Security. Michael E. Locasto University of Calgary
|
|
- Valerie Willis
- 8 years ago
- Views:
Transcription
1 Security Michael E. Locasto University of Calgary
2 Agenda Read Chapter 20 and 21 - don t need to memorize PEM details background: RFCs, Chapter 22 Concept queskon: Where do we put security? SMTP Refresher security considerakons PEM, S/MIME, PGP We will talk more about infrastructure security on Friday 4/2/15 Michael E. Locasto, CPSC 2
3 QoD JJ asks: "How do we alter someone else's , so that we know how to protect against such a malicious a]ack? 4/2/15 Michael E. Locasto, CPSC 3
4 OK, so I know none of you ever use and that only people between the ages of 28 and 64 use , and eventually all these people will die off, so who cares about security, blah blah blah, but the point is that whatever asynchronous messaging pladorm you use, it will have the same end- to- end security and privacy concerns. CAVEAT 4/2/15 Michael E. Locasto, CPSC 4
5 MoKvaKng QuesKon Where do we place security in the system and network stack? Problem domain: asynchronous chat - , IRC, skype, twi]er, ICQ, gchat/aim, facebook messaging, web forums, etc. 4/2/15 Michael E. Locasto, CPSC 5
6 Simple Model Alice specifies a message containing headers and a body, and hands the message to an untrustworthy network to read, interpret, and rewrite her message on each hop toward Bob, the recipient (who may be offline). Conceptually similar to IP with a sprinkling of source- roukng style recording of the route of the message. 4/2/15 Michael E. Locasto, CPSC 6
7 4/2/15 Michael E. Locasto, CPSC 7
8 SMTP Terminology Simple mail transfer protocol store and forward model mail client / user agent (UA) sends to series of: MTA (message transfer agent) 4/2/15 Michael E. Locasto, CPSC 8
9 4/2/15 Michael E. Locasto, CPSC 9
10 You ll typically see an SMTP instance (sendmail, qmail, posdix) running on localhost at port 25; this is for local mail delivery 4/2/15 Michael E. Locasto, CPSC 10
11 Servers can play with your message. Usually this is just adding headers to track the message path, ank- spam countermeasures, etc. But MTAs somekmes play with the message content itself b/c machines have different ways of represenkng plaintext. This is annoying when we think of applying standard solukons for integrity. 4/2/15 Michael E. Locasto, CPSC 11
12 Standard Menu of C- I- A Threats Denial of Service RewriKng message Snooping/sniffing message in transit / at rest AuthenKcaKon of senders? Recipients? Sender anonymity Traffic analysis (did A send a msg to B?) business concerns: recall, return receipt, etc. 4/2/15 Michael E. Locasto, CPSC 12
13 Content Security (end- to- end) PEM (Privacy Enhanced Mail) - confidenkality, src auth, integrity (txt) - symmetric or asymmetric S/MIME - adapt PEM for use in MIME regime - e.g., signed data, encrypted data are new MIME types PGP (Pre]y Good Privacy) - web of trust, public key crypto 4/2/15 Michael E. Locasto, CPSC 13
14 Preliminary: Base- 64 encoding uuencode/uudecode map arbitrary data into a small set of characters, adding <CR><LF> 4/2/15 Michael E. Locasto, CPSC 14
15 4/2/15 Michael E. Locasto, CPSC 15
16 Main Ideas: Types of Content cleartext integrity- protected cleartext integrity- protected encoded data encrypted, integrity- protected data, encoded varying requirements on the recipient (knowledge & ability to decode) key establishment (especially PEM symmetric)? 4/2/15 Michael E. Locasto, CPSC 16
17 Main Ideas: IdenKfying Content Delimit the protected content in some way BEGIN PRIVACY- ENHANCED MESSAGE END PRIVACY- ENHANCED MESSAGE /2/15 Michael E. Locasto, CPSC 17
18 4/2/15 Michael E. Locasto, CPSC 18
19 4/2/15 Michael E. Locasto, CPSC 19
20 4/2/15 Michael E. Locasto, CPSC 20
21 S/MIME adapts PEM Ideas In the MIME encoding framework applicakon/pkcs7- signature applicakon/pkcs7- mime Did not try to create a PKI like PEM did 4/2/15 Michael E. Locasto, CPSC 21
22 S/MIME to PGP S/MIME allows users to obtain cerkficates from any cerkficate authority A sender communicates their cerkficate to a recipient simply by sending a signed message, but Bob skll needs to establish trust in the binding Upshot: S/MIME is effeckve against passive eavesdropping forecasts the introduckon of PGP 4/2/15 Michael E. Locasto, CPSC 22
