This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Email communication is necessary for most of the companies and individuals.It is a fastest and easiest way to communicate each other. It is widely used for both business and personal purposes.We will send messages through mails from one place to another place by internet connection. No matter what our purpose in sending an email, we should follow some simple security rules in order to avoid loss of data .Regