Application Security: E-Mail (April 10, 2013) © Abdou Illia – Spring 2013.

Slides:

Advertisements

Similar presentations

PowerPoint presentation of first 25 pages of instructional manual Edith Fabiyi Essentials of Internet Access.

Advertisements

Basic Communication on the Internet:

Managing Incoming Chapter 3 Bit Literacy. Terminology client – program which retrieves s from a mail server, lets you read the mails,

PGP Overview 2004/11/30 Information-Center meeting peterkim.

Shouting from the Rooftops: Improving Security Dr. Maury Pinsk FRCPC University of Alberta Division of Pediatric Nephrology.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 23 Electronic Mail: SMTP,

Introduction to Your Name Goes Here

By Won Lee.  Stands for Simple Mail Transfer Protocol  Used for sending and receiving electronic mail efficiently and reliably  Daily function of life.

Lesson 7: Business, , & Personal Information Management

Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.

Chapter 2: Application layer  2.1 Web and HTTP  2.2 FTP 2-1 Lecture 5 Application Layer.

Esimerkki: Sähköposti. Lappeenranta University of Technology / JP, PH, AH Electronic Mail Three major components: user agents mail servers simple mail.

POP Configuration Microsoft Outlook What is POP? Short for Post Office Protocol, a protocol used to retrieve from a mail server. Most.

» Explain the way that electronic mail ( ) works » Configure an client » Identify message components » Create and send messages.

 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.

SMUCSE 5349/49 Security. SMUCSE 5349/7349 Threats Threats to the security of itself –Loss of confidentiality s are sent in clear over.

E – Mail History of s What is an ? What happens when we sent an ? messages Folders Address Attachments Types of.

11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

1 Computer Communication & Networks Lecture 27 Application Layer: Electronic mail and FTP Waleed.

SMTP PROTOCOL CONFIGURATION AND MANAGEMENT Chapter 8.

© 2010 Computer Science Faculty, Kabul University ELECTRONICE MAIL CONTINUED… 6 TH LECTURE 9, May, 2010 Baseer Ahmad Baheer.

Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 12 Electronic Mail.

Chapter 6: Web Security Security+ Guide to Network Security Fundamentals Second Edition.

Syllabus outcomes Describes and applies problem-solving processes when creating solutions Designs, produces and evaluates appropriate solutions.

A form of communication in which electronic messages are created and transferred between two or more devices connected to a network.

 TCP/IP is the communication protocol for the Internet  TCP/IP defines how electronic devices should be connected to the Internet, and how data should.

Securing Data at the Application Layer Planning Authenticity and Integrity of Transmitted Data Planning Encryption of Transmitted Data.

Masud Hasan Secue VS Hushmail Project 2.

TCP/IP Protocol Suite 1 Chapter 20 Upon completion you will be able to: Electronic Mail: SMTP, POP, and IMAP Understand four configurations of architecture.

Computer Networks26-1 Chapter 26. Remote Logging, Electronic Mail and File Transfer.

BY SAGAR SINHA SAPTARSHI BAKSHI SARTHAK JAIN SHAILZA CHAUDHARY

CPT 499 Internet Skills for Educators Electronic Mail Session Five.

1 Using Messages sent from machine to machine and stored for later reading. You will use a client to read –Type mail or pine in UNIX to read.

The Internet 8th Edition Tutorial 2 Basic Communication on the Internet: .

What is and How Does it Work?  Electronic mail ( ) is the most popular use of the Internet. It is a fast and inexpensive way of sending messages.

and its Protocols Hina Patel TCM

The Internet The internet is simply a worldwide computer network that uses standardised communication protocols to transmit and exchange data.

Introduction to Student Name Student Class.

Security Technology Clients and Mail Servers

1 Figure 9-6: Security Technology  Clients and Mail Servers (Figure 9-7) Mail server software: Sendmail on UNIX, Microsoft Exchange,

CSCE 201 Security Fall CSCE Farkas2 Electronic Mail Most heavily used network-based application – Over 210 billion per day Used across.

1 E- Mail. 2 Electronic Mail ( ) is simply a means of sending messages via computer Business is using more and fax To access you must.

Security fundamentals Topic 9 Securing internet messaging.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

A Quick Look At How Works Understanding the basics of how works can make life a lot easier for any user. Especially those who are interested.

Peer to peer networks. Peer to peer is when digital devices communicate wirelessly with each others without the need for a transmitter. Wi-Fi Direct 1-

Don’t Log in!. Recap on the previous units I’ve tried to make it as concise as possible but there is a bit of writing, to ensure that you have some notes.