23 Key DistribuKon PEM: Rigid hierarchy of Cas PGP: web- of- trust ( anarchy ) S/MIME: doesn t care, but prackcally: assumes disconnected set of federated CAs 4/2/15 Michael E. Locasto, CPSC 23
24 Unaddressed Security of server infrastructure - bugs - spam - domain/dns ownership - client authenkcakon PEM cerkficate hierarchy - example of PKI concept Public Key Infrastructure in general - trust in the PKI, cerkficate authorikes, etc. 4/2/15 Michael E. Locasto, CPSC 24
25 THE END 4/2/15 Michael E. Locasto, CPSC 25
CS 356 Lecture 27 Internet Security Protocols. Spring 2013
CS 356 Lecture 27 Internet Security Protocols Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
More informationInternet Architecture
Internet Architecture Lecture 10: How Email Work Assistant Teacher Samraa Adnan Al-Asadi 1 How Email Works Electronic mail, or email, might be the most heavily used feature of the Internet. You can use
More informationDKIM last chance for mail service? TFMC2 01/2006
DKIM last chance for mail service? TFMC2 01/2006 Mail service status More and more spam, fishing, spoofing, virus More and more energy in spam fighting More and more messages lost because : Imperfect automatic
More informationThe basic groups of components are described below. Fig X- 1 shows the relationship between components on a network.
Elements of Email Email Components There are a number of software components used to produce, send and transfer email. These components can be broken down as clients or servers, although some components
More informationEmail Security. Guevara Noubir Network Security Northeastern University
Guevara Noubir Network Security Northeastern University 1 Email One of the most widely used applica>ons of the Internet but s>ll rela>vely insecure Designed without security concerns How does email work?
More informationSecurity Protocols: SSH. Michael E. Locasto University of Calgary
Security Protocols: SSH Michael E. Locasto University of Calgary Agenda Philosophy: data protec?on on the network Discussion of SSH SSH history Authen?ca?on Mechanisms SSH2 design overview / architecture
More information4.1: Securing Applications Remote Login: Secure Shell (SSH) E-Mail: PEM/PGP. Chapter 5: Security Concepts for Networks
Chapter 2: Security Techniques Background Chapter 3: Security on Network and Transport Layer Chapter 4: Security on the Application Layer Secure Applications Network Authentication Service: Kerberos 4.1:
More informationChapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012
Chapter 8 Security IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross, All
More informationNetwork Security - ISA 656 Email Security
Network Security - ISA 656 Angelos Stavrou November 13, 2007 The Usual Questions The Usual Questions Assets What are we trying to protect? Against whom? 2 / 33 Assets The Usual Questions Assets Confidentiality
More informationEmail. Daniel Zappala. CS 460 Computer Networking Brigham Young University
Email Daniel Zappala CS 460 Computer Networking Brigham Young University How Email Works 3/25 Major Components user agents POP, IMAP, or HTTP to exchange mail mail transfer agents (MTAs) mailbox to hold
More informationEmail Security. Issues:
Email Security Email Security Issues: Not real time, can afford to use public key cryptosystems more. Certification of keys is much harder because anyone can send anyone else some mail Strictly end to
More informationHow To Protect Your Email From Being Hacked On A Pc Or Mac Or Ipa From Being Stolen On A Network (For A Free Download) On A Computer Or Ipo (For Free) On Your Pc Or Ipom (For An Ipo
The Case for Email Security secure, premium by Erik Kangas, President, Lux Scientiae Section 1: Introduction to Email Security You may already know that email is insecure; however, it may surprise you
More informationInternational Journal of Computer Trends and Technology- March to April Issue 2011
