Voltage's Encrypted
|
|
- Myles Hicks
- 8 years ago
- Views:
Transcription
1 Voltage's Encrypted October Report #471 Ferris Research Product Brief Sponsored by Ferris Research, Inc. 408 Columbus Ave., Suite 1 San Francisco, Calif , USA Phone: +1 (415) Fax: +1 (415)
2 Introduction Voltage offers innovative cryptographic products. More specifically, they provide server software and client plug-ins that support the encryption and decryption of: Messages Stored Files Instant Messages. In this report, we will focus on the encryption and decryption of messages. Customers include Dynamic Mutual Funds, Electric Insurance, UC Irvine Medical Center, Waterfield Mortgage, XL Capital. A Brief History of Cryptography Symmetric Key Cryptography Soon after the invention of writing, correspondents sought ways to keep their communications private. They did this by employing a secret key to encrypt, and thus mask the contents of, a message prior to transmission, and that same secret key to decrypt, and thus reveal the contents of, a message upon receipt. Because the same key is employed to encrypt and decrypt a message, this form of cryptography is referred to as symmetric, or shared, key cryptography. While methods employed to encrypt and decrypt a message using symmetric keys have become progressively more unbreakable over time, the fundamentals remained the same. Both a sender and a recipient needed to know the same secret key, and they needed to keep it secret keep it from either being physically compromised (stolen, captured, etc), or reconstructed through the analysis of encrypted messages. Asymmetric Key Cryptography In the 1970s, a method was discovered in which two separate (asymmetric) keys could be employed one (a public key) to encrypt, and mask the contents of, a message, and a second (a private key) to decrypt it. This was a major breakthrough, as the key employed to encrypt a message no longer had to be kept secret. It could be openly communicated. Asymmetric key cryptography also provided an additional new capability. It supported cryptographic signature. A message encrypted with a private key, could only be decrypted with its corresponding public key. This provided a means by which a recipient of a message could cryptographically establish that its sender was who s/he claimed to be, or at least possessed the private key used to sign the message. 2 Visit us at for market intelligence on messaging and collaboration technologies.
3 Unfortunately, while public key cryptography offered a significant breakthrough, things were not quite as perfect as they first appeared. There were three major problems: 1. Asymmetric keys were too long (16-32 times longer than equivalently secure symmetric keys) to be employed efficiently to directly encrypt & decrypt long messages. 2. A means was needed to establish that a public key, and therefore, by implication its corresponding private key, really belonged to one s intended correspondent and not to someone else. 3. A means was needed to signal that a public key should no longer be employed, because its corresponding private key had been compromised (been captured, stolen, reconstructed, etc.). Dealing with the first of these problems required the development of a hybrid approach to encryption a message is rapidly encrypted using a per-message symmetric key, and then this per-message symmetric key is encrypted for each recipient using their public key. Similarly, cryptographically signing is performed efficiently by rapidly compressing a message into a short digest (or hashed) form, and then encrypting this digest with the sender s private key. Dealing with the latter two problems required the establishment of a Public Key Infrastructure (PKI). A PKI provides a means of certifying that a public key belongs to a named entity, and a means of decertifying a previously certified public key. It is deploying, and then interacting with, a PKI that has proved the Achilles heel of most asymmetric key cryptography schemes. Before employing a public key to encrypt a message or verify a cryptographic signature, a user has to a) acquire a certified public key for their correspondent, b) verify that the certification is valid, and c) verify that the certification, though valid, hasn t been subsequently revoked. This has proved too heavy weight for all but the most pressing cryptographic requirements. Identity-Based Cryptography Recently, an alternative form of asymmetric key cryptography has been invented. It is called identity-based cryptography (IBC), because it enables a public key to be dynamically generated, by cryptographically combining a correspondent s identity (for example, his or her address) with a shared public key seed. When employing IBC, a PKI is still required to generate private keys, and a public key seed, but one is no longer required to generate, certify, de-certify and store individual public keys. Somewhat surprisingly, nor is a PKI required to certify or de-certify a public key seed. This is because another approach is now possible the generation of short-lived public key seeds and corresponding private keys. Using such an approach, an encrypting system merely has to acquire a new public key seed from a PKI, each time a prior public key seed lapses, and a decrypting system has to acquire a new private key from Visit us at for market intelligence on messaging and collaboration technologies. 3
4 a PKI each time it encounters a public key generated with a new public key seed. It is up to the operator of an IBC based PKI to determine the validity period of a public key seed, and therefore, how rapidly or slowly it should lapse. Voltage Encrypted Voltage Software Voltage has implemented a set of software products that allow organizations to employ identity-based cryptography (IBC) to encrypt and decrypt messages. These take the form of: A Voltage SecurePolicy Suite. This is a set of web (HTTP) accessible Voltage servers that can be hosted on a single shared, or on multiple distinct, computer systems, and which provide: o An enrollment service, which authenticates a user using organizationally specified credentials such as a name and password. o A key service, that issues private keys, and public key seeds and associated information. Voltage refers to public key seeds and this associated information as public key parameters. o A management service, that controls enrollment, specifies the interval over which public key seeds remain valid, and enables/disables a user s rights to acquire a private key, etc. o A decryption service, for recipients that cannot or have not installed a decryption plug-in (see below). client plug-ins, currently available for IBM Lotus Notes, Microsoft Outlook and Microsoft Outlook Express. These support both the encrypting and decrypting of messages by individual users. server connection software, currently available for Sendmail (employing the milter APIs). This supports both the encrypting of messages on exit from an organization, and/or the decrypting of messages on entry to an organization, based on policy. A Windows plug-in that supports the decrypting of Voltage encrypted message attachments in the absence of an client plug-in. Voltage Encrypted A Voltage encrypted message consists of a cover message with an HTML attachment containing the encrypted message. The cover message contains: Text indicating that the original message has been encrypted. An URL from which Voltage plug-ins can be downloaded. 4 Visit us at for market intelligence on messaging and collaboration technologies.
