©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 1 IPSI 2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn,

Slides:



Advertisements
Similar presentations
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Advertisements

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Http Web Authentication Web authentication is used to verify a users identity before allowing access to certain web pages On web browsers you get a login.
By: E. Susheel Chandar M. Guna Sekaran Intranet Mail Server.
INTRANET MAIL SERVER (DESIGN OF SMTP and POP3)
PGP Overview 2004/11/30 Information-Center meeting peterkim.
Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.
Principles of Information Security, 2nd edition1 Cryptography.
Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09.
1 Pertemuan 12 Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Chapter 30 Electronic Mail Representation & Transfer
Simple Mail Transfer Protocol (SMTP) Team: Zealous Team: Zealous Presented By: Vishal Parikh ( ) Vishal Parikh ( ) Ribhu Pathria( )
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
SIMPLE MAIL TRANSFER PROTOCOL SECURITY Guided By Prof : Richard Sinn Bhavesh Jadav Mayur Mulani.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Public Key Infrastructure Ammar Hasayen ….
Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.
 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.
Research on Non-repudiation service By Yi Zhang. Motivation of Non-repudiation In paper-based business Electronic business transactions Less physical.
Kittiphan Techakittiroj (24/08/58 22:49 น. 24/08/58 22:49 น. 24/08/58 22:49 น.) Digital Certification Kittiphan Techakittiroj
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 9: Securing Network Traffic Using IPSec.
IT 424 Networks2 IT 424 Networks2 Ack.: Slides are adapted from the slides of the book: “Computer Networking” – J. Kurose, K. Ross Chapter 2: Application.
TEST SUITE DEVELOPMENT FOR CONFORMANCE TESTING OF PROTOCOLS Anastasia Tugaenko Scientific Adviser: Nikolay Pakulin, PhD Institute for System Programming.
SMTP PROTOCOL CONFIGURATION AND MANAGEMENT Chapter 8.
Securing Data at the Application Layer Planning Authenticity and Integrity of Transmitted Data Planning Encryption of Transmitted Data.
Simple Mail Transfer Protocol (SMTP)
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Cryptography, Authentication and Digital Signatures
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Chapter 6 Electronic Mail Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
1 DCS 835 – Computer Networking and the Internet Digital Certificate and SSL (rev ) Team 1 Rasal Mowla (project leader) Alvaro Restrepo, Carlos.
Building Security into Your System Bill Major Gregory Ponto.
Responsible Submitter An SMTP Service Extension IETF 60 San Diego, CA Harry Katz Microsoft Corp. 8/4/2004.
 A Web service is a method of communication between two electronic devices over World Wide Web.
Csci5233 computer security & integrity 1 Cryptography: an overview.
SIMPLE MAIL TRANSFER PROTOCOL. Introduction Simple Mail Transfer Protocol is the standard protocol on the Internet and part of the TCP/IP protocol.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
SIMPLE MAIL TRANSFER PROTOCOL PRADEEP KOLLIPARA SANDEEP PINNAMANENI.
CSCE 201 Security Fall CSCE Farkas2 Electronic Mail Most heavily used network-based application – Over 210 billion per day Used across.
Module 2: Introducing Windows 2000 Security. Overview Introducing Security Features in Active Directory Authenticating User Accounts Securing Access to.
CS2910 Week 7, Lab Today SMTP lab Tuesday (Either today or yesterday) Extra office hour at 11 am (right after lab) Friday Office hour cancelled SE-2811.
Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy
April 20023CSG11 Electronic Commerce Authentication John Wordsworth Department of Computer Science The University of Reading Room.
Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.
Encryption and Security Tools for IA Management Nick Hornick COSC 481 Spring 2007.
Electronic Banking & Security Electronic Banking & Security.
VIRTUAL SERVERS Chapter 7. 2 OVERVIEW Exchange Server 2003 virtual servers Virtual servers in a clustering environment Creating additional virtual servers.
Firewalls and Tunneling Firewalls –Acts as a barrier against unwanted network traffic –Blocks many communication channels –Can change the design space.
Dibyajit Computer Security Hacking dibyajit
SMTP: simple mail transfer protocol
Secure Sockets Layer (SSL)
Module 8: Securing Network Traffic by Using IPSec and Certificates
Encryption in Office 365 Shobhit Sahay Technical Product Manager
X-Road as a Platform to Exchange MyData
Module 8: Securing Network Traffic by Using IPSec and Certificates
Building Security into Your System
Chapter 7 Network Applications
Electronic Payment Security Technologies
Module 4 System and Application Security
Presentation transcript:

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 1 IPSI 2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Dr. Nick Cercone Faculty of Computer Science Dalhousie University