EMAIL SECURITY PROTOCOL Sunny gill 1, Gaurav Rupnar 1, Vaibhav Ramteke 1,PROF. Dipti Patil 2, Vijay M.Wadhai 3 1 Computer Engineering Department, MIT College of Engineering,Pune 2 Assistant Professor,
More informationTable of Contents. Electronic mail. History of email (2) History of email (1) Email history. Basic concepts. Aka e-mail (or email according to Knuth)
Table of Contents Electronic mail Aka e-mail (or email according to Knuth) Karst Koymans / Jeroen van der Ham Informatics Institute University of Amsterdam Tuesday, September 25, 2011 Email history Basic
More informationProf. Sead Muftic Feng Zhang. Lecture 10: Secure E-mail Systems
Prof. Sead Muftic Feng Zhang Lecture 10: Secure E-mail Systems Lecture 10 : Secure E mail Systems Subjects / Topics : 1. Secure E mail systems 2. Secure, Trusted, Authorized and Reliable E Mail System
More informationWhy you need secure email
Why you need secure email WHITE PAPER CONTENTS 1. Executive summary 2. How email works 3. Security threats to your email communications 4. Symmetric and asymmetric encryption 5. Securing your email with
More informationEmail Security 1 / 43
Email Security 1 / 43 General Strategy Some Details Transit Issues Signing Headers General Flow Securing Transit Mail Steps MTA to MTA Security Traffic Analysis 2 / 43 General Strategy General Strategy
More informationInternet Security [1] VU 184.216. Engin Kirda engin@infosys.tuwien.ac.at
Internet Security [1] VU 184.216 Engin Kirda engin@infosys.tuwien.ac.at Christopher Kruegel chris@auto.tuwien.ac.at Administration Challenge 2 deadline is tomorrow 177 correct solutions Challenge 4 will
More informationSecure Client Applications
Secure Client Applications Networking Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 26 June 2014 Common/Reports/secure-client-apps.tex, r900 1/26 Acronyms
More informationManaging and Securing Computer Networks. Guy Leduc. Chapter 3: Securing applications. Chapter goals: security in practice:
Managing and Securing Computer Networks Guy Leduc Chapter 3: Securing applications Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross Addison-Wesley, March 2012. (section 8.5)
More informationIBM. Implementing SMTP and POP3 Scenarios with WebSphere Business Integration Connect. Author: Ronan Dalton
IBM Implementing SMTP and POP3 Scenarios with WebSphere Business Integration Connect Author: Ronan Dalton Table of Contents Section 1. Introduction... 2 Section 2. Download, Install and Configure ArGoSoft
More informationOptions for encrypted e-mail communication with AUDI AG Version of: 31 May 2011
Options for encrypted e-mail communication with AUDI AG Version of: 31 May 2011 1 Options for encrypted e-mail communication with AUDI AG Confidential information may only be transmitted in encrypted form
More informationElectronic Mail Security. Email Security. email is one of the most widely used and regarded network services currently message contents are not secure
Electronic Mail Security CSCI 454/554 Email Security email is one of the most widely used and regarded network services currently message contents are not secure may be inspected either in transit or by
More informationStandards and Products. Computer Security. Kerberos. Kerberos
3 4 Standards and Products Computer Security Standards and Products Public Key Infrastructure (PKI) IPsec SSL/TLS Electronic Mail Security: PEM, S/MIME, and PGP March 24, 2004 2004, Bryan J. Higgs 1 2
More informationClearswift Information Governance
Clearswift Information Governance Implementing the CLEARSWIFT SECURE Encryption Portal on the CLEARSWIFT SECURE Email Gateway Version 1.10 02/09/13 Contents 1 Introduction... 3 2 How it Works... 4 3 Configuration
More informationHow To Write An Email On A Linux Computer (No Mail) (No Email) (For Ahem) (Or Ahem, For Ahem). (For An Email) Or Ahem.Org) (Ahem) Or An Email
Electronic mail Aka email (Knuth) dr. C. P. J. Koymans Informatics Institute Universiteit van Amsterdam November 20, 2007 dr. C. P. J. Koymans (UvA) Electronic mail November 20, 2007 1 / 31 History of
More informationElectronic Mail Security