5 A block of encrypted and encoded (base64) data that is used by a Voltage plug-in for various purposes, without first having to access the HTML attachment. The HTML attachment has been very cunningly constructed. It consists of HTML text, that issues an HTTP POST command, that automatically transfers the encrypted message embedded in the HTML to a specified Voltage web-based decryption service (see preceding section). If the receiving user has a Voltage client plug-in installed, then all of the above will be opaque to them, and the plug-in will decrypt the encrypted message behind the scenes, and display the decrypted message as if it had never been encrypted. This of course assumes that the plug-in has access to an appropriate private key, either on-line or locally cached. If the receiving user does not have a Voltage client plug-in installed, they will need to manually open the HTML attachment. In almost all clients, this will cause a browser to be launched with the HTML attachment as input. If the user has a Voltage Windows plug-in installed, it will intercept all browser launches, and examine the provided input for embedded Voltage encrypted . If one is found, the Windows plug-in will extract and decrypted the encrypted message and then pass it as input to the browser for immediate display. Again, this assumes that the plug-in has access to an appropriate private key, either on-line or locally cached. If the receiving user does not have either an client, or a Windows, plug-in installed, a browser will be launched with the HTML attachment as input. This will in turn automatically HTTP POST the Voltage encrypted message to a Voltage web-based decryption service. After suitable credentials (a name and password, or a previously provided cookie) are presented and validated, the Voltage web-based decryption service will return the decrypted message as an HTML page for display by the browser. Deployment Options An organization can deploy Voltage secure software to satisfy a number of different objectives. 1. To encrypt and decrypt flowing between internal senders or systems and internal recipients, over an internal system. 2. To encrypt and decrypt flowing between internal senders or systems and recipients at business partners, and between senders at business partners and internal recipients, over the public Internet. 3. To encrypt and decrypt flowing between internal senders or systems and consumers, over the public Internet. Visit us at for market intelligence on messaging and collaboration technologies. 5
6 Encrypting Internal To encrypt internal , an organization will need to install an internal Voltage SecurePolicy Suite, and plug-ins in their user s clients. For users that employ IBM Lotus Notes, Microsoft Outlook, or Microsoft Outlook Express, this will be an client-specific plugin, which provides support for both encrypting and decrypting . For users that employ another, or web based, client, this will be a Windows plug-in, which only provides support for decrypting . Encrypting Business Partner The approach adopted will depend upon whether a business partner has deployed a parallel Voltage infrastructure or not. If they have not, then business partner based recipients will be treated as if they were consumers (see below). If they have, then the two organizations can also opt to federate their Voltage infrastructures. If and when they do so, then the key servers in each organization will serve as a source of public key parameters for both organizations. In either case, there are then two points at which encryption and/or decryption can be performed. In client plug-ins, previously deployed to encrypt and/or decrypt internal , or In server plug-ins, deployed to encrypt and/or decrypt as it exits or enters an organization s internal network. Depending upon the approach adopted by each organization, can then be: Encrypted end-to-end encrypted by a sending client and decrypted by a receiving client. Encrypted gateway-to-end encrypted by a sending organization s server and decrypted by a receiving client. Encrypted end-to-gateway encrypted by a sending client and decrypted by a receiving organization s server. Encrypted gateway-to-gateway encrypted by a sending organization s server and decrypted by a receiving organization s server. In all four cases, a sending client or server plug-ins will select which public key parameters it requires to encrypt a message, based upon the Internet domain to which each recipient belongs. These will either have been previously sourced and cached, or will need to be sourced from its own organization s Voltage key server (in the federated case), or from the business partner s Voltage key server (in the non-federated case). This requires that each business partners Voltage enrollment and key servers are accessible to a sender. In addition, when message are decrypted in an inbound server, this server will need access to the 6 Visit us at for market intelligence on messaging and collaboration technologies.
