Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure E-mail Systems.

Published byJasmine Wheeler Modified over 9 years ago

Similar presentations

Presentation on theme: "Secure E-mail Systems."— Presentation transcript:

1 Secure Systems

2 Distribution Lists Remote exploder: Send to a distribution list maintainer; it sends to all Local exploder: Get the list from the distribution list manager; send it to all yourself Possibility of infinite loop Comparison (page 503)

3 Security Services for E-Mail
Privacy Authentication Integrity Non-repudiation Proof of submission Proof of delivery Message flow confidentiality Anonymity Containment Audit Accounting Self destruct ( Message sequence integrity

4 Establishing Keys Get other party’s Public keys
Establish secret keys through KDC like server

5 Privacy Forwarders (http://support.globat.com/sc/index.php/Forwarders)
End-to-end privacy: If there is only recipient, sender would encrypt using the recipient's public key. If there are more than one recipients, the message needs to be encrypted using multiple public keys. If there is a distribution exploder, the sender can encrypt the message using a one-time key, and send the encrypted message and key to the distributor. Exploder will re-encrypt S with its public key and send it along with the encrypted message.

6 Authentication of the Source and Message Integrity
Source authentication Based on public key---digital signature Based on secret keys---MAC and MIC Message integrity---digest Non-repudiation: With Public key---digest With secret keys---Using a trusted third party/notary

7 S/MIME

8 What is MIME? Multipurpose Internet Mail Extensions
It is the official proposed standard format for extended Internet electronic mail. Internet messages consist of two parts, the header and the body. The header forms a collection of field/value pairs structured to provide information essential for the transmission of the message. The body is normally unstructured unless the is in MIME format. MIME defines how the body of an message is structured. The MIME format permits to include enhanced text, graphics, audio, and more in a standardized manner via MIME-compliant mail systems. However, MIME itself does not provide any security services. The purpose of S/MIME is to define such services, following the syntax given in PKCS #7 for digital signatures and encryption. The MIME body section carries a PKCS #7 message, which itself is the result of cryptographic processing on other MIME body sections.

9 S/MIME (Secure / Multipurpose Internet Mail Extensions) is a protocol that adds digital signatures and encryption to Internet MIME. S/MIME has been endorsed by a number of leading networking and messaging vendors, including ConnectSoft, Frontier, FTP Software, Qualcomm, Microsoft, Lotus, Wollongong, Banyan, NCD, SecureWare, VeriSign, Netscape, and Novell.

10

Download ppt "Secure E-mail Systems."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
E-Business Risks Chapter Seven. E-Business Models EDI Web pages The online environment Distributed e-business and intranets Supply chain linkage Collaborative.

E-Business Risks Chapter Seven. E-Business Models EDI Web pages The online environment Distributed e-business and intranets Supply chain linkage Collaborative.
PGP Overview 2004/11/30 Information-Center meeting peterkim.

PGP Overview 2004/11/30 Information-Center meeting peterkim.
Lecture 5: Email security: PGP Anish Arora CSE 5473 Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Lecture 5: Email security: PGP Anish Arora CIS694K Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 23 Electronic Mail: SMTP,

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 23 Electronic Mail: SMTP,
Chapter 29 Structure of Computer Names Domain Names Within an Organization The DNS Client-Server Model The DNS Server Hierarchy Resolving a Name Optimization.

Chapter 29 Structure of Computer Names Domain Names Within an Organization The DNS Client-Server Model The DNS Server Hierarchy Resolving a Name Optimization.
Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.

Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.
1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.

1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.
Email Security Jonathan Calazan December 12, 2005.

Security Jonathan Calazan December 12, 2005.
Chapter 30 Electronic Mail Representation & Transfer

Chapter 30 Electronic Mail Representation & Transfer
Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.

Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.
E-mail Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.

Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.
 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.

 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.
1 Lecture 18: E-Mail Security issues specific to email security key management services –privacy –integrity/authentication –nonrepudiation/plausible deniability.

1 Lecture 18: Security issues specific to security key management services –privacy –integrity/authentication –nonrepudiation/plausible deniability.
Lesson 26 - (1 of 41) E-mail, SMTP, and MIME types.

Lesson 26 - (1 of 41) , SMTP, and MIME types.
1 What is Electronic Mail Exchanging information via computer networks Electronic mail addresses SMTP (Simple Mail Transfer Protocol) Client/Server based.

1 What is Electronic Mail Exchanging information via computer networks Electronic mail addresses SMTP (Simple Mail Transfer Protocol) Client/Server based.

Similar presentations

Ads by Google