email 1 Electronic Mail Security Slide 1 Characteristics File transfer, except... sender, receiver may not be present at the same time diversity(charactersets, headers,...) not a transparent channel (8
More informationMessage Authentication Signature Standards (MASS) BOF. Jim Fenton <fenton@cisco.com> Nathaniel Borenstein <nsb@guppylake.com>
Message Authentication Signature Standards (MASS) BOF Jim Fenton Nathaniel Borenstein Agenda Introductions and Agenda Bashing (10 min) Scribe?? Overview of existing
More informationWhat is network security?
Network security Network Security Srinidhi Varadarajan Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application
More informationLecture 9 - Network Security TDTS41-2006 (ht1)
Lecture 9 - Network Security TDTS41-2006 (ht1) Prof. Dr. Christoph Schuba Linköpings University/IDA Schuba@IDA.LiU.SE Reading: Office hours: [Hal05] 10.1-10.2.3; 10.2.5-10.7.1; 10.8.1 9-10am on Oct. 4+5,
More information: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT
Subject Code Department Semester : Network Security : XCS593 : MSc SE : Nineth Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT Part A (2 marks) 1. What are the various layers of an OSI reference
More information2- Electronic Mail (SMTP), File Transfer (FTP), & Remote Logging (TELNET)
2- Electronic Mail (SMTP), File Transfer (FTP), & Remote Logging (TELNET) There are three popular applications for exchanging information. Electronic mail exchanges information between people and file
More informationChapter 6 Electronic Mail Security
Cryptography and Network Security Chapter 6 Electronic Mail Security Lectured by Nguyễn Đức Thái Outline Pretty Good Privacy S/MIME 2 Electronic Mail Security In virtually all distributed environments,
More informationInternet Technology 2/13/2013
Internet Technology 03r. Application layer protocols: email Email: Paul Krzyzanowski Rutgers University Spring 2013 1 2 Simple Mail Transfer Protocol () Defined in RFC 2821 (April 2001) Original definition
More informationSIP and VoIP 1 / 44. SIP and VoIP
What is SIP? What s a Control Channel? History of Signaling Channels Signaling and VoIP Complexity Basic SIP Architecture Simple SIP Calling Alice Calls Bob Firewalls and NATs SIP URIs Multiple Proxies
More informationNeither Snow Nor Rain Nor MITM... Real World Email Delivery Security
Neither Snow Nor Rain Nor MITM... Real World Email Delivery Security Zakir Durumeric University of Michigan How is your everyday email protected? Neither Snow Nor Rain Nor MITM... An Empirical Analysis
More informationNetwork Security. HIT Shimrit Tzur-David
Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key
More informationNetwork Security (2) CPSC 441 Department of Computer Science University of Calgary
Network Security (2) CPSC 441 Department of Computer Science University of Calgary 1 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate
More informationNetwork Services. Email SMTP, Internet Message Format. Johann Oberleitner SS 2006
Network Services Email SMTP, Internet Message Format Johann Oberleitner SS 2006 Agenda Email SMTP Internet Message Format Email Protocols SMTP Send emails POP3/IMAPv4 Read Emails Administrate mailboxes
More informationE-mail Best Practices
CMSGu2012-06 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius E-mail Best Practices National Computer Board Mauritius Version 1.0 June
More informationEmail: The Electronic Postcard. By Daniel Herren
Email: The Electronic Postcard By Daniel Herren 1 Table of Contents 1.0 Introduction.page 3 2.0 Internet Overview...page 3,4 3.0 Email vulnerabilities...page 5-7 3.1 Privacy..page 5 3.2 Authentication.page
More informationThe Case For Secure Email
The Case For Secure Email By Erik Kangas, PhD, President, Lux Scientiae, Incorporated http://luxsci.com Contents Section 1: Introduction Section 2: How Email Works Section 3: Security Threats to Your Email
More informationPOP3 Connector for Exchange - Configuration
Eclarsys PopGrabber POP3 Connector for Exchange - Configuration PopGrabber is an excellent replacement for the POP3 connector included in Windows SBS 2000 and 2003. It also works, of course, with Exchange
