Transglobal Secure Collaboration Program Secure v.1 Gateway Design Principles
|
|
- Adele Montgomery
- 8 years ago
- Views:
Transcription
1 Transglobal Secure Collaboration Program Secure v.1 Gateway Design Principles Prepared by: CP Secure v.1 Project Team Version: Date: 16 July 2012
2 Page i
3 Copyright 2012 Transglobal Secure Collaboration Participation, Inc. All rights reserved. Terms and Conditions Transglobal Secure Collaboration Participation, Inc. (CP) is a consortium comprising a number of commercial and government members (as further specified at (each a CP Member ). This specification was developed and is being released under this open source license by CP. Use of this specification is subject to the disclaimers and limitations described below. By using this specification you (the user) agree to and accept the following terms and conditions: 1. This specification may not be modified in any way. In particular, no rights are granted to alter, transform, create derivative works from, or otherwise modify this specification. Redistribution and use of this specification, without modification, is permitted provided that the following conditions are met: Redistributions of this specification must retain the above copyright notice, this list of conditions, and all terms and conditions contained herein. Redistributions in conjunction with any product or service must reproduce the above copyright notice, this list of conditions, and all terms and conditions contained herein in the documentation and/or other materials provided with the distribution of the product or service. CP s name may not be used to endorse or promote products or services derived from this specification without specific prior written permission. 2. The use of technology described in or implemented in accordance with this specification may be subject to regulatory controls under the laws and regulations of various jurisdictions. The user bears sole responsibility for the compliance of its products and/or services with any such laws and regulations and for obtaining any and all required authorizations, permits, or licenses for its products and/or services as a result of such laws or regulations. 3. THIS SPECIFICATION IS PROVIDED AS IS AND WITHOUT WARRANTY OF ANY KIND. CP AND EACH CP MEMBER DISCLAIMS ALL EXPRESS, IMPLIED AND STATUTORY WARRANTIES, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF TITLE, NONINFRINGEMENT, MERCHANTABILITY, QUIET ENJOYMENT, ACCURACY, AND FITNESS FOR A PARTICULAR PURPOSE. NEITHER CP NOR ANY CP MEMBER WARRAN (A) THAT THIS SPECIFICATION IS COMPLETE OR WITHOUT ERRORS, (B) THE SUITABILITY FOR USE IN ANY JURISDICTION OF ANY PRODUCT OR SERVICE WHOSE DESIGN IS BASED IN WHOLE OR IN PART ON THIS SPECIFICATION, OR (C) THE SUITABILITY OF ANY PRODUCT OR A SERVICE FOR CERTIFICATION UNDER ANY CERTIFICATION PROGRAM OF CP OR ANY THIRD PARTY. 4. IN NO EVENT SHALL CP OR ANY CP MEMBER BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY CLAIM ARISING FROM OR RELATING TO THE USE OF THIS SPECIFICATION, INCLUDING, WITHOUT LIMITATION, A CLAIM THAT SUCH USE INFRINGES A THIRD PARTY S INTELLECTUAL PROPERTY RIGH OR THAT IT FAILS TO COMPLY WITH APPLICABLE LAWS OR REGULATIONS. BY USE OF THIS SPECIFICATION, THE USER WAIVES ANY SUCH CLAIM AGAINST CP OR ANY CP MEMBER RELATING TO THE USE OF THIS SPECIFICATION. IN NO EVENT SHALL CP OR ANY CP MEMBER BE LIABLE FOR ANY DIRECT OR INDIRECT DAMAGES OF ANY KIND, INCLUDING CONSEQUENTIAL, INCIDENTAL, SPECIAL, PUNITIVE, OR OTHER DAMAGES WHAOEVER ARISING OUT OF OR RELATED TO ANY USER OF THIS SPECIFICATION, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 5. CP reserves the right to modify or amend this specification at any time, with or without notice to the user, and in its sole discretion. The user is solely responsible for determining whether this specification has been superseded by a later version or a different specification. 6. These terms and conditions will be interpreted and governed by the laws of the State of Delaware without regard to its conflict of laws and rules. Any party asserting any claims related to this specification irrevocably consents to the personal jurisdiction of the U.S. District Court for the District of Delaware and to any state court located in such district of the State of Delaware and waives any objections to the venue of such court. Page ii
4 Table of Contents 1 I n t r o d u c t i o n a n d P u r p o s e Supporting Documents S e c u r e E - m a i l G a t e w a y s Inbound Gateways Flow Implementation Constraints Enterprise Notification Requirements Inbound Gateway Implementation Constraints Outbound Gateways Impact on Flow Enterprise Notification Requirements Gateway Implementation Constraints R e f e r e n c e s Table of Figures Figure 1. High-Level Workflow of a Typical Inspecting Inbound Gateway... 4 Page iii
5 NOT FOR DISTRIBUTION 1 Introduction and Purpose This document, the, is one of a set of documents prepared by the Transglobal Secure Collaboration Program (CP) that introduces the CP Secure v.1 solution. This document is normative for gateways that will inspect encrypted but optional for pass-through gateways. Enterprises may have business requirements to scan incoming or outgoing messages for sensitive, dangerous, suspicious or objectionable content. Since Secure involves user-to-user encryption of messages, the task of inspecting e- mail messages at the enterprise boundary becomes more complex. This document defines design principles for Gateways inspecting encrypted . 1 For an implementing enterprise, this document is a supplement to the CP Secure E- mail v.1 Technical Specification, the main document in the set, and the CP Secure E- mail v.1 Technical Profile which together describe the actors, solution elements, and characteristics of insource and outsource enterprises and the requirements imposed on them. Supporting documents are available for reference and are listed below S u p p o r t i n g D o c u m e n t s Each CP Secure v.1 supporting document is listed below along with a brief description and its associated hyperlink. All CP Secure v.1 documents are available for download on External references are listed in the CP Secure Technical Specification v.1, Section 4.3 External Specifications. CP Secure v.1 Technical Specification This normative document provides technical specifications, best practices and recommendations for a secure capability; it is mandatory for implementing enterprises. CP Secure v.1 Technical Profile This normative document provides configuration requirements for solution elements and is mandatory for implementing enterprises. It addresses the business requirement to protect information in transit by applying technical constraints and controls to the selected solution elements. 1 This document considers only the user-to-user Secure use case. The organization-to-organization use case is outside the scope of version 1 of CP Secure v.1. Page 1