7 recipient s private key, on whose behalf they are decrypting an inbound message. Encrypting Consumer An Organization that wishes to encrypt destined for consumers, or for business partner based recipients that lack a suitable Voltage infrastructure, must treat those recipients as belonging to its own Voltage security domain. Stated another way, these messages must be encrypted using a public key generated from a recipient s address in combination with a sending organization s Voltage public key parameters. This differs from the business partner case described in the preceding section, in which a public key is generated from a recipient s address in combination with the receiving organization s Voltage public key parameters. As in the business partner case described in the preceding section, encryption can also be performed in a sending client or in an server. In order to decrypt such a message, a receiving consumer has a number of options. Install an client Voltage plug-in. Install a Windows Voltage plug-in. Employ the sender s web-based decryption service These have already been described in some detail above (see Voltage Encrypted ). If a consumer wishes to send encrypted back to the sending organization, then they will have to install an client Voltage plug-in. Summary Voltage is producing software that exploits identity-based cryptography to radically simplify the deployment of an encryption and decryption infrastructure. This has three impacts: It is now much easier, and thus much more possible, for users and systems to encrypt and decrypt internal messages for example, salary advice notices and other forms of communication that need to be kept private. It is now much easier, and thus much more possible, for an organization to encrypt and decrypt messages flowing to, and received from, business partners. It is now much easier, and thus much more possible, for an organization to encrypt messages flowing to consumers, and for consumers to easily decrypt these messages upon receipt. Visit us at for market intelligence on messaging and collaboration technologies. 7
8 Cost The software for end-to-end encryption Voltage Secur costs $62,500 for the server plus $50 per user. The software for policybased encryption Voltage IBE Gateway costs $55,000 per server plus $25 per user for every user protected from compliance violations. There is an additional cost for modules that secure BlackBerry messaging. Contact For more information, please visit or call Research Note Sponsored by Voltage Voltage commissioned this document with full distribution rights. You may copy or freely reproduce this document provided you disclose authorship and sponsorship and include this notice. Ferris Research independently conducted all research for this document, retaining full editorial control. 8 Visit us at for market intelligence on messaging and collaboration technologies.
9 Ferris Research Ferris Research is a market research firm specializing in messaging and collaborative technologies. We provide business, market, and technical intelligence to vendors and corporate IT managers worldwide with analysts located in North America, Europe, and Asia/Pacific. To help clients track the technology and spot important developments, Ferris publishes reports, white papers, bulletins, and a news wire; organizes conferences and surveys; and provides customized consulting. In business since 1991, we enjoy an international reputation as the leading firm in our field, and have by far the largest and most experienced research team covering messaging and collaboration. Ferris Research is located at 408 Columbus Ave., Suite 1, San Francisco, Calif , USA. For more information, visit or call +1 (415) The Ferris Research User Panel The User Panel consists of IT professionals who work with messaging and collaborative technologies, providing services to their organizations users. People join to share experiences with other people like themselves, learn from each other, and keep current on news and trends. If you provide technical support for an system, and you are not a member of the User Panel, you can join and learn more about the User Panel at There is no charge to join. Visit us at for market intelligence on messaging and collaboration technologies. 9