More informationTaxonomy of E-Mail Security Protocol
Taxonomy of E-Mail Security Protocol Ankur Dumka, Ravi Tomar, J.C.Patni, Abhineet Anand Assistant Professor, Centre for information Technology, University of Petroleum and Energy Studies,Dehradun, India
More informationSerial Deployment Quick Start Guide
PaperClip em 4 11/19/2007 Serial Deployment Quick Start Guide This checklist should be completed before installing the em4 Relay. Your answers with the associated screens will enable you to install and
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret
More informationElectronic mail security. MHS (Message Handling System)
Electronic mail security Diana Berbecaru < diana.berbecaru @ polito.it> Politecnico di Torino Dip. Automatica e Informatica MHS (Message Handling System) MS MS MUA MUA (Message Transfer ) MS (Message Store)
More informationE-Mail Security. Raj Jain. Washington University in St. Louis
E-Mail Security Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-07/
More informationSMTP Servers. Determine if an email message should be sent to another machine and automatically send it to that machine using SMTP.
SMTP Servers SMTP: Simple Mail Transfer Protocol (TCP Port 25) The Simple Mail Transfer Protocol (SMTP) is an Internet standard for transferring electronic mail between computers. UNIX systems implement
More informationSecurity in Communication Networks
Networks Prof. Dr. Otto Spaniol Dipl. Inform. Roland Büschkes Dipl. Inform. Christian Cseh Dipl.-Math. techn. Roland Stenzel General Information 2 / 33 Lecture course: Networks Principal lecturer: Prof.
More informationA Guide to Secure Email
White Paper A Guide to Secure Email ABOUT THIS WHITE PAPER AND TARGET AUDIENCE This document is a whitepaper discussing the concept of secure email and the way in which M86 Security enables secure email
More informationPrinciples of Network Security
he Network Security Model Bob and lice want to communicate securely. rudy (the adversary) has access to the channel. lice channel data, control s Bob Kai Shen data secure sender secure receiver data rudy
More informationEnvelope (SMTP) Journaling for Microsoft Exchange 2007 and 2010
Barracuda Message Archiver Organizations using Microsoft Exchange 2007 or 2010 can take advantage of its envelope journaling feature to send all messages along with all recipient information directly to
More informationSession Initiation Protocol Security Considerations
Session Initiation Protocol Security Considerations Sami Knuutinen Helsinki University of Technology Department of Computer Science and Engineering May 28, 2003 Abstract Session Initiation Protocol (SIP)
More informationMail system components. Electronic Mail MRA MUA MSA MAA. David Byers
Electronic Mail PRINCIPLES DNS ARCHITECTURES SPAM Mail system components () () David Byers MRA davby@ida.liu.se IDA/ADIT/IISLAB Mail User Agent Reads and writes e-mail Writes e-mail to using (usually)
More informationHow to Build an Effective Mail Server Defense
How to Build an Effective Mail Server Defense A multi-stage approach to securing your email communication August, 21 2006 Author: Alin Dobre, Head of Customer Support, AXIGEN GECAD Technologies 10A Dimitrie
More informationSetting up Microsoft Office 365
Setup Guide Revision F Using McAfee SaaS Email Protection to Secure Exchange Online in Microsoft Office 365 Setting up Microsoft Office 365 Use this guide to configure Microsoft Office 365 and Microsoft
More informationSetting up Microsoft Office 365
Integration Guide Revision G McAfee SaaS Email Protection Securing Exchange Online in Microsoft Office 365 Setting up Microsoft Office 365 Use this guide to configure Microsoft Office 365 and Microsoft
More informationIntegrating Encryption Techniques with Off-theshelf Email Systems*
Integrating Encryption Techniques with Off-theshelf Email Systems* Himanshu Khurana NCSA, University of Illinois University of Washington, Seattle, March 9 2007 * Joint work with Jim Basney, Rakesh Bobba,
More informationTREND MICRO. InterScan VirusWall 6. SMTP Configuration Guide. Integrated virus and spam protection for your Internet gateway.
