Presentation is loading. Please wait.

Presentation is loading. Please wait.

July 19, 2005 1 Secure Messaging Models Co-existence and Interoperability Russell W. Chung New York, NY July 19, 2005.

Similar presentations


Presentation on theme: "July 19, 2005 1 Secure Messaging Models Co-existence and Interoperability Russell W. Chung New York, NY July 19, 2005."— Presentation transcript:

1 July 19, 2005 1 Secure Messaging Models Co-existence and Interoperability Russell W. Chung New York, NY July 19, 2005

2 July 19, 2005 2 Agenda  Secure Messaging Models  End to End Secure Messaging  Gateway to Gateway Secure Messaging  Web Enabled Secure Messaging  Hybrid Models  Co-existence and Interoperability  Importance of Interoperability  Issues  A Call to Action

3 July 19, 2005 3 End to End Secure Messaging  Messages are encrypted by sender; remain encrypted until decrypted by recipient  Messages are signed by sender; signature is verified by recipient  Uses a combination of symmetrical and public key algorithms  Established standards  Examples: S/MIME, PGP

4 July 19, 2005 4 End to End Secure Messaging  Certificate administration a challenge  Internal: renewal, revocation, support  External: cross certification  Messages cannot be scanned for viruses  Messages cannot be filtered for content

5 July 19, 2005 5 Gateway to Gateway Secure Messaging  Messages are encrypted by outbound MTA typically at domain boundary, decrypted by inbound MTA  Messages are signed by outbound MTA, typically at domain boundary, signature is verified by inbound MTA  Uses a combination of symmetrical and public key algorithms  Emerging standards  Examples: TLS, SMG

6 July 19, 2005 6 Web Enabled Secure Messaging  Variation #1  Sender deposits message in a secure web server, sends a URL link to recipient  Recipient opens a web browser, establishes SSL session, authenticates to server, reads message  Variation #2  Sender encrypts message with a one-time use key, deposits key in a secure web server, sends encrypted message together with instructions to retrieve key  Recipient authenticates to server, retrieves key, reads message

7 July 19, 2005 7 Web Enabled Secure Messaging  Procedures for issuing certificates, key distribution and authentication of senders and recipients vary by service provider  Components of these systems are based on standards  Examples: ZixCorp, PostX, HushMail

8 July 19, 2005 8 ZixCorp

9 July 19, 2005 9 PostX

10 July 19, 2005 10 HushMail

11 July 19, 2005 11 HushMail

12 July 19, 2005 12 Co-existence and Interoperability  Co-existence - ability to utilize existing SMTP infrastructure to send unsigned/unencrypted messages between users of different secure messaging models  Interoperability - ability to send an encrypted or signed message between users of different secure messaging models

13 July 19, 2005 13 Importance of Interoperability  “One size does NOT fit everyone”  Lack of interoperability creates islands of secure messaging  Lack of interoperability prevents growth of secure messaging  Lessons Learned  Networking history  E-Mail history

14 July 19, 2005 14 Issues  S/MIME, PGP, Web Enabled SMG  Certificate Interoperability  Certificate Exchange  Certificate validation  S/MIME, PGP > Web Enabled  Transparent to senders but recipients may need credentials for multiple service providers  In General  Establishing and maintaining trust  Patents

15 July 19, 2005 15 Call to Action

16 July 19, 2005 16 Secure Messaging Models Russell W. Chung russ.chung @ earthlink.net


Download ppt "July 19, 2005 1 Secure Messaging Models Co-existence and Interoperability Russell W. Chung New York, NY July 19, 2005."

Similar presentations


Ads by Google