10 Recent Reports From Ferris Research Gwava and GroupWise Security The OEM Market for Anti-Spam Solutions Spam: Corporate Practices and Priorities in Records Management Survey: Guidelines, Technologies, and Trends New Trends in Spam The Impact of CAN-SPAM on Legitimate Direct Marketers Upgrading From Exchange 5.5 to 2003: A Financial Case Study Bonded Sender: A Program for Legitimate ers Spim: Spam Over Instant Messaging Gmail: Google s Entry Into the Webmail Market Microsoft Tech-Ed 2004: A Messaging Perspective The Cost of Migrating From Exchange 5.5 to Exchange 2003 Exchange Server Reliability Electronic Privacy and Security Regulations A Survey of Exchange Installations: Key Statistics CIO Messaging Concerns and Priorities Recent Innovations in Macintosh Collaboration FrontBridge TrueProtect Boundary Security Service Cloudmark s Spam Immune System : Fighting Spam With Genetic Algorithms The State of Denial-of-Service Attacks Instant Messaging: Current Status, Key Trends How Not To Be a Spammer Updates The Growing Threat of Questionable Patents Bayesian Filters for Spam Control Another Alternative to Exchange Servers at Branch Sites Lotusphere 2004 TCP/IP Bandwidth Shaping as an Anti-Spam Measure URL-Based Spam Filtering Reputation and Spam Control Are Spam Laws Working? Microsoft s Caller ID for Proposal LinuxWorld NY 2004: A Messaging Perspective Update on IBM/Lotus Workplace TotalBlock: New Challenge/Response Anti-Spam Technology Microsoft Exchange Edge Services Exchange 5.5 Migrations: Issues and Best Practices How Not To Be Seen as a Spammer
The OEM Market for Anti-Spam Solutions
The OEM Market for Anti-Spam Solutions Ferris Research Product Brief Sponsored by Ferris Research 408 Columbus Ave., Suite 1 San Francisco, Calif. 94133, USA Phone: +1 (415) 986-1414 Fax: +1 (415) 986-5994
More informationThe Total Cost of Ownership for Voltage Identity-Based Encryption Solutions
The Total Cost of Ownership for Voltage Identity-Based Encryption Solutions A White Paper by Ferris Research May 2006. Report #586 Commissioned by Voltage Security Ferris Research, Inc. 408 Columbus Ave.,
More informationAPWG. (n.d.). Unifying the global response to cybecrime. Retrieved from http://www.antiphishing.org/
DB1 Phishing attacks, usually implemented through HTML enabled e-mails, are becoming more common and more sophisticated. As a network manager, how would you go about protecting your users from a phishing
More informationUsing Voltage SecureMail
Using Voltage SecureMail Using Voltage SecureMail Desktop Based on the breakthrough Identity-Based Encryption technology, Voltage SecureMail makes sending a secure email as easy as sending it without encryption.
More informationSecuring your Online Data Transfer with SSL
Securing your Online Data Transfer with SSL A GUIDE TO UNDERSTANDING SSL CERTIFICATES, how they operate and their application 1. Overview 2. What is SSL? 3. How to tell if a Website is Secure 4. What does
More informationOverview of CSS SSL. SSL Cryptography Overview CHAPTER
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers
More informationSecuring your Online Data Transfer with SSL A GUIDE TO UNDERSTANDING SSL CERTIFICATES, how they operate and their application INDEX 1. Overview 2. What is SSL? 3. How to tell if a Website is Secure 4.
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure
More informationSecure Email Inside the Corporate Network: INDEX 1 INTRODUCTION 2. Encryption at the Internal Desktop 2 CURRENT TECHNIQUES FOR DESKTOP ENCRYPTION 3
A Tumbleweed Whitepaper Secure Email Inside the Corporate Network: Providing Encryption at the Internal Desktop INDEX INDEX 1 INTRODUCTION 2 Encryption at the Internal Desktop 2 CURRENT TECHNIQUES FOR
More informationTrend Micro Email Encryption (TMEE) Delivering Secure Email. Veli-Pekka Kusmin Pre-Sales Engineer
Trend Micro Email Encryption (TMEE) Delivering Secure Email Veli-Pekka Kusmin Pre-Sales Engineer Trend Micro Baltics & Finland October 2009 Example #1 True or false: Email is inherently insecure. Answer:
More informationEntrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0
Entrust Managed Services PKI Getting started with digital certificates and Entrust Managed Services PKI Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust
More informationSecure Email Frequently Asked Questions
Secure Email Frequently Asked Questions Frequently Asked Questions Contents General Secure Email Questions and Answers Forced TLS Questions and Answers SecureMail Questions and Answers Glossary Support
More informationIntroduction to Cryptography
Introduction to Cryptography Part 3: real world applications Jean-Sébastien Coron January 2007 Public-key encryption BOB ALICE Insecure M E C C D channel M Alice s public-key Alice s private-key Authentication
More informationSecuring your Microsoft Internet Information Services (MS IIS) Web Server with a thawte Digital Certificate thawte thawte thawte thawte thawte 10.
Securing your Microsoft Internet Information Services (MS IIS) Web Server with a thawte Digital Certificate A STEP-BY-STEP GUIDE to test, install and use a thawte Digital Certificate on your MS IIS Web
More informationW H I T E PA P E R. Providing Encryption at the Internal Desktop
W H I T E PA P E R Secure Email Inside the Corporate Network: Providing Encryption at the Internal Desktop Table of Contents Introduction 2 Encryption at the Internal Desktop 2 Current Techniques for Desktop
More informationImplementing Transparent Security for Desktop Encryption Users
Implementing Transparent Security for Desktop Encryption Users Solutions to automate email encryption with external parties Get this White Paper Entrust Inc. All All Rights Reserved. 1 1 Contents Introduction...