TM TREND MICRO TM TM InterScan VirusWall 6 Integrated virus and spam protection for your Internet gateway for Linux TM SMTP Configuration Guide Trend Micro Incorporated reserves the right to make changes
More informationInstalling your Digital Certificate & Using on MS Out Look 2007.
Installing your Digital Certificate & Using on MS Out Look 2007. Note: This technical paper is only to guide you the steps to follow on how to configure and use digital signatures. Therefore Certificate
More informationEnvelope (SMTP) Journaling for Microsoft Exchange 2007 and 2010
Barracuda Message Archiver Organizations using Microsoft Exchange 2007 or 2010 can take advantage of its envelope journaling feature to send all messages along with all recipient information directly to
More informationVesselin Tzvetkov, Holger Zuleger {vesselin.tzvetkov, holger.zuleger}@arcor.net Arcor AG&Co KG, Alfred-Herrhausen-Allee 1, 65760 Eschborn, Germany
Service Provider implementation of SIP regarding security Vesselin Tzvetkov, Holger Zuleger {vesselin.tzvetkov, holger.zuleger}@arcor.net Arcor AG&Co KG, Alfred-Herrhausen-Allee 1, 65760 Eschborn, Germany
More informationNetworks. Connecting Computers. Measures for connection speed. Ethernet. Collision detection. Ethernet protocol
Connecting Computers Networks Computers use networks to communicate like people use telephones or the postal service Requires either some sort of cable point-to-point links connect exactly 2 computers
More informationEarly 1990s Steve Case and AOL
Chapter 4 Email Brief History of Email 1960s Messages sent without email addresses Late 1960s Tomlinson and @ symbol 1970s improvements to email 1980 s Compuserve and MCI Mail mail to the public Early
More informationSECURE MESSAGING ADVANCES IN
HACK.LU - @FREDERICJACOBS ADVANCES IN SECURE MESSAGING This is an annotated version of my hack.lu (October 2015) slides. This presentation is targeted at hackers and security researchers. This is NOT a
More informationHow To Protect Your Data From Attack
Security in Communication Networks Lehrstuhl für Informatik 4 RWTH Aachen Prof. Dr. Otto Spaniol Dr. rer. nat. Dirk Thißen Page 1 Organization Lehrstuhl für Informatik 4 Lecture Lecture takes place on
More informationT.38 fax transmission over Internet Security FAQ
August 17, 2011 T.38 fax transmission over Internet Security FAQ Give me a rundown on the basics of T.38 Fax over IP security. Real time faxing using T.38 SIP trunks is just as secure as sending faxes
More informationProject 4: IP over DNS Due: 11:59 PM, Dec 14, 2015
CS168 Computer Networks Jannotti Project 4: IP over DNS Due: 11:59 PM, Dec 14, 2015 Contents 1 Introduction 1 2 Components 1 2.1 Creating the tunnel..................................... 2 2.2 Using the
More informationLecture 10: 1. Secure E mail E systems. Systems. Page 1
1 2 Prof. Sead Matei Ciobanu Morogan Abdul Ghafoor Abbasi Lecture 10: Secure E-mailE Lecture 10 : Secure E mail E Subjects / opics : 1. Secure E mail E systems 2. Secure, rusted, Authorized and eliable
More informationNetworks & Security Course. Web of Trust and Network Forensics
Networks & Security Course Web of Trust and Network Forensics Virtual Machine Virtual Machine Internet connection You need to connect the VM to the Internet for some of the Web of Trust exercises. Make
More informationINTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli 4-25-2002
INTERNET SECURITY: FIREWALLS AND BEYOND Mehernosh H. Amroli 4-25-2002 Preview History of Internet Firewall Technology Internet Layer Security Transport Layer Security Application Layer Security Before