6 CP Secure v.1 High Level Design This non-normative document describes the overall design of CP Secure v.1. It enumerates and recommends technical options for enterprise implementation of CP Secure v.1 to achieve interoperability with other enterprises. CP Secure v.1 Requirements to Services Providers This document defines requirements for Service Providers who may provide diverse services to Outsource Enterprises using Secure . CP Secure v.1 Requirements to Community Service Providers This document outlines the functional and operational requirements of the Community Service Provider (CSP) for Secure . CP Secure v.1 Requirements to Vendors This document articulates requirements to software vendors to support the CP Secure capability. In order to implement Secure v.1, vendors must comply with the specifications set forth in other CP documents which provide technical specifications. CP Secure v.1 PKI Trust Framework This normative document sets forth configuration requirements for PKI solution elements. This document takes the secure business objectives and requirements related to trust fabric, and identifies the building blocks that form the foundation for secure collaboration using Secure . CP Secure v.1 Glossary A comprehensive listing of CP Secure v.1 terms, acronyms and their definitions. Page 2
7 2 Secure Gateways Secure Gateways are implemented as: Inspecting gateways, which receive the original message, create a copy to decrypt and inspect, and take appropriate action on the original message, or Pass-through gateways, which forward on encrypted content without inspection. The following information explains inspecting gateways only, which are in-scope for this document. Pass-through gateways are out-of-scope for this document. Principles articulated in this section apply equally to inspecting gateways that are operated by the enterprises themselves or by contractors acting on their behalf. Inspecting gateways may be inbound or outbound. Requirements for Inbound and Outbound Gateways are similar but not identical; each is covered in its own sub-section. S/MIME encryption and decryption principles within the context of Inbound and Outbound Gateways respectively are described below. Within the context of an Inbound Gateway, S/MIME encryption of an message includes three steps: 1. Generation of a symmetric content encryption key (also called a session key). 2. Encryption of the message content with the session key. 3. Encryption of the session key with the recipient s public key. Similarly, in the context of an Inbound Gateway, decryption of an S/MIMEencrypted message includes three steps: 1. Recovery of the recipient s private key. 2. Decryption (recovery) of the session key using the recovered private key. 3. Decryption (recovery) of the message content with the recovered session key. Within the context of an Outbound Gateway, S/MIME encryption of an message includes four steps: 1. Generation of a symmetric content encryption key (also called a session key). 2. Encryption of the message content with the session key. 3. Encryption of the session key with the recipient s public key. 4. Encryption of the session key with the gateway s public key for the message copy. Similarly, in the context of an Outbound Gateway, decryption of an S/MIMEencrypted message includes three steps: 1. Access to the gateway s private key. 2. Decryption of the session key using the gateway s private key. 3. Decryption of the message content with the gateway s session key. Page 3
8 2. 1 I n b o u n d E - m a i l G a t e w a y s The basic model of an inspecting Inbound Gateway is described below: The gateway is inserted into the flow of messages at the recipient s enterprise. Messages received by the gateway are always encrypted. The gateway decrypts and inspects the message, and either forwards it to the recipient or drops it (Figure 1). Start Receive Message Session Key Content Decrypt Session Key Clear Session Key Content Decrypt Message Content Clear Content Inspect Session Key Content Recipient Private Key Key Escrow Database Yes Policy- Compliant? Forward Message Finish No Block Message Figure 1. High-Level Workflow of a Typical Inspecting Inbound Gateway Some or all shaded steps may be implemented as services external to the Gateway solution element. Depending on what portion of this functionality is implemented by the gateway itself, an Inbound Gateway may need to communicate with: 1. A Key Escrow Database (KED) or, more broadly, a Key Recovery Service (KRS), to recover recipients private keys. 2. A Session Key Recovery Service (SKRS) to recover session keys. 3. A Data Recovery Service to recover message content. Security requirements for the last two cases are equivalent since a recovered session key gives the gateway an opportunity to decrypt only one message. Thus, in the rest of this section, only two cases are distinguished: the KED case and the SKRS case. Page 4
9 Flow Implementation Constraints Document of Origin: Flow Implementation Constraints Receiving enterprises may inspect incoming encrypted using key recovery mechanisms in accordance with CertiPath Key Recovery Policy. 2 An Inbound Gateway shall forward the original message to the intended recipient if it complies with the receiving enterprise s policies An Inbound Gateway shall take action if content does not comply with the receiving enterprise s policies Operation of an Inbound Gateway shall have no impact on the senders of encrypted messages The presence of a gateway shall not impose any additional requirements on the sender, the sender s Client or the infrastructure of the sender s enterprise with the exception of those necessary for inspection An Inbound Gateway should not add any significant delays to the delivery time of encrypted messages An Inbound Gateway should not serve as a source of decrypted messages to any other system, including archiving systems If an Enterprise has a policy of archiving all messages received by its users, it shall notify all enterprises from which it receives or plans to receive encrypted e- mail if an Inbound Gateway feeds decrypted messages from the gateway to its archiving system. Based on its enterprise s policies, if an Inbound Gateway forwards an message to the intended recipient, it should forward the original encrypted (andpossibly, signed) message. 2 CertiPath KRP version 1.4 states in section 1.1: Some Organizations require that the contents of incoming and/or outgoing be examined for compliance with the Organization Policy. This Key Recovery Policy (KRP) provides guidance to ensure that encrypted data is recovered expeditiously when appropriate. The purpose of this document is to describe the security and authentication requirements to implement key recovery operations. 3 Sending an encrypted S/MIME 3.x message involves obtaining a suitable X.509 End-User Encryption Certificate for the recipient and encrypting the message with the public key it contains. Page 5
