Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security"— Presentation transcript:

1 Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security http://csrc.nist.gov/publications/nistpubs/800-45/sp800-45.pdf

2 Information Networking Security and Assurance Lab National Chung Cheng University 2 Background The process starts with  Message composition  Transmitted  Mail server processing

3 Information Networking Security and Assurance Lab National Chung Cheng University 3 Multipurpose Internet Mail Extensions (MIME) RFC 822: transmitting messages containing textual content does not address messages that contain attachments MIME were developed  Audio  Application  Image  Message  Multipart

4 Information Networking Security and Assurance Lab National Chung Cheng University 4 Mail Transport Standards To ensure reliability and interoperability among various email applications Simple Mail Transfer Protocol (SMTP)

5 Information Networking Security and Assurance Lab National Chung Cheng University 5 Simple Mail Transfer Protocol Extensions

6 Information Networking Security and Assurance Lab National Chung Cheng University 6 Post Office Protocol developed in 1984 a way to copy messages from the mail server mailbox to the mail client RFC 918, nine commands were originally available for POP

7 Information Networking Security and Assurance Lab National Chung Cheng University 7 Internet Message Access Protocol

8 Information Networking Security and Assurance Lab National Chung Cheng University 8 Email-Related Encryption Standards PGP and S/MIME  Based on public key cryptography symmetric key

9 Information Networking Security and Assurance Lab National Chung Cheng University 9 Pretty Good Privacy

10 Information Networking Security and Assurance Lab National Chung Cheng University 10 S/MIME proposed in 1995 by RSA Data Security, Inc. S/MIME version 3

11 Information Networking Security and Assurance Lab National Chung Cheng University 11 Choosing an Appropriate Encryption Algorithm Required security Required performance System resources Import, export, or usage restrictions Encryption schemes

12 Information Networking Security and Assurance Lab National Chung Cheng University 12 Key Management difference between PGP and S/MIME  PGP “circle of trust”  S/MIME & some newer PGP “CA”

13 Information Networking Security and Assurance Lab National Chung Cheng University 13 Hardening the Mail Server Application Securely Installing the Mail Server Securely Configuring Operating System and Mail Server Access Controls  configure access controls  Typical files to which access should be controlled are  use the mail server operating system to limit files accessed by the mail service processes.  directories and files (outside the specified directory tree) cannot be accessed, even if users know the locations of those files.  using a “chroot jail” for the mail server application  To mitigate the effects of certain types of DoS attacks

14 Information Networking Security and Assurance Lab National Chung Cheng University 14 Protecting Email from Malicious Code Virus Scanning  at the firewall (application proxy) or mail relay  The benefits  weaknesses

15 Information Networking Security and Assurance Lab National Chung Cheng University 15 Protecting Email from Malicious Code Virus Scanning  on the mail server itself  The benefits  weaknesses  Mail servers support the integration of virus scanning at the mail server

16 Information Networking Security and Assurance Lab National Chung Cheng University 16 Protecting Email from Malicious Code Virus Scanning  on client hosts  The benefits  weaknesses  Mail servers support the integration of virus scanning at the mail server

17 Information Networking Security and Assurance Lab National Chung Cheng University 17 Unsolicited Bulk Email unsolicited commercial email (UCE) or spam To control UCE messages open relay blacklists (ORBs)

18 Information Networking Security and Assurance Lab National Chung Cheng University 18 Miscs Authenticated Mail Relay  benefits  Two methods Secure Access  Most protocols did not initially incorporate any form of encryption or cryptographic authentication  Transport Layer Security protocol  RFC 2595 Enabling Web Access

19 Information Networking Security and Assurance Lab National Chung Cheng University 19 Using Mail Gateways

20 Information Networking Security and Assurance Lab National Chung Cheng University 20 Network Element Configuration Router/Firewall Configuration Routers, stateful firewalls, proxy firewalls Which ports Router: network layer (packet filter) firewall

Download ppt "Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security"

Similar presentations

Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Basic Communication on the Internet:

Basic Communication on the Internet:
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
INTRANET MAIL SERVER (DESIGN OF SMTP and POP3)

INTRANET MAIL SERVER (DESIGN OF SMTP and POP3)
Lecture 5: Email security: PGP Anish Arora CSE 5473 Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
Lesson 7: Business, , & Personal Information Management

Lesson 7: Business, , & Personal Information Management
1 Pertemuan 12 E-mail Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 12 Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Circuit & Application Level Gateways CS-431 Dick Steflik.

Circuit & Application Level Gateways CS-431 Dick Steflik.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Guidelines on Securing Public Web Servers

Information Networking Security and Assurance Lab National Chung Cheng University 1 Guidelines on Securing Public Web Servers
Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Electronic mail security Henric Johnson Blekinge Institute of Technology, Sweden
Guide to Operating System Security Chapter 10 E-mail Security.

Guide to Operating System Security Chapter 10 Security.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
» Explain the way that electronic mail (e-mail) works » Configure an e-mail client » Identify e-mail message components » Create and send e-mail messages.

» Explain the way that electronic mail ( ) works » Configure an client » Identify message components » Create and send messages.
 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.

 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.
SMUCSE 5349/49 Email Security. SMUCSE 5349/7349 Threats Threats to the security of e-mail itself –Loss of confidentiality E-mails are sent in clear over.

SMUCSE 5349/49 Security. SMUCSE 5349/7349 Threats Threats to the security of itself –Loss of confidentiality s are sent in clear over.

Similar presentations

Ads by Google