X

Download Email Security PowerPoint Presentation


Login   OR  Register
X

Share page



  Preview

               
Home / Computers & Web / Computers & Web Presentations / Email Security PowerPoint Presentation

Email Security PowerPoint Presentation

worldwideweb By : worldwideweb

On : Aug 07, 2014

In : Computers & Web

Embed :
576
views

0
downloads
Login / Signup - with account for


  • → Make favorite
  • → Flag as inappropriate
  • → Download Presentation
  • → Share Presentation
  • Slide 1 - SMU CSE 5349/49 Email Security
  • Slide 2 - SMU CSE 5349/7349 Threats Threats to the security of e-mail itself Loss of confidentiality E-mails are sent in clear over open networks E-mails stored on potentially insecure clients and mail servers Loss of integrity No integrity protection on e-mails; body can be altered in transit or on mail server Lack of data origin authentication Lack of non-repudiation Lack of notification of receipt
  • Slide 3 - SMU CSE 5349/7349 Threats Enabled by E-mail Disclosure of sensitive information Exposure of systems to malicious code Denial-of-Service (DoS) Unauthorized accesses etc.
  • Slide 4 - SMU CSE 5349/7349 What are the Options Secure the server to client connections (easy thing first) POP, IMAP over ssh, SSL https access to webmail Very easy to configure Protection against insecure wireless access Secure the end-to-end email delivery The PGPs of the world Still need to get the other party to be PGP aware Practical in an enterprise intra-network environment
  • Slide 5 - SMU CSE 5349/7349 Email based Attacks Active content attack Clean up at the server (AV, Defang) Buffer over-flow attack Fix the code Shell script attack Scan before send to the shell Trojan Horse Attack Use “do not automatically use the macro” option Web bugs (for tracking) Mangle the image at the mail server
  • Slide 6 - SMU CSE 5349/7349 Email SPAM Cost to exceed $10 billion SPAM filtering Content based – required hits White list Black list Defang MIME
  • Slide 7 - SMU CSE 5349/7349 PGP PGP=“Pretty Good Privacy” First released in 1991, developed by Phil Zimmerman Freeware: OpenPGP and variants: OpenPGP specified in RFC 2440 and defined by IETF OpenPGP working group. www.ietf.org/html.charters/openpgp-charter.html Available as plug-in for popular e-mail clients, can also be used as stand-alone software.
  • Slide 8 - SMU CSE 5349/7349 PGP Functionality Encryption for confidentiality. Signature for non-repudiation/authenticity. Sign before encrypt, so signatures on unencrypted data - can be detached and stored separately. PGP-processed data is base64 encoded
  • Slide 9 - SMU CSE 5349/7349 PGP Algorithms Broad range of algorithms supported: Symmetric encryption: DES, 3DES, AES and others. Public key encryption of session keys: RSA or ElGamal. Hashing: SHA-1, MD-5 and others. Signature: RSA, DSS, ECDSA and others.
  • Slide 10 - SMU CSE 5349/7349 PGP Services
  • Slide 11 - SMU CSE 5349/7349 PGP Message
  • Slide 12 - SMU CSE 5349/7349 PGP Key Rings PGP supports multiple public/private keys pairs per sender/recipient. Keys stored locally in a PGP Key Ring – essentially a database of keys. Private keys stored in encrypted form; decryption key determined by user-entered pass-phrase.
  • Slide 13 - SMU CSE 5349/7349 Key Management for PGP Public keys for encrypting session keys / verifying signatures. Private keys for decrypting session keys / creating signatures. Where do these keys come from and on what basis can they be trusted?
  • Slide 14 - SMU CSE 5349/7349 PGP Key Management PGP adopts a trust model called the web of trust. No centralised authority Individuals sign one another’s public keys, these “certificates” are stored along with keys in key rings. PGP computes a trust level for each public key in key ring. Users interpret trust level for themselves.
  • Slide 15 - SMU CSE 5349/7349 PGP Trust Levels Trust levels for public keys dependent on: Number of signatures on the key; Trust level assigned to each of those signatures. Trust levels recomputed from time to time.
  • Slide 16 - SMU CSE 5349/7349 PGP Key Mgmt Issues Original intention was that all e-mail users would contribute to web of trust. Reality is that this web is sparsely populated. How should security-unaware users assign and interpret trust levels? Later versions of PGP support X.509 certs.
  • Slide 17 - SMU CSE 5349/7349 PGP Message Generation
  • Slide 18 - SMU CSE 5349/7349 PGP Message Generation (cont’d) The sending PGP entity performs the following steps: Signs the message: PGP gets sender’s private key from key ring using its user id as an index. PGP prompts user for passphrase to decrypt private key. PGP constructs the signature component of the message. Encrypts the message: PGP generates a session key and encrypts the message. PGP retrieves the receiver public key from the key ring using its user id as an index. PGP constructs session component of message
  • Slide 19 - SMU CSE 5349/7349 PGP Message Reception
  • Slide 20 - SMU CSE 5349/7349 PGP Message Reception The receiving PGP entity performs the following steps: Decrypting the message: PGP get private key from private-key ring using Key ID field in session key component of message as an index. PGP prompts user for passphrase to decrypt private key. PGP recovers the session key and decrypts the message. Authenticating the message: PGP retrieves the sender’s public key from the public-key ring using the Key ID field in the signature key component as index. PGP recovers the transmitted message digest. PGP computes the message for the received message and compares it to the transmitted version for authentication.
Parents Free PowerPoint Template

Parents

Views : 409

Herbal Pills Free PowerPoint Template

Herbal Pills

Views : 573

Light Abstract Free PowerPoint Template

Light Abstract

Views : 835

Injecting Free PowerPoint Template

Injecting

Views : 428

Blue Abstract Free PowerPoint Template

Blue Abstract

Views : 743

Agriculture Free PowerPoint Template

Agriculture

Views : 889

Rose Free PowerPoint Template

Rose

Views : 646

Room Interior Free PowerPoint Template

Room Interior

Views : 452

Interior Free PowerPoint Template

Interior

Views : 519

Ice Hockey Free PowerPoint Template

Ice Hockey

Views : 1189

Bales Free PowerPoint Template

Bales

Views : 480

Doctor Free PowerPoint Template

Doctor

Views : 423

Koli Bacteria Free PowerPoint Template

Koli Bacteria

Views : 1324

Maple Leaf Free PowerPoint Template

Maple Leaf

Views : 472

Happy Birthday Free PowerPoint Template

Happy Birthday

Views : 581

Male Female Free PowerPoint Template

Male Female

Views : 557

Gerbera Free PowerPoint Template

Gerbera

Views : 322

Barbell Free PowerPoint Template

Barbell

Views : 542

Domino Free PowerPoint Template

Domino

Views : 564

Law Rules Free PowerPoint Template

Law Rules

Views : 1824

Description : Available Email Security powerpoint presentation for free download which is uploaded by steve an active user in belonging ppt presentation Computers & Web category.

Tags : email security | online email security | email spam

Shortcode : Get Shareable link