10 Document of Origin: Flow Implementation Constraints The Inbound Gateway should decrypt the inbound message, verify its content, and forward it in its original encrypted form to the recipient. If an Enterprise does not forward an encrypted message in its original encrypted form to the recipient, e.g., if it is necessary to reencrypt a message or to transmit it within the enterprise in the clear, it shall notify the sending enterprise Enterprise Notification Requirements The CP Secure v.1 specification ensures the confidentiality of messages by enabling encryption from the sender s client to the recipient s client. It is important for enterprises to communicate with partners so that they may determine what impact gateway inspection has upon the assurance of message confidentiality. Document of Origin: Enterprise Notification Requirements Enterprises that operate an Inbound Gateway shall notify all potential sending enterprises about the use of the gateway, provide the necessary (mutually agreed-to) information to them and possibly sign an authorization agreement to that effect. An Enterprise on whose behalf an Inbound Gateway is operated may notify the sending enterprise when an encrypted message from one of its users has been blocked. Page 6
11 2.1.3 Inbound Gateway Implementation Constraints Document of Origin: Inbound Gateway Implementation Constraints An Inbound Gateway may be operated by an Enterprise or a contractor on behalf of an Enterprise. A gateway may use additional services (such as a Key Escrow Database or Session Key Recovery Service) operated by the Enterprise or by contractors in support of the Enterprise The Enterprise shall be responsible for compliance of its Inbound E- mail Gateway. An Inbound Gateway shall be used only for inspection of incoming messages. An Inbound Gateway may be responsible for inspecting both encrypted and unencrypted messages. An Inbound Gateway shall have appropriate technical, physical, procedural, personnel and other controls in place that will prevent private keys, session keys and decrypted messages from exposure to personnel. messages shall exist in their decrypted state for the least possible time. shall be deleted immediately after inspection if it is not archived. Private keys and session keys shall be safely deleted immediately after use in accordance with stipulations of the CertiPath Key Recovery Policy. The Inbound Gateway should log the following types of events: Receipt of an message. Decryption of an message. Outcome of the inspection of an message. Forwarding of an approved message to the recipient. Deletion or forwarding of a blocked message to the exception/quarantine facility. Page 7
12 2. 2 O u t b o u n d E - m a i l G a t e w a y s The basic model of an Gateway adopted in this document was introduced in the CP Secure v.1 Technical Specifications. An Outbound Gateway operates as follows: The Client sends the encrypted message to the external recipients with a copy to the gateway based on enterprise policy. If the message arrives at the gateway encrypted, the gateway decrypts the copy of the message with its key. The gateway inspects the copy of the message, and if the message content does not violate the sending enterprise s policies, the gateway forwards the original encrypted message to the recipient Impact on Flow Document of Origin: Impact on Flow Sending enterprises may inspect outgoing encrypted using mechanisms that maintain the confidentiality of the message in transit. Outbound Gateway shall forward the original message to the intended recipient if it complies with the sending enterprise s policies. An Outbound Gateway shall take action if content does not comply with the sending enterprise s policies. Operation of an Outbound Gateway shall have no impact on the recipients of encrypted messages from the hosting enterprise. The presence of a gateway shall not impose any additional requirements on the recipient, the recipient s Client or the e- mail infrastructure of the recipient s enterprise with the exception of those necessary for inspection Messages shall be signed by the senders only The Outbound Gateway should preserve the sender s signature. An Outbound Gateway should not add any significant delays to the delivery time of encrypted messages. Page 8
13 Document of Origin: Impact on Flow An Outbound Gateway should not serve as a source of decrypted messages to any other system in the enterprise. An Enterprise should not feed decrypted messages from the Outbound Gateway to the archiving system. An Enterprise shall notify all enterprises to which it sends or plans to send encrypted if it feeds decrypted messages from the Outbound Gateway to the archiving system. If an Outbound Gateway blocks a message, it should notify the sender of the message Enterprise Notification Requirements The Secure specification ensures the confidentiality of messages by enabling encryption from the sender s client to the recipient s client. It is important for enterprises to communicate with partners so that they may determine what impact gateway inspection has upon the assurance of message confidentiality Document of Origin: Enterprise Notification Requirements An Enterprise operating an Outbound Gateway may notify potential receiving enterprises about the use of the gateway subject to its own and the other enterprises policies. An Enterprise operating an encrypting Outbound Gateway should notify potential receiving enterprises about the use of the gateway and its functionality, subject to policy. Page 9
14 Gateway Implementation Constraints Document of Origin: Gateway Implementation Constraints An Outbound Gateway may be operated by an Enterprise or a contractor on behalf of an Enterprise. The Enterprise shall be responsible for compliance of its Outbound E- mail Gateway. An Outbound Gateway shall be used only for inspection of outgoing messages. An Outbound Gateway may be responsible for inspecting both encrypted and unencrypted messages. An Outbound Gateway shall have appropriate technical, physical, procedural, personnel and other controls in place that will prevent clear-text messages from exposure to personnel. The gateway should log the following types of events: Receipt of an message. Decryption of an message. Outcome of the inspection of an message. Forwarding of an approved message to the recipient. Deletion or forwarding of a blocked message to the exception/quarantine facility. Page 10
15 3 References CertiPath X.509 Certificate Policy, CertiPath LLC, November CertiPath Key Recovery Policy, CertiPath LLC, May [RFC2246] Dierks T. and C. Allen, The TLS Protocol, Version 1.0. RFC 2246, IETF, January [RFC2401] Kent S. and R. Atkinson, Security Architecture for the Internet Protocol. RFC 2401, IETF, November [RFC2409] Harkins D. and D. Carrel, The Internet Key Exchange (IKE). RFC 2409, IETF, November [RFC3207] Hoffman P., SMTP Service Extension for Secure SMTP over Transport Layer Security. RFC 3207, IETF, February [RFC 4301] Security Architecture for the Internet Protocol. RFC 4301, IETF, December [RFC 4306] Internet Key Exchange (IKEv2) Protocol. RFC 4306, IETF, December [RFC 4346] The Transport Layer Security (TLS) Protocol Version 1.1. RFC 4346, IETF, April [RFC 5246] The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246, IETF, August CP Secure v.1 Technical Profile, Version 2.0.1, Published Sept. 30, Available at CP Secure v.1 Technical Specification, Version 3.0.1, CP, Published Sept. 30, Available at Page 11