More informationSecurity: Focus of Control. Authentication
Security: Focus of Control Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized
More informationGovernment of Canada Managed Security Service (GCMSS) Annex A-5: Statement of Work - Antispam
Government of Canada Managed Security Service (GCMSS) Date: June 8, 2012 TABLE OF CONTENTS 1 ANTISPAM... 1 1.1 QUALITY OF SERVICE...1 1.2 DETECTION AND RESPONSE...1 1.3 MESSAGE HANDLING...2 1.4 CONFIGURATION...2
More informationCS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure Email
CS 393 Network Security Nasir Memon Polytechnic University Module 11 Secure Email Course Logistics HW 5 due Thursday Graded exams returned and discussed. Read Chapter 5 of text 4/2/02 Module 11 - Secure
More informationOverview of VoIP Systems
2 Overview of VoIP Systems In their simplest form, Voice over IP protocols simply enable two (or more) devices to transmit and receive real-time audio traffic that allows their respective users to communicate.
More informationCOSC 472 Network Security
COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html
More informationIntroduction to Cryptography
Introduction to Cryptography Part 3: real world applications Jean-Sébastien Coron January 2007 Public-key encryption BOB ALICE Insecure M E C C D channel M Alice s public-key Alice s private-key Authentication
More informationSpam, Spam and More Spam. Spammers: Cost to send
Spam, Spam and More Spam cs5480/cs6480 Matthew J. Probst *with some slides/graphics adapted from J.F Kurose and K.W. Ross Spammers: Cost to send Assuming a $10/mo dialup account: 13.4 million messages
More informationForging Digital Signatures
Forging Digital Signatures Albert Levi Sabanci University Istanbul, TURKEY levi@sabanciuniv.edu ACSAC 2002 Outline What s a digital signature? How S/MIME handles digital signatures? How to obtain a certificate
More informationSIP Security. ENUM-Tag am 28. September in Frankfurt. Prof. Dr. Andreas Steffen. Agenda. andreas.steffen@zhwin.ch
ENUM-Tag am 28. September in Frankfurt SIP Security Prof. Dr. Andreas Steffen andreas.steffen@zhwin.ch Andreas Steffen, 28.09.2004, ENUM_SIP.ppt 1 Agenda SIP The Session Initiation Protocol Securing the
More informationLEAP Encryption Access Project. Αλέξανδρος Αφεντούλης
LEAP Encryption Access Project Αλέξανδρος Αφεντούλης The state of the internet Quite dystopic at the moment Mass surveillance as a status quo, states' and corporal spying on netizens Censorship, access
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationChapter 7: Network security
Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport
More informationA Noval Approach for S/MIME
Volume 1, Issue 7, December 2013 International Journal of Advance Research in Computer Science and Management Studies Research Paper Available online at: www.ijarcsms.com A Noval Approach for S/MIME K.Suganya
More informationNokia for Business. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation
Nokia for Business Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation Nokia E50 Legal Notice Copyright Nokia 2006. All rights reserved. Reproduction, transfer, distribution
More informationI. Configuring Digital signature certificate in Microsoft Outlook 2003:
I. Configuring Digital signature certificate in Microsoft Outlook 2003: In order to configure Outlook 2003 to use the new message security settings please follow these steps: 1. Open Outlook. 2. Go to
