Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Secure Messaging Issues Russ Chung, American Eagle Group The Open Group Messaging Forum July 24, 2003.

Published byApril Ball Modified over 8 years ago

Similar presentations

Presentation on theme: "Introduction to Secure Messaging Issues Russ Chung, American Eagle Group The Open Group Messaging Forum July 24, 2003."— Presentation transcript:

1 Introduction to Secure Messaging Issues Russ Chung, American Eagle Group The Open Group Messaging Forum July 24, 2003

2 Agenda Overview of Encryption Technology Implementation Issues Secure Messaging Models

3 Encryption Overview Encryption Symmetrical keys Asymmetrical keys Encryption algorithms Digital Signatures Hash functions Certificate Optional Devices Smart Cards Biometric Devices And more…

4 Implementation Successful secure messaging implementation requires consideration of: Technical aspects Organizational aspects Inter-Organizational aspects

5 Implementation Roles Technical Aspects of Secure Messaging Established and controlled by technical managers Organizational Aspects of Secure Messaging Internal Policies, Practices, Procedures Established and controlled by Company management Inter-Organizational Aspects of Secure Messaging External Policies, Practices, Procedures Established by agreements between organizations Often involves senior management, boards, legal counsel

6 Technical Aspects Key generation Key management Distribution and exchange of certificate and private key Key separation Archiving of the certificate, and if necessary, the private key Change and validation of certificate and if necessary, the private key Manage the access to and representative use of the certificate and private key Freezing and destruction of certificates

7 Non-Technical Aspects The non-technical aspects are often overlooked or underestimated Organizational Usage Policies, Procedures and Standards Training Inter-Organizational Certificate Policy Certification Practice Statement Relying Party Agreement

8 Secure Messaging Models Transport Layer Encryption -or- Message Encryption -or- Both

9 Secure Messaging Models Model #1 - End to end encryption Model #2 - Gateway to gateway encryption Model #3 - Secure web mail

10 Secure Messaging Models Model #1 - End to end encryption Examples: S/MIME, PGP Asymmetrical key pairs generated for each user Pro Message is encrypted at all times Nearly impossible for anyone except the intended recipient to read the message Con Nearly impossible to check for viruses, check content of the encrypted message Key management is an administrative burden

11 Secure Messaging Models Model #2 - Gateway to gateway encryption Example: Domsec One asymmetrical key pair generated per domain Pro Fewer keys to manage Permits scanning for viruses, content Con Messages are not encrypted when in transit between the user and the gateway (unless transport layer encryption is used) Messages are not encrypted in storage

12 Secure Messaging Models Model #3 - Secure Web Mail Examples: Authentica Net Recall, Tumbleweed IME Keys may be generated per user or per message Pro Recipient does not require special software - only needs a web browser Con Must prevent unauthorized personnel from obtaining the key

13 Secure Messaging Models Model #4 - Hybrid model Some or all of the above How do we interoperate?

14 Conclusion Successful secure messaging implementation involves Technical Activities Organizational Activities Inter-Organizational Activities The organizational and inter-organizational activities are the larger and the more critical part. There are multiple secure messaging models

15 Introduction to Secure Messaging Issues Russ Chung, American Eagle Group russ.chung@ameagle.com

Download ppt "Introduction to Secure Messaging Issues Russ Chung, American Eagle Group The Open Group Messaging Forum July 24, 2003."

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.

Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Information Security of Embedded Systems 3.2.2010: Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
August 6, 2003 Security Systems for Distributed Models in Ptolemy II Rakesh Reddy Carnegie Mellon University Motivation.

August 6, 2003 Security Systems for Distributed Models in Ptolemy II Rakesh Reddy Carnegie Mellon University Motivation.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Chapter 19 Security.

Chapter 19 Security.
TrustPort Public Key Infrastructure. WWW.TRUSTPORT.COM Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Application of Attribute Certificates in S/MIME Greg Colla & Michael Zolotarev Baltimore Technologies 47 th IETF Conference Adelaide, March 2000.

Application of Attribute Certificates in S/MIME Greg Colla & Michael Zolotarev Baltimore Technologies 47 th IETF Conference Adelaide, March 2000.
Key Management in Cryptography

Key Management in Cryptography
Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.

Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Similar presentations

Ads by Google