More informationConsolidated Email Hygiene and Encryption Service E-Hub. Slide 1
Consolidated Email Hygiene and Encryption Service E-Hub Slide 1 Agenda E-Hub Service Overview E-Hub Benefits & Features E-Hub Rates and Implementation Microsoft FOPE Hygiene Overview Demo Microsoft FOPE
More informationCIPHERMAIL EMAIL ENCRYPTION. CipherMail white paper
CIPHERMAIL EMAIL ENCRYPTION CipherMail white paper Copyright 2009-2014, ciphermail.com. Introduction Most email is sent as plain text. This means that anyone who can intercept email messages, either in
More informationGT 6.0 GSI C Security: Key Concepts
GT 6.0 GSI C Security: Key Concepts GT 6.0 GSI C Security: Key Concepts Overview GSI uses public key cryptography (also known as asymmetric cryptography) as the basis for its functionality. Many of the
More informationSecure Email User Guide
Secure Email User Guide Contents Secure email at HSBC. 2 About SecureMail... 2 Receiving a secure email sent via SecureMail 3 Opening a secure email sent via SecureMail... 4 Resetting your SecureMail password..
More informationDJIGZO EMAIL ENCRYPTION. Djigzo white paper
DJIGZO EMAIL ENCRYPTION Djigzo white paper Copyright 2009-2011, djigzo.com. Introduction Most email is sent as plain text. This means that anyone who can intercept email messages, either in transit or
More informationDjigzo email encryption. Djigzo white paper
Djigzo email encryption Djigzo white paper Copyright 2009-2011, djigzo.com. Introduction Most email is sent as plain text. This means that anyone who can intercept email messages, either in transit or
More informationEnterprise Requirements for Anti-Spam Solutions
Enterprise Requirements for Anti-Spam Solutions A Ferris Research White Paper September 2003. Report #390 Sponsored by Ferris Research 408 Columbus Ave., Suite 1 San Francisco, Calif. 94133, USA Phone:
More informationConnected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)
Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.
More informationSecurity Digital Certificate Manager
System i Security Digital Certificate Manager Version 5 Release 4 System i Security Digital Certificate Manager Version 5 Release 4 Note Before using this information and the product it supports, be sure
More informationE-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications
Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html
More informationEmail Security - The IBE Advantage
Email Security - The IBE Advantage Overcoming the hurdles of PKI, Symmetric and Web-based Messaging Voltage Security, Inc. July 2004 Copyright 2004 Voltage Security, Inc. All rights reserved. All information
More informationFTA Computer Security Workshop. Secure Email
FTA Computer Security Workshop Secure Email March 8, 2007 Stan Wiechert, KDOR IS Security Officer Outline of Presentation The Risks associated with Email Business Constraints Secure Email Features Some
More informationFeature and Technical
BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 4 Feature and Technical Overview Published: 2013-11-07 SWD-20131107160132924 Contents 1 Document revision history...6 2 What's
More informationHow To Secure Mail Delivery
FortiMail Identity Based Encryption A Business Enabler WHITE PAPER FORTINET FortiMail Identity Based Encryption - A Business Enabler PAGE 2 Contents Business Need Secure Mail Delivery... 3 Challenges with
More informationGlob@lCerts. HIPAA: Briefing for Healthcare IT Security Personnel. Market Overview: HIPAA: Privacy Security and Electronic Transaction Standards
Glob@lCerts Market Overview: HIPAA: Briefing for Healthcare IT Security Personnel HIPAA: Privacy Security and Electronic Transaction Standards Introduction: The HIPAA (Healthcare Insurance Portability
More informationUnderstanding and Integrating KODAK Picture Authentication Cameras
Understanding and Integrating KODAK Picture Authentication Cameras Introduction Anyone familiar with imaging software such as ADOBE PHOTOSHOP can appreciate how easy it is manipulate digital still images.
More informationSecurity Digital Certificate Manager
IBM i Security Digital Certificate Manager 7.1 IBM i Security Digital Certificate Manager 7.1 Note Before using this information and the product it supports, be sure to read the information in Notices,
More informationBlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note
BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise
More informationELECTRONIC COMMERCE OBJECTIVE QUESTIONS
MODULE 13 ELECTRONIC COMMERCE OBJECTIVE QUESTIONS There are 4 alternative answers to each question. One of them is correct. Pick the correct answer. Do not guess. A key is given at the end of the module
More informationSecurity Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0
Security Guide BlackBerry Enterprise Service 12 for ios, Android, and Windows Phone Version 12.0 Published: 2015-02-06 SWD-20150206130210406 Contents About this guide... 6 What is BES12?... 7 Key features
More informationRethinking Email Encryption: Eight Best Practices for Success
WHITE PAPER Rethinking Email Encryption: Eight Best Practices for Success Executive Summary Email continues to play a fundamental role in an organization s communications and day to day business and represents
More informationWhy should I get someone else to send my email campaign when my CRM/IT Team/web host/can do it?