2/19/2016clicktechsolution.com Security. 2/19/2016clicktechsolution.com Threats Threats to the security of itself –Loss of confidentiality.

1 Architecture 2 User Agent 3 Message Transfer Agent 4 Message Access Agent 5 MIME 6 Web-Based Mail 7 Electronic Mail Security.

Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain.

VIRTUAL SERVERS Chapter 7. 2 OVERVIEW Exchange Server 2003 virtual servers Virtual servers in a clustering environment Creating additional virtual servers.

@Yuan Xue A special acknowledge goes to J.F Kurose and K.W. Ross Some of the slides used in this lecture are adapted from their.

– Protocols 21 – Protocols 21. – Protocols 21 Now we’ll move on to more technical aspects of This means protocols Remember.

Chapter 11 Panko and Panko Business Data Networks and Security, 11 th Edition Copyright © 2016 Pearson Finally, Layer 5!

By: Derek Ton & Alex Pappas.  Most frequently used internet service that you will manage as network administrator.  You need to understand how they.

Mail Server Mail is just a message in any form sends from sender to receiver. Mail Server is a computerized system that is equivalent to virtual post office.

Application layer tcp/ip

SMTP SMTP stands for Simple Mail Transfer Protocol. SMTP is used when is delivered from an client, such as Outlook Express, to an server.

Internet Business Associate v2.0

SMTP SMTP stands for Simple Mail Transfer Protocol. SMTP is used when is delivered from an client, such as Outlook Express, to an server.

Introduction to Your Name Goes Here

CIW Lesson 7 Part A Name: _______________________________________

Encryption in Office 365 Shobhit Sahay Technical Product Manager

Introduction to Your Name Goes Here

Protocols 2 Key Revision Points.

Chapter 7 Network Applications

Presentation transcript:

Application Security: (April 10, 2013) © Abdou Illia – Spring 2013

2 Learning Objectives Discuss security

3 operation SMTP to Send Sending Client Receiving Client Sender’s SMTP Server (port 25) Local POP Server (port 110) Receiver’s SMTP Server (port 25) Local POP Server (port 110) POP to dwnld sends using stand-alone -client to 2) client connects to SMTP server at mail.source.com (port 25) to pass the message. 3)SMTP server breaks address in two parts (receiver and destination.com). If destination.com is same as source.com, SMTP server uses delivery agent to pass message to Local POP server. If not, message is sent to receiver’s SMTP server. 4)Receiver’s SMTP server uses delivery agent to pass message to Local POP server. 5)When receiver connect, they download message to local computer. Simple Mail Transfer Protocol (SMTP) to transmit mail in real time to a user’s mail server or between mail servers Post Office Protocol –POP- to download mail to receiver when the receiver capable of downloading mail If SMTP server at source.com can’t connect to server at destination.com, message goes in a waiting queue at source.com. Server will periodically try to send (like every 15 minutes). After 4 hrs, server send an to sender with a notice

4 operation SMTP to Send Sending Client Receiving Client Sender’s SMTP Server (port 25) Local POP Server (port 110) Receiver’s SMTP Server (port 25) Local IMAP Server (port 143) IMAP to read, search, etc. Internet Mail Access Protocol (IMAP) is more advanced mail protocol: The remains on server transmit mail in real time to a user’s mail server or between mail server and not downloaded to receiver’s computer Mails can be organized in folders on server. Mails can be read from any computer. Can download s’ copy to work off-line without erasing from server. User can reply offline. The next time user connects, the replies are sent

5 Security issues Given what you know about operation and s in general, what are the main security and privacy issues associated with E- mail service?.

6 Security issues Given what you know about spams and sending inappropriate content (abusive , harassment, etc.), what can be done to control these issues?

7 Security: Filtering filtering can be done at all three levels Extrusion filtering: filtering for sending intellectual property out of corporation.

8 Security: Encryption Encryption Not widely used because of lack of clear standards IETF has not been able to settle upon a single standard because of in-fighting Three standards are used SSL/TLS S/MIME PGP

9 Security Encryption SSL/TLS only requires a digital certificate for servers. End-to-end encryption only if all parties involved use SSL/TLS. Secure/Multipurpose Internet Mail -S/MIME- uses digital signatures, which require receiver to know sender’s public key. PGP uses trust among circles of friends: If A trusts B, and B trusts C, A may trust C’s list of public keys