Transglobal Secure Collaboration Program Secure E-mail v.1 Requirements to Community Service Providers
Transglobal Secure Collaboration Program Secure E-mail v.1 Requirements to Community Service Providers Prepared by: TSCP Secure E-mail v.1 Project Team Version: 2.0.2 Date: 16 July 2012 TSCP Secure E-mail
More informationTransglobal Secure Collaboration Program Secure E-Mail v.1 Enterprise E-Mail Environment High Level Design
Transglobal Secure Collaboration Program Secure E-Mail v.1 Enterprise E-Mail Environment High Level Design Prepared by: TSCP Secure E-Mail v.1 Project Team Version: 2.0.2 Date: 16 July 2012 TSCP Secure
More informationTSCP Glossary. Document Version: 2.04
TSCP Glossary Document Version: 2.04 Publish Date: 10 August 2012 Copyright 2013 Transglobal Secure Collaboration Participation, Inc. All rights reserved. Terms and Conditions Transglobal Secure Collaboration
More informationSoftware Hosting and End-User License Subscription Agreement
Software Hosting and End-User License Subscription Agreement (Last Updated October 31, 2015) IMPORTANT! The Contrail software (the "SOFTWARE") that you seek to use was developed by OneRain Incorporated
More informationZIMPERIUM, INC. END USER LICENSE TERMS
ZIMPERIUM, INC. END USER LICENSE TERMS THIS DOCUMENT IS A LEGAL CONTRACT. PLEASE READ IT CAREFULLY. These End User License Terms ( Terms ) govern your access to and use of the zanti and zips client- side
More informationBoundary Encryption.cloud Deployment Process Overview
Boundary Encryption.cloud Deployment Process Overview Boundary Encryption.cloud Deployment Process Overview Documentation version: 1.0 Legal Notice Legal Notice Copyright 2011 Symantec Corporation. All
More informationSAMPLE RETURN POLICY
DISCLAIMER The sample documents below are provided for general information purposes only. Your use of any of these sample documents is at your own risk, and you should not use any of these sample documents
More informationRethinking Schools Limited Institutional Site License
Rethinking Schools Limited Institutional Site License This License Agreement ( License ) is entered into the day of [20 ] ( Effective Date ) between Rethinking Schools Limited, a Wisconsin Corporation,
More informationAmazon Trust Services Certificate Subscriber Agreement
Amazon Trust Services Certificate Subscriber Agreement This Certificate Subscriber Agreement (this Agreement ) is an agreement between Amazon Trust Services, LLC ( ATS, we, us, or our ) and the entity
More informationMTConnect Institute Public Comment and Evaluation License Agreement
MTConnect Institute Public Comment and Evaluation License Agreement Effective 6/10/2015 The Association for Manufacturing Technology, a non-profit organization ( AMT ), and the MTConnect Institute jointly
More informationApple Corporate Email Certificates Certificate Policy and Certification Practice Statement. Apple Inc.
Apple Inc. Certificate Policy and Certification Practice Statement Version 2.0 Effective Date: April 10, 2015 Table of Contents 1. Introduction... 4 1.1. Trademarks... 4 1.2. Table of acronyms... 4 1.3.
More informationCCH INCORPORATED, A WOLTERSKLUWER COMPANY ACCESS AGREEMENT FOR THE
CCH INCORPORATED, A WOLTERSKLUWER COMPANY ACCESS AGREEMENT FOR THE Accounting Research Manager INFORMATION DATABASE PROVIDED THROUGH Mayer Hoffman McCann P.C. ("AGREEMENT" OR "ACCESS AGREEMENT") IN THIS
More informationAGREEMENT AND TERMS OF USE
AGREEMENT AND TERMS OF USE The website located at www.100womeninhedgefunds.org and the services of 100 Women in Hedge Funds ( 100WHF ) available thereon (collectively, the Site ), together with the networking
More informationPLANTTOGETHER REFERRAL PARTNER AGREEMENT. Updated: January 1, 2015
PLANTTOGETHER REFERRAL PARTNER AGREEMENT Updated: January 1, 2015 Welcome to PlanetTogether s online referral program (the Referral Program ) provided by PlanetTogether, Inc. a California corporation with
More informationELECTRONIC FILER AGREEMENT [REVISED JANUARY 1, 2014]
This Electronic Filer Agreement ( Agreement ) is made by and between the DII Industries, LLC Asbestos PI Trust ( Trust ), P.O. Box 821628, Dallas, Texas 75382, and the law firm of, with offices at ( Law
More informationThese TERMS AND CONDICTIONS (this Agreement ) are agreed to between InfluencersAtWork,
TERMS AND CONDITIONS INFLUENCERS AT WORK These TERMS AND CONDICTIONS (this Agreement ) are agreed to between InfluencersAtWork, Ltd. ( InfluencerAtWork ) and you, or if you represent a company or other
More informationTerms and Conditions
Terms and Conditions Website Use www.sweetpbakeshop.com Topco Associates, LLC, a Delaware limited liability company, headquartered at 150 Northwest Point Blvd., Elk Grove, IL 60007 ( Company, we or us
More informationPHP POINT OF SALE TERMS OF USE
PHP POINT OF SALE TERMS OF USE This Terms of Use Agreement (the Agreement ) states the terms and conditions that govern the contractual agreement between PHP Point of Sale, LLC, (the Company ) and you
More informationService Agreement: January 2008
International Consultants in Medicine Service Agreement: January 2008 Prior to enrolling in the service as a Member of any degree, you must agree to the following terms and conditions. You may accept these
More informationKAWASAKI MOTORS CORP., U.S.A. WEBSITE LINKING AGREEMENT
KAWASAKI MOTORS CORP., U.S.A. WEBSITE LINKING AGREEMENT This WEBSITE LINKING AGREEMENT (this Agreement ) is made and entered into as of the date set forth on the signature page hereto (the Effective Date
More informationIPInfoDB Web Service Agreement
IPInfoDB Web Service Agreement PLEASE READ THIS WEB SERVICE AGREEMENT CAREFULLY BEFORE DOWNLOADING, INSTALLING OR USING IPINFODB SERVICES. BY CHECKING THE I HAVE READ, UNDERSTAND AND AGREE WITH THE SERVICE
More informationAPP SOFTWARE LICENSE AGREEMENT
APP SOFTWARE LICENSE AGREEMENT This App Software License Agreement (the Agreement ) is made by and between AvePoint, Inc., a Delaware company, with offices at Harborside Financial Center, Plaza 10, 3 Second
More informationFAX-TO-EMAIL END-USER LICENSE AGREEMENT
FAX-TO-EMAIL END-USER LICENSE AGREEMENT This Agreement, which governs the terms and conditions of your use of the Fax-to-Email Services, is between you ("you" or "End-User") and ( we, us, our or Company
More informationLOGIX Fax to Email Service
LOGIX Fax to Email Service ACCEPTANCE OF TERMS AND CONDITIONS This agreement is between LOGIX Communications, L.P. dba LOGIX Communications ("LOGIX") and Customer ("you" or "Customer"), as an authorized
More informationORACLE LINUX AND ORACLE VM SERVICES AGREEMENT
ORACLE LINUX AND ORACLE VM SERVICES AGREEMENT A. Agreement Definitions You and your refers to the individual or entity that has executed this agreement ( agreement ) and ordered services from Oracle Finland
More informationC. System Requirements. Apple Software is supported only on Apple-branded hardware that meets specified system requirements as indicated by Apple.
