of Attribute Certificates in S/MIME Greg Colla & Michael Zolotarev Baltimore Technologies 47 th IETF Conference Adelaide, March 2000.

Application of Attribute Certificates in S/MIME Greg Colla & Michael Zolotarev Baltimore Technologies 47 th IETF Conference Adelaide, March 2000.
Guide to Operating System Security Chapter 10 E-mail Security.

Guide to Operating System Security Chapter 10 Security.
PRISM-PROOF Phillip Hallam-Baker Comodo Group Inc.

PRISM-PROOF Phillip Hallam-Baker Comodo Group Inc.

Similar presentations

Ads by Google