Why should I get someone else to send my email campaign when my CRM/IT Team/web host/can do it? The most important reason to outsource the delivery of your email campaign is often not what people consider
More informationSecureMail User Guide
SecureMail User Guide Contents Secure email at HSBC. 2 About SecureMail... 2 Receiving a secure email sent via SecureMail 3 Opening a secure email sent via SecureMail... 4 Using SecureMail to reply to
More informationHP ProtectTools Embedded Security Guide
HP ProtectTools Embedded Security Guide Document Part Number: 364876-001 May 2004 This guide provides instructions for using the software that allows you to configure settings for the HP ProtectTools Embedded
More informationUsing etoken for SSL Web Authentication. SSL V3.0 Overview
Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents
More informationThe Case For Secure Email
The Case For Secure Email By Erik Kangas, PhD, President, Lux Scientiae, Incorporated http://luxsci.com Contents Section 1: Introduction Section 2: How Email Works Section 3: Security Threats to Your Email
More informationWebmail Using the Hush Encryption Engine
Webmail Using the Hush Encryption Engine Introduction...2 Terms in this Document...2 Requirements...3 Architecture...3 Authentication...4 The Role of the Session...4 Steps...5 Private Key Retrieval...5
More informationEmail Security - The IBE Architectural Advantage Overcoming the challenges of Symmetric and PKI-based Messaging
Email Security - The IBE Architectural Advantage Overcoming the challenges of Symmetric and PKI-based Messaging Copyright 2006 Voltage Security, Inc. - 0 - CONTENTS Introduction... 2 Shortcomings of Existing
More informationClient Server Registration Protocol
Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are
More informationSecure email in times of rising mobile communication
White paper Secure email in times of rising mobile communication Applied cryptography: Certificates, Gateways and End-to-End Encryption White paper Secure email in times of rising mobile communication
More informationCyber Warnings E-Magazine August 2015 Edition Copyright Cyber Defense Magazine, All rights reserved worldwide
1 Cyber Warnings E-Magazine August 2015 Edition End-to-End Encryption for Emails. An Organizational Approach by Dr Burkhard Wiegel, Founder and CEO, Zertificon Solutions The threat to electronic enterprise
More informationPublic Key Infrastructure (PKI)
Public Key Infrastructure (PKI) In this video you will learn the quite a bit about Public Key Infrastructure and how it is used to authenticate clients and servers. The purpose of Public Key Infrastructure
More informationUsing etoken for Securing E-mails Using Outlook and Outlook Express
Using etoken for Securing E-mails Using Outlook and Outlook Express Lesson 15 April 2004 etoken Certification Course Securing Email Using Certificates Unprotected emails can be easily read and/or altered
More informationCornerstones of Security
Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to
More informationCiphire Mail. Abstract
Ciphire Mail Technical Introduction Abstract Ciphire Mail is cryptographic software providing email encryption and digital signatures. The Ciphire Mail client resides on the user's computer between the
More informationSkoot Secure File Transfer
Page 1 Skoot Secure File Transfer Sharing information has become fundamental to organizational success. And as the value of that information whether expressed as mission critical or in monetary terms increases,
More informationGlobalSign Enterprise Solutions
GlobalSign Enterprise Solutions Secure Email & Key Recovery Using GlobalSign s Auto Enrollment Gateway (AEG) 1 v.1.2 Table of Contents Table of Contents... 2 Introduction... 3 The Benefits of Secure Email...