ENGLISH APPLE INC. SOFTWARE LICENSE AGREEMENT FOR APPLE STORE APPLICATION PLEASE READ THIS SOFTWARE LICENSE AGREEMENT ("LICENSE") CAREFULLY BEFORE USING THE APPLE SOFTWARE. BY USING THE APPLE SOFTWARE,
More informationSimple DCP Terms of Service
1. ACCEPTANCE OF TERMS Simple DCP Terms of Service Simple DCP, a General Partnership ("Simple DCP") welcomes you ( you, your or User ). Simple DCP provides the Simple DCP Services (defined below) to you
More informationExchange 2010 Journaling Guide
Websense Email Security Solutions v7.3 Websense Advanced Email Encryption Copyright 1996-2011 Websense, Inc. All rights reserved. This document contains proprietary and confidential information of Websense,
More informationNew Security Features
New Security Features BlackBerry 10 OS Version 10.3.1 Published: 2014-12-17 SWD-20141211141004210 Contents About this guide... 4 Advanced data at rest protection... 5 System requirements... 6 Managing
More informationProvider secure web portal & Member Care Information portal Registration Form
Provider secure web portal & Member Care Information portal Registration Form Thank you for your interest in registering for the Aetna Better Health Provider Secure Web Portal and the Aetna Better Health
More informationINVESTOR NETWORKING SERVICE AGREEMENT
INVESTOR NETWORKING SERVICE AGREEMENT THIS INVESTOR NETWORKING SERVICE AGREEMENT (this Agreement ) dated as of, 201 shall govern participation in the service provided by Delaware Trust Company, a Delaware
More informationWeb Site Development Agreement
Web Site Development Agreement 1. Parties; Effective Date. This Web Site Development Agreement ( Agreement ) is between Plug-N-Run, its affiliates, (including but not limited to USA Financial, USA Financial
More informationService Description: Dell Backup and Recovery Cloud Storage
Service Description: Dell Backup and Recovery Cloud Storage Service Providers: Dell Marketing L.P. ( Dell ), One Dell Way, Round Rock, Texas 78682, and it s worldwide subsidiaries, and authorized third
More informationPolicy Based Encryption E. Administrator Guide
Policy Based Encryption E Administrator Guide Policy Based Encryption E Administrator Guide Documentation version: 1.2 Legal Notice Legal Notice Copyright 2012 Symantec Corporation. All rights reserved.
More informationPolicy Based Encryption E. Administrator Guide
Policy Based Encryption E Administrator Guide Policy Based Encryption E Administrator Guide Documentation version: 1.2 Legal Notice Legal Notice Copyright 2012 Symantec Corporation. All rights reserved.
More informationCovered California. Terms and Conditions of Use
Terms and Conditions of Use Contents: Purpose Of This Agreement Privacy Policy Modification Of This Agreement Permission To Act On Your Behalf How We Identify You Registration Additional Terms For Products
More informationTerms & Conditions Template
Terms & Conditions Template AGREEMENT BETWEEN USER AND [INSERT NAME] [INSERT NAME] Web Site is comprised of various Web pages operated by [INSERT NAME]. The [INSERT NAME] Web Site is offered to you conditioned
More informationAll copyright, trade mark, design rights, patent and other intellectual property rights (registered or unregistered) in the Content belongs to us.
LEO Pharma Terms of use We/ Us/ Our You/Your Website Content LEO Laboratories Limited a company registered in the United kingdom under number 662129) known as LEO Pharma (LEO Pharma) and companies affiliated
More informationPolicy Based Encryption Z. Administrator Guide
Policy Based Encryption Z Administrator Guide Policy Based Encryption Z Administrator Guide Documentation version: 1.2 Legal Notice Legal Notice Copyright 2012 Symantec Corporation. All rights reserved.
More informationTERMS OF USE. Last Updated: October 8, 2015
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8430 www.pcaobus.org TERMS OF USE Last Updated: October 8, 2015 This Terms of Use Agreement (this "Agreement") is
More informationThe Credit Control, LLC Web Site is comprised of various Web pages operated by Credit Control, LLC.
