Security Services for E-mail in Network Security
- 1. 18CSE354T – NETWORK SECURITY Unit – III : Session – 1 : SLO -1 Security Services for E-mail SRM Institute of Science and Technology 1
- 2. SRM Institute of Science and Technology 2 Security Services for E-mail This section describes the kinds of security services one might desire for electronic mail. In following sections we describe how these features might be implemented. Most electronic mail systems do not provide most of these features. Even those designed specifically for security often only provide for some of these features.
- 3. SRM Institute of Science and Technology 3 • privacy—the ability to keep anyone but the intended recipient from reading the message. • authentication—reassurance to the recipient of the identity of the sender. • integrity—reassurance to the recipient that the message has not been altered since it was transmitted by the sender. • non-repudiation—the ability of the recipient to prove to a third party that the sender really did send the message. This feature is also sometimes called third party authentication. The term non-repudiation means that the sender cannot later deny sending the message. • proof of submission—verification given to the sender that the message was handed to the mail delivery system (the same basic idea as sending certified mail through the U.S. postal service). With certified postal mail you just receive proof that you sent something to a particular address on a particular date, but with electronic mail it is possible to have the mail system verify acceptance of the contents of a particular message, perhaps by signing the message digest of the contents of the message.
- 4. SRM Institute of Science and Technology 4 • proof of delivery—verification that the recipient received the message. Postal mail has a similar feature (return receipt requested), but again it only verifies that something was deliv- ered on a particular date to the recipient. With electronic mail it is possible to verify the contents, as we mentioned under proof of submission. • message flow confidentiality—an extension of privacy such that Carol not only cannot know the content of the message Alice sent Bob, but cannot even determine whether Alice sent Bob a message. • anonymity—the ability to send a message so that the recipient can’t find out the identity of the sender. • containment—the ability of the network to keep certain security levels of information from leaking out of a particular region. • audit—the ability of the network to record events that might have some security relevance, such as that Alice sent a message to Bob on a particular date. This would be fairly straight forward to implement, but is not mentioned in any of the secure mail standards, so we don’t have a section on it.
- 5. SRM Institute of Science and Technology 5 • accounting—the ability of the mail system to maintain system usage statistics. In addition to providing clues for system resource management, this information allows the mail system to charge its clients according to their usage. For example, the system might charge by number of messages sent, as long as the system itself authenticates the source of each message to ensure that the proper party is billed. • self destruct—an option allowing a sender to specify that a message should be destroyed after delivery to the recipient. This allows Alice to send a message to Bob that Bob cannot forward or store. The mail system will decrypt and display the message, but then delete it. (Good morning Mr. Phelps…). This can be implemented by marking the message as a self- destruct message, and having the mail program at the destination cooperate by deleting the message immediately after displaying it. • message sequence integrity—reassurance that an entire sequence of messages arrived in the order transmitted, without any loss.
- 6. SRM Institute of Science and Technology 6 Reference 1. Charlie Kaufman, Radia Perlman, Mike Speciner, Network Security, Prentice Hall of India, 2002.