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationCelframe - Easy Linux - Lesson 8 - Email Server
- Easy Linux - Lesson 8 - Email Server October 2007 Contents 1 Summary 2 2 Theoretical presentation 2 2.1 Introduction............................... 2 2.2 SMTP................................... 2 2.3
More informationSIP, Session Initiation Protocol used in VoIP
SIP, Session Initiation Protocol used in VoIP Page 1 of 9 Secure Computer Systems IDT658, HT2005 Karin Tybring Petra Wahlund Zhu Yunyun Table of Contents SIP, Session Initiation Protocol...1 used in VoIP...1
More informationRemote ESL Email On A Mac With OS-X Using SSH Tunneling & Port Forwarding
Remote ESL Email On A Mac With OS-X Using SSH Tunneling & Port Forwarding Excerpted from: http://adrianhoe.com/2006/10/22/secure-wireless-email-on-mac-os-x Wireless hotspots have blossomed in recent years
More informationApplication Security: Threats and Architecture
Application Security: Threats and Architecture Steven M. Bellovin smb@cs.columbia.edu http://www.cs.columbia.edu/ smb Steven M. Bellovin August 4, 2005 1 We re from the Security Area, and We re Here to
More informationNumber of relevant issues
Electronic signature Lecture 8 Number of relevant issues cryptography itself algorithms for signing documents key management generating keys, distribution, key revocation security policy certificates may
More informationHow to generate SSL certificates for use with a KVM box & XViewer with XCA v0.9.3
How to generate SSL certificates for use with a KVM box & XViewer with XCA v0.9.3 Written by Michael Lackner aka Grand Admiral Thrawn http://wp.xin.at/the-xviewer-project irc://www.xin.at:6666 #guests
More informationWhite paper. Why Encrypt? Securing email without compromising communications
White paper Why Encrypt? Securing email without compromising communications Why Encrypt? There s an old saying that a ship is safe in the harbour, but that s not what ships are for. The same can be said
More informationEmail Management and Security Good Practice Guide. August 2009
Email Management and Security Good Practice Guide August 2009 contents 1 Introduction to Good Practice Guides 3 2 Email Management and Security Overview 3 2.1 Understanding Good and Better Practice 4 3
More information2- Electronic Mail (SMTP), File Transfer (FTP), & Remote Logging (TELNET)
2- Electronic Mail (SMTP), File Transfer (FTP), & Remote Logging (TELNET) There are three popular applications for exchanging information. Electronic mail exchanges information between people and file
More informationAS2 Disaster Recovery Implementation Guide Issue 1, Approved, 18-Nov-2010
AS2 Disaster Recovery Implementation Guide Issue 1, Approved, 18-Nov-2010 18-Nov-2010, Issue 1 All contents copyright GS1 Page 1 of 19 Document Summary Document Item Document Title Date Last Modified Current
More informationPGP Universal Satellite Version 2.7 for Windows Release Notes
PGP Universal Satellite Version 2.7 for Windows Release Notes Thank you for using this PGP Corporation product. These Release Notes contain important information regarding this release of PGP Universal
More informationQMAIL & SMTP: A Secure Application for an Unsecure Protocol. Orr Dunkelman. orrd@vipe.technion.ac.il. January 27, 2004 SMTP and QMAIL Slide 1
QMAIL & SMTP: A Secure Application for an Unsecure Protocol Orr Dunkelman January 27, 2004 SMTP and QMAIL Slide 1 SMTP, MUA and MTA Speak English Whenever we deal with protocols we (=Internet geeks) like
More information