TERMS OF USE AGREEMENT BETWEEN USER AND Credit Control, LLC The Credit Control, LLC Web Site is comprised of various Web pages operated by Credit Control, LLC. The Credit Control, LLC Web Site is offered
More informationWEBSITE TERMS & CONDITIONS. Last updated March 27, 2015
WEBSITE TERMS & CONDITIONS Last updated March 27, 2015 1. Introduction and Acceptance of Terms & Conditions Running Away Enterprises, LLC, a Delaware limited liability company d/b/a Enmotive ( us, we,
More informationRockWare Click-Wrap Software License Agreement ( License )
RockWare, Inc. ( RockWare ) 2221 East Street, Suite 101 Golden CO 80401 USA RockWare Click-Wrap Software License Agreement ( License ) IMPORTANT - READ ALL OF THE TERMS AND CONDITIONS IN THIS LICENSE CAREFULLY
More informationBank Independent Bank to Bank Transfer Addendum (Consumers Only)
Bank Independent Bank to Bank Transfer Addendum (Consumers Only) This Bank to Bank Transfer Addendum (this Addendum ) is an addendum to your Online Banking Agreement and Electronic Funds Transfer Act Notice,
More informationRevised 10/13 SUBSCRIBER AGREEMENT. Introduction
SUBSCRIBER AGREEMENT Introduction This Agreement (the "Agreement") sets forth the terms and conditions under which Consolidated Companies, Inc., together with any affiliate and/or distribution partner
More informationCENTRAL SAVINGS BANK BUSINESS INTERNET BANKING AGREEMENT
CENTRAL SAVINGS BANK BUSINESS INTERNET BANKING AGREEMENT This Business Internet Banking Agreement ( Agreement ) contains the terms and conditions governing your use of Central Savings Bank s ( Bank ) Business
More informationELKHART COUNTY BOARD OF REALTORS AND MULTIPLE LISTING SERVICE OF ELKHART COUNTY INC. VIRTUAL OFFICE WEBSITE (VOW) LICENSE AGREEMENT
ELKHART COUNTY BOARD OF REALTORS AND MULTIPLE LISTING SERVICE OF ELKHART COUNTY INC. VIRTUAL OFFICE WEBSITE (VOW) LICENSE AGREEMENT This License Agreement (the Agreement) is made and entered into between
More informationRELYING PARTY AGREEMENT AND LIMITED WARRANTY
RELYING PARTY AGREEMENT AND LIMITED WARRANTY YOU ARE REQUIRED TO READ THIS AGREEMENT CAREFULLY BEFORE RELYING ON A DIGICERT CLICKID SITE SEAL, SSL CERTIFICATE, OR OTHER SITE AUTHENTICATION PRODUCT OR SERVICE.
More informationIBM Lotus Protector for Mail Encryption
IBM Lotus Protector for Mail Encryption for Windows User's Guide 2.1.1 Version Information Lotus Protector for Mail Encryption User's Guide. Lotus Protector for Mail Encryption Version 2.1.1. Released
More informationHYBRID SOLUTIONS INDEPENDENT SOFTWARE VENDOR AGREEMENT
HYBRID SOLUTIONS INDEPENDENT SOFTWARE VENDOR AGREEMENT THE VERTEXFX TRADER API (THE SOFTWARE ) AND THE ACCOMPANYING DOCUMENTATION (THE RELATED MATERIALS ) (COLLECTIVELY, THE PRODUCT ) ARE PROTECTED BY
More informationENHANCED HOST CONTROLLER INTERFACE SPECIFICATION FOR UNIVERSAL SERIAL BUS (USB) 2.0 - ADOPTERS AGREEMENT
ENHANCED HOST CONTROLLER INTERFACE SPECIFICATION FOR UNIVERSAL SERIAL BUS (USB) 2.0 - ADOPTERS AGREEMENT This Enhanced Host Controller Interface Specification for Universal Serial Bus (USB) 2.0 - Adopters
More informationRead This Internet Service Agreement Carefully Before Using Our Internet Services.
HTC INTERNET SERVICE AGREEMENT Read This Internet Service Agreement Carefully Before Using Our Internet Services. 1. INTRODUCTION. HTC, Inc. ("HTC") provides its Internet services, as they may exist from
More information.uk Registration Agreement
1/6.uk Registration Agreement In order that a party may hold a valid.co.uk or.org.uk domain name registration, Tucows Inc. requires that all registrants adhere to certain terms and conditions. As an organization
More informationCKEditor - Enterprise OEM License
CKEditor - Enterprise OEM License CERTIFICATE OF LICENSE OWNERSHIP CERTIFICATE NUMBER CERTIFICATE DATE SUPPORT AND UPGRADES EXPIRATION ETRQGY582.002027CN December 02, 2014 December 02, 2015 PRODUCT NAME
More informationCOMPUTER SOFTWARE AS A SERVICE LICENSE AGREEMENT
COMPUTER SOFTWARE AS A SERVICE LICENSE AGREEMENT This Agreement is binding on the individual and the company, or other organization or entity, on whose behalf such individual accepts this Agreement, that
More informationWE RECOMMEND THAT YOU PRINT OUT AND KEEP A COPY OF THIS AGREEMENT FOR YOUR FUTURE REFERENCE.
RAPID CONNECT SERVICES(sm) and SPECIFICATION LICENSE AGREEMENT THIS RAPID CONNECT SERVICES AND SPECIFICATION LICENSE AGREEMENT IS BETWEEN FIRST DATA MERCHANT SERVICES CORPORATION ( FDMS ) FDMS AND YOU,
More informationAGREEMENT BETWEEN USER AND Global Clinical Research Management, Inc.
AGREEMENT BETWEEN USER AND Global Clinical Research Management, Inc. The Global Clinical Research Management, Inc. Web Site is comprised of various Web pages operated by Global Clinical Research Management,
More informationCITRIX SYSTEMS, INC. SOFTWARE LICENSE AGREEMENT
CITRIX SYSTEMS, INC. SOFTWARE LICENSE AGREEMENT PLEASE READ THIS SOFTWARE LICENSE AGREEMENT CAREFULLY BEFORE DOWNLOADING, INSTALLING OR USING CITRIX OR CITRIX-SUPPLIED SOFTWARE. BY DOWNLOADING OR INSTALLING
More informationHamilton.net User Agreement Revised August 31, 2004. Acceptance of Terms Through Use
Hamilton.net User Agreement Revised August 31, 2004 Acceptance of Terms Through Use By using the Hamilton.net Internet Service (the Service ), you signify your agreement to all of the terms, conditions,
More informationCopyright 2006. Sagicor Life Insurance Company. All rights reserved.