More informationRethinking Email Encryption: Eight Best Practices for Success
White paper Rethinking Email Encryption: Eight Best Practices for Success HP Security Voltage Table of contents 3 3 4 5 5 6 7 7 8 9 9 10 Executive Summary Introduction: Growing Email Usage and Continued
More informationSecurity & Privacy on the WWW. Topic Outline. Information Security. Briefing for CS4173
Security & Privacy on the WWW Briefing for CS4173 Topic Outline 1. Information Security Relationship to safety Definition of important terms Where breaches can occur Web techniques Components of security
More informationHow To Encrypt Data With Encryption
USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars Alternate Title? Boy, am I surprised. The Entrust guy who has mentioned PKI during every Security
More informationReport to WIPO SCIT Plenary Trilateral Secure Virtual Private Network Primer. February 3, 1999
Report to WIPO SCIT Plenary Trilateral Secure Virtual Private Network Primer February 3, 1999 Frame Relay Frame Relay is an international standard for high-speed access to public wide area data networks
More informationThe Case for Managed Anti-Spam Services
The Case for Managed Anti-Spam Services A Ferris Research White Paper August 2003. Report #386 Sponsored by Ferris Research 408 Columbus Ave., Suite 1 San Francisco, Calif. 94133, USA Phone: +1 (415) 986-1414
More informationITSC Training Courses Student IT Competence Programme SIIS1 Information Security
ITSC Training Courses Student IT Competence Programme SI1 2012 2013 Prof. Chan Yuen Yan, Rosanna Department of Engineering The Chinese University of Hong Kong SI1-1 Course Outline What you should know
More informationWhen Data Loss Prevention Is Not Enough:
Email Encryption When Data Loss Prevention Is Not Enough: Secure Business Communications with Email Encryption Technical Brief WatchGuard Technologies, Inc. Need for Email Encryption Is at Its Peak Based
More informationHow To Secure Your Email From Being Hacked On A Pc Or Mac Or Ipad (For Free) For A Long Time (For A Long Period Of Time) For Free (For Commercial) For Your Money (For Business) For The Long Term
CYBER-ATLAS TOOLKIT TOOLKIT: REFERENCES FREE EMAIL ENCRYPTION SOFTWARE BEFORE YOU START Limited functionality, limited capacity, limited usage, limited platforms or restrictions disallowing commercial
More informationProfessional Ethics for Computer Science
Professional Ethics for Computer Science Chapter 4: Privacy Jie Gao Computer Science Department Stony Brook University Privacy Issues Internet privacy consists of privacy over the media of the Internet:
More informationThe following multiple-choice post-course assessment will evaluate your knowledge of the skills and concepts taught in Internet Business Associate.
Course Assessment Answers-1 Course Assessment The following multiple-choice post-course assessment will evaluate your knowledge of the skills and concepts taught in Internet Business Associate. 1. A person
More informationSECURE Email User Guide
SECURE Email User Guide Receiving SECURE Email from Starion Financial Starion Financial is now offering an enhanced email encryption tool, IronPort PXE, which enables the email communication of sensitive
More informationE-mail Best Practices
CMSGu2012-06 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius E-mail Best Practices National Computer Board Mauritius Version 1.0 June
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationSavitribai Phule Pune University
Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter
More informationSnapshot: Zantaz Enterprise Archive Solution, Digital Safe, and Introspect
Snapshot: Zantaz Enterprise Archive Solution, Digital Safe, and Introspect July 2005. Report #560 Summary of the Company s Offerings Zantaz offers multiple solutions in the data archiving, retention, compliance,
More informationHow To Prevent Hacker Attacks With Network Behavior Analysis
E-Guide Signature vs. anomaly-based behavior analysis News of successful network attacks has become so commonplace that they are almost no longer news. Hackers have broken into commercial sites to steal
More informationSecure Email Recipient Guide
Secure Email Recipient Guide Contents How to open your first Encrypted Message.... 3 Step-by-Step Guide to Opening Your First Envelope... 3 Step One:... 3 Step Two:... 4 Step Three:... 4 Step Four:...
More informationThe GlobalCerts TM SecureMail Gateway TM
Glob@lCerts PRODUCT OVERVIEW: The GlobalCerts TM SecureMail Gateway TM Automatic encryption and decryption is unique to the SecureMail Gateway. The GlobalCerts SecureMail Gateway is based on a network
More informationIs your data safe out there? -A white Paper on Online Security
Is your data safe out there? -A white Paper on Online Security Introduction: People should be concerned of sending critical data over the internet, because the internet is a whole new world that connects
More informationNetwork Security - ISA 656 Email Security
Network Security - ISA 656 Angelos Stavrou November 13, 2007 The Usual Questions The Usual Questions Assets What are we trying to protect? Against whom? 2 / 33 Assets The Usual Questions Assets Confidentiality
More informationIntroduction to SAML
Introduction to THE LEADER IN API AND CLOUD GATEWAY TECHNOLOGY Introduction to Introduction In today s world of rapidly expanding and growing software development; organizations, enterprises and governments
More informationWhy you need secure email
Why you need secure email WHITE PAPER CONTENTS 1. Executive summary 2. How email works 3. Security threats to your email communications 4. Symmetric and asymmetric encryption 5. Securing your email with
More informationThe What, Why, and How of Email Authentication
The What, Why, and How of Email Authentication by Ellen Siegel: Director of Technology and Standards, Constant Contact There has been much discussion lately in the media, in blogs, and at trade conferences
More informationLeverage Active Directory with Kerberos to Eliminate HTTP Password
Leverage Active Directory with Kerberos to Eliminate HTTP Password PistolStar, Inc. PO Box 1226 Amherst, NH 03031 USA Phone: 603.547.1200 Fax: 603.546.2309 E-mail: salesteam@pistolstar.com Website: www.pistolstar.com
More informationPGP (Pretty Good Privacy) INTRODUCTION ZHONG ZHAO
PGP (Pretty Good Privacy) INTRODUCTION ZHONG ZHAO In The Next 15 Minutes, You May Know What is PGP? Why using PGP? What can it do? How did it evolve? How does it work? How to work it? What s its limitation?