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 2 IPSI 2003 OverviewOverview Introduction Current security Secure Mail Transfer Protocol DiscussionConclusion Future work

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 3 IPSI 2003 IntroductionIntroduction is everyday used in electronic world Simple Mail Transfer Protocol (SMTP) is trivial and anonymous Security is need for transferring over internet

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 4 IPSI 2003 SMTPSMTP

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 5 IPSI 2003 Current security Confidentiality and Integrity AuthenticationNon-repudiation User Applications Web Applications

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 6 IPSI 2003 Secure Mail Transfer Protocol (SecMTP) Overview Assumption and Limitation ArchitectureSpecificationExample

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 7 IPSI 2003 SecMTP: Overview Incorporate security procedure into SMTP Maintain the simplicity and compatibility that SMTP provides Achieve the five security goals: confidentiality, integrity, authentication, non- repudiation, and certification

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 8 IPSI 2003 Assumption and Limitation All SecMTP compliant servers must be properly certified Non-repudiation has to be implemented SecMTP user trusts the integrity of the end servers but not the intermediate connection We designed SecMTP’s architecture, protocol specifications, and SecMTP Extension Service to SMTP

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 9 IPSI 2003 The SecMTP Architecture SecMTP architecture with the extension of security services

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 10 IPSI 2003 The SecMTP Specification Default specification User requested options

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 11 IPSI 2003 The SecMTP Default Specification TLS channels Authentication headers Digital signature TTP (if receiver non-repudiation is required)

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 12 IPSI 2003 The SecMTP User Requested Options Receiver public key encryption Sender private key digital signature Restrict option Seamless interfaces Users private/public keys are stored at the server machine

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 13 IPSI 2003 The Timing Diagram of SecMTP (1)

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 14 IPSI 2003 The Timing Diagram of SecMTP (2)

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 15 IPSI 2003 The State Diagram of Starting a SecMTP Connection

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 16 IPSI 2003 SMTP Extension Service for Secure Mail Transfer Protocol (SecMTP) 1.The name of the SMTP service extension is “Secure Mail Transfer Protocol” 2.The EHLO keyword value associated with the extension is SECMTP 3.No parameters are allowed with this EHLO keyword value

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 17 IPSI 2003 SMTP Extension Service for Secure Mail Transfer Protocol (SecMTP) 4.Three option parameters are added to the RCPT command: SIGN: digitally sign message header consisting of a message digest and sender identity ENCR: encrypt the message with receiver public key STRICT: only transfer the message through properly authenticated and certified SecMTP servers 5.No additional SMTP verbs are defined by this extension

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 18 IPSI 2003 ExampleExample S: S: C: C: S: 220 foo.com SMTP service ready C: EHLO bar.com... C: STARTTLS C \& S: C \& S: C: EHLO S: AUTH CRAM-MD5 DIGEST-MD5... C: AUTH CRAM-MD5 S:

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 19 IPSI 2003 Example (cont.) C & S: C & S: S: 235 authentication successful C: EHLO S: SECMTP... C: SECMTP S: 220 welcome SecMTP service ready C: MAIL FROM: C: MAIL FROM: S: 250 OK C: RCPT TO: C: RCPT TO: S: 250 OK C: RCPT SIGN S: 250 OK Digital Signature for

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 20 IPSI 2003 Example (cont.) C: DATA S: 354 Start mail input; end with. S: 354 Start mail input; end with. C: Data data data... C:...etc. etc. etc. C:. S: 250 OK C: QUIT S: 221 foo.com Service closing transmission channel

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 21 IPSI 2003 Discussion (1) Advantages Seamlessly integrate with existing systems Compatible with SMTP and current service extension Does not require specific action from the users Provide user-to-user level of security Provide both best-effort and guaranteed security services

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 22 IPSI 2003 Discussion (2) Shortcomings Non-SecMTP clients need to examine the security information manually Encryption and decryption are done at the server Users must trust the end servers to provide security services The SecMTP servers may become bottleneck SecMTP compliant clients and servers are required to achieve full benefit of SecMTP

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 23 IPSI 2003 ConclusionConclusion Secure communication -> TLS channels Authentication and certification at servers -> AUTH and header Confidentiality users -> Public key encryption Authentication and integrity at users -> Digital signatures Sender non-repudiation -> Digital signatures Both sender and receiver Non-repudiation -> TTP Guarantee security service -> STRICT option

©2003 Hathai Tanta-ngai, Tony Abou-Assaleh, Sittichai Jiampojamarn, and Nick Cercone 24 IPSI 2003 Thank you !!! or

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.