Terms & Conditions Welcome to Sagicor Life Insurance Company ( Sagicor ). Sagicor maintains this website for your personal information, education and communication. Your access to and use of this website
More informationTerms of Service. 1. Acceptance Of Terms. 2. Use Of Customer Information And Privacy Policy. 3. Ownership Of Site Content
Terms of Service 1. Acceptance Of Terms IT4Professionals is an Internet-based Web site that offers webdesign, domain name registration, hosting, dynamic DNS, email and sms marketing, PC services and software
More informationMyShortcut. Administrator's Guide
MyShortcut Administrator's Guide January 2011 www.lexmark.com Lexmark and Lexmark with diamond design are trademarks of Lexmark International, Inc., registered in the United States and/or other countries.
More informationADP Ambassador /Referral Rewards Program. Terms and Conditions of Use
ADP Ambassador /Referral Rewards Program Terms and Conditions of Use These Terms and Conditions ("Terms") are an agreement between ADP, LLC ("ADP"), on behalf of its Major Accounts Services Division ("MAS"),
More informationPerfectForms End-User License Agreement
PerfectForms End-User License Agreement 2011 PerfectForms Page 1 of 12 Contents 1. DEFINITIONS... 4 2. GRANT OF RIGHTS... 4 3. FEES... 5 4. CONFIGURATION... 5 5. INTELLECTUAL PROPERTY... 5 6. TERM AND
More informationSOFTWARE LICENSE AGREEMENT
SOFTWARE LICENSE AGREEMENT This Software License Agreement (the "Agreement") is made as of the day of, 2015 ( Effective Date ), by and between ("Company"), located at and ("Subscriber"), located at. Both
More informationBillTracker Subscription Agreement.
BillTracker Subscription Agreement Please carefully read the information included in this BillTracker Subscription Agreement, a service of Nebraska.gov. Complete pages 1 and 2 of this Agreement, sign and
More informationIn the Agreement, "we", us" and "our" refer to Computerisms. "you" or "your" refers to the Client.
Web Hosting Agreement! This Agreement covers the terms and conditions under which Computerisms provides web-hosting services to the agreeing party. As an organization or individual applying for web-hosting
More informationAgreement. Whereas, ThinkGeek is interested in creating products based on the Idea.
Agreement This Agreement is entered into as of ( Effective Date ) by and between ( Inventor ), [ADDRESS] and ThinkGeek, Inc., a Delaware corporation with an office at 11216 Waples Mill Rd., Suite 100,
More informationUBS Electronic Trading Agreement Global Markets
UBS Electronic Trading Agreement Global Markets Version: 1.1 November 2014 I. UBS ELECTRONIC TRADING AGREEMENT 1.1 UBS Limited ( UBSL ) provides an electronic trading service, which enables certain clients
More informationBLUEWAVE COMMUNICATIONS INTERNET SERVICE AGREEMENT Read This Internet Service Agreement Carefully Before Using Our Internet Services.
BLUEWAVE COMMUNICATIONS INTERNET SERVICE AGREEMENT Read This Internet Service Agreement Carefully Before Using Our Internet Services. 1. INTRODUCTION. BLUEWAVE COMMUNICATIONS provides its Internet services,
More informationSOFTWARE LICENSE AGREEMENT (Web Version October 18, 2002)
SOFTWARE LICENSE AGREEMENT (Web Version October 18, 2002) Whenever LICENSEE licenses software products ( Program(s) as further defined herein), a License Form shall be executed which shall refer to this
More informationii. sold, licensed, transferred or assigned to no other party for a period of thirty (30) days;
Tymax Media Vendor Operating Agreement Tymax Media Vendor Operating Agreement (the "Agreement") is made and entered into by and between Tymax Media ("Tymax Media," us or "we"), and you, ("you" or "Vendor")
More informationIf a Client and a Freelancer enter an independent contractor relationship, then this Freelancer Agreement ( Freelancer Agreement ) will apply.
Freelancer Agreement If a Client and a Freelancer enter an independent contractor relationship, then this Freelancer Agreement ( Freelancer Agreement ) will apply. This Agreement is effective as of March
More informationAcceptance of Terms. Terms of Service. Privacy Policy. Terms Applicable to All Products and Services. Last Updated: January 24, 2014
Acceptance of Terms Last Updated: January 24, 2014 Terms of Service Please read this Terms of Service Agreement carefully. MedicaidInsuranceBenefits.com ("MedicaidInsuranceBenefits.com," "our," "us") provides
More informationCayo Software Reseller Agreement
Cayo Software Reseller Agreement Reseller Company Name: Contact Email Address: Phone: Website: Coverage Area: This agreement is between Cayo Software, LLC an Ohio Limited Liability Corporation (the VENDOR
More informationHow To Use Etechglobal Online Store
5204 S. Sand Cherry Circle, Sioux Falls SD 57108 www.etechglobal.com Phone: (605) 339-4529 Merchant Service and Licensing Agreement AGREEMENT The EtechGlobal Online Store service ("EtechGlobal Online Store"
More informationService Agreement Hosted Dynamics GP
Service Agreement Hosted Dynamics GP This is a Contract between you ( Company ) and WebSan Solutions Inc. ( WebSan ) of 245 Fairview Mall Drive, Suite 508, Toronto, ON M2J 4T1, Canada. This contract applies
More informationTERMS AND CONDITIONS
TERMS AND CONDITIONS These Terms and Conditions are applicable to the use of this website (the Website ), regardless of how You accessed it. You or any derivation thereof, as used herein refers to a user
More informationProvider Web Portal Registration Form
Provider Web Portal Registration Form Thank you for your interest in registering for the Maryland Physicians Care provider web portal. Maryland Physicians Care is committed to protecting the privacy of
More informationTHOMSON REUTERS (TAX & ACCOUNTING) INC. FOREIGN NATIONAL INFORMATION SYSTEM TERMS OF USE