More informationADP Secure Email Client User Guide
ADP Secure Email Client User Guide A Guide to Exchanging Secure Emails Using the Voltage SecureMail System Version 1.6 August 2014 ADP Secure Email Client User Guide August 2014 Copyright Information ADP
More informationChapter 17. Transport-Level Security
Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics
More informationWhat Are Certificates?
The Essentials Series: Code-Signing Certificates What Are Certificates? sponsored by by Don Jones W hat Are Certificates?... 1 Digital Certificates and Asymmetric Encryption... 1 Certificates as a Form
More informationDigital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University
Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate
More informationAuthor: Kai Engert, kaie at redhat dot com or kaie at kuix dot de For updates to this document, please check http://kuix.
Spam Salt aka Message Salt An invention against email abuse (Spam), introducing an email sender authentication mechanism. Author: Kai Engert, kaie at redhat dot com or kaie at kuix dot de For updates to
More informationSSL/TLS: The Ugly Truth
SSL/TLS: The Ugly Truth Examining the flaws in SSL/TLS protocols, and the use of certificate authorities. Adrian Hayter CNS Hut 3 Team adrian.hayter@cnsuk.co.uk Contents Introduction to SSL/TLS Cryptography
More informationWebsense Content Gateway HTTPS Configuration
Websense Content Gateway HTTPS Configuration web security data security email security Support Webinars 2010 Websense, Inc. All rights reserved. Webinar Presenter Title: Sr. Tech Support Specialist Cisco
More informationPassword Power 8 Plug-In for Lotus Domino Single Sign-On via Kerberos
Password Power 8 Plug-In for Lotus Domino Single Sign-On via Kerberos PistolStar, Inc. PO Box 1226 Amherst, NH 03031 USA Phone: 603.547.1200 Fax: 603.546.2309 E-mail: salesteam@pistolstar.com Website:
More informationComputer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University
Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two
More informationLightweight Security using Identity-Based Encryption Guido Appenzeller
Lightweight Security using Identity-Based Encryption Guido Appenzeller Chief Technology Officer Voltage Security Inc. Identity-Based Encryption (IBE) IBE is a new public key encryption algorithm A number
More informationUsing Entrust certificates with Microsoft Office and Windows
Entrust Managed Services PKI Using Entrust certificates with Microsoft Office and Windows Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust is a trademark
More informationComputer System Management: Hosting Servers, Miscellaneous
Computer System Management: Hosting Servers, Miscellaneous Amarjeet Singh October 22, 2012 Partly adopted from Computer System Management Slides by Navpreet Singh Logistics Any doubts on project/hypo explanation
More informationMICROSOFT EXCHANGE SERVER 2007 upgrade campaign. Telesales script
MICROSOFT EXCHANGE SERVER 2007 upgrade campaign Telesales script This document was created to help prepare an outbound telesales professional for a Microsoft Exchange Server 2007 upgrade sales call. This
More informationHTTPS Inspection with Cisco CWS
White Paper HTTPS Inspection with Cisco CWS What is HTTPS? Hyper Text Transfer Protocol Secure (HTTPS) is a secure version of the Hyper Text Transfer Protocol (HTTP). It is a combination of HTTP and a
More informationChapter 1: Introduction
Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure
More informationThe DoD Public Key Infrastructure And Public Key-Enabling Frequently Asked Questions
The DoD Public Key Infrastructure And Public Key-Enabling Frequently Asked Questions May 3, 2004 TABLE OF CONTENTS GENERAL PKI QUESTIONS... 1 1. What is PKI?...1 2. What functionality is provided by a
More informationElectronic Messaging Policy. 1. Document Status. Security Classification. Level 4 - PUBLIC. Version 1.0. Approval. Review By June 2012
Electronic Messaging Policy 1. Document Status Security Classification Level 4 - PUBLIC Version 1.0 Status DRAFT Approval Life 3 Years Review By June 2012 Owner Secure Research Database Analyst Retention
More informationEmail Marketing Glossary of Terms
Email Marketing Glossary of Terms A/B Testing: A method of testing in which a small, random sample of an email list is split in two. One email is sent to the list A and another modified email is sent to
More informationMANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE
WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both. But it s
More informationAn Introduction to Cryptography and Digital Signatures
An Introduction to Cryptography and Digital Signatures Author: Ian Curry March 2001 Version 2.0 Copyright 2001-2003 Entrust. All rights reserved. Cryptography The concept of securing messages through
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More information