THOMSON REUTERS (TAX & ACCOUNTING) INC. FOREIGN NATIONAL INFORMATION SYSTEM TERMS OF USE 1. License and Permitted Use The Foreign National Information System (FNIS) is licensed, not sold. Subject to the
More informationJozii LLC WEBSITE TERMS OF SERVICE
Jozii LLC WEBSITE TERMS OF SERVICE 1. Acceptance of Terms. Welcome to Jozii. By using our Internet website, you indicate your unconditional acceptance of the following Terms of Service. Please read them
More informationVIRTUAL OFFICE WEBSITE LICENSE AGREEMENT
Florida Keys Multiple Listing Service, Inc. VIRTUAL OFFICE WEBSITE LICENSE AGREEMENT Florida Keys MLS, Inc. 92410 Overseas Hwy, Ste. 11 Tavernier FL 33070 305-852-92940 305-852-0716 (fax) www.flexmls.com
More informationECLIPSE FOUNDATION, Inc. INTELLECTUAL PROPERTY POLICY Effective as of July 21, 2011 (the Effective Date )
ECLIPSE FOUNDATION, Inc. INTELLECTUAL PROPERTY POLICY Effective as of July 21, 2011 (the Effective Date ) 0. DEFINITIONS Content is copyrightable material, including without limitation software, documentation,
More informationGENERAL PROVISIONS...6
Preface This Key Recovery Policy (KRP) is provided as a requirements document to the External Certification Authorities (ECA). An ECA must implement key recovery policies, procedures, and mechanisms that
More informationAlliance for Fertility Preservation Website and Fertility Preservation Services Locator and Referral System Terms and Conditions of Use
Alliance for Fertility Preservation Website and Fertility Preservation Services Locator and Referral System Terms and Conditions of Use PLEASE READ THESE TERMS AND CONDITIONS OF USE (the "TERMS") CAREFULLY
More information"Certification Authority" means an entity which issues Certificates and performs all of the functions associated with issuing such Certificates.
QUICKSSL PREMIUM(tm) SUBSCRIBER AGREEMENT Please read the following agreement carefully. By submitting an application to obtain a QuickSSL Premium(tm) Certificate and accepting and using such certificate,
More informationTerms and Conditions
Terms and Conditions Agreement between user and www.victorialondons.com Welcome to www.victorialondons.com. The www.victorialondons.com website (the "Site") is comprised of various web pages operated by
More informationMRMLS LISTING INFORMATION LICENSE AGREEMENT
MRMLS LISTING INFORMATION LICENSE AGREEMENT (MRMLS data feed to Affiliated VOW Partner) This Listing Information License Agreement (the Agreement ) is made and entered into by and between MULTI REGIONAL
More informationAMERICAN INSTITUTES FOR RESEARCH OPEN SOURCE SOFTWARE LICENSE
AMERICAN INSTITUTES FOR RESEARCH OPEN SOURCE SOFTWARE LICENSE 1. DEFINITIONS. 1.1. "Contributor" means each individual or entity that creates or contributes to the creation of Modifications. 1.2. "Contributor
More informationOnline Banking Agreement
Online Banking Agreement I. Introduction This Online Banking Agreement (this Agreement ) is entered into by you and Lewiston State Bank ( us or Bank ) and governs (together with any other online banking
More informationElectronic Check Deposit User Agreement
Electronic Check Deposit User Agreement These terms (Electronic Check Deposit Terms) will govern your use of LGE Community Credit Union Electronic Check Deposit (Electronic Check Deposit), and are incorporated
More informationACCENTURE VIETNAM LTD PURCHASE ORDER TERMS AND CONDITIONS
ACCENTURE VIETNAM LTD PURCHASE ORDER TERMS AND CONDITIONS 1. The Vendor-furnished products (including, without limitation, software, hardware, equipment and any parts, components and accessories) ( Products
More information1.1 Authorized User means an employee of Customer who has been issued a User ID in accordance with Section 3.2(a).
RealPrence Cloud Video Meeting Services POLYCOM, INC., VIDEO-AS-A-SERVICE TERMS OF SERVICE This Video-as-a-Service Terms of Service (the Agreement ) govern the access to and use of the VaaS by each person
More informationOnline Back-Up, Off-Site Back-Up, Restore Service of Back-Up.
TERMS OF SERVICE: Online Back-Up, Off-Site Back-Up, Restore Service of Back-Up. The following Terms and Conditions are applicable to all individual users / corporate clients who use, sign-up and pay-for
More informationTerms of Use Mercer BenefitsCentral SM
Terms of Use Mercer BenefitsCentral SM This page provides important information regarding the scope, duration and terms of any insurance or service you may obtain or apply for on this website ( Service
More informationTechnical Help Desk Terms of Service
Technical Help Desk Terms of Service This esecuritel Technical Help Desk Terms of Service (the Agreement ) is provided in connection with the eligible tablet enrolled in either the Advanced Protection
More informationSecure Portal 3.0. Overview for Email Users. 11.2012tml
Secure Portal 3.0 Overview for Email Users 11.2012tml Contents of this document are subject to change without notice. Visit our website at http://www.omni403b.com to ensure you have the most current version.
More informationSMARSH WEBSITE & HOSTING REPRESENTATIVE TERMS & CONDITIONS
SMARSH WEBSITE & HOSTING REPRESENTATIVE TERMS & CONDITIONS This Webhosting & Services Terms and Conditions ( Terms ) are effective as of the date of execution of the Order Form, as defined in Section 1,
More informationELECTRONIC FILER AGREEMENT
ELECTRONIC FILER AGREEMENT This Electronic Filer Agreement (the Agreement) is made by and among the Celotex Asbestos Settlement Trust (the Celotex Trust), and, after assignment as hereinafter provided,
More informationONLINE BACKUP SERVICE SUBSCRIPTION AGREEMENT
Phone: (815)726-4067 ONLINE BACKUP SERVICE SUBSCRIPTION AGREEMENT Instructions: Please complete the last page of this agreement and return the entire agreement by fax or by mail to: P.O. Box 3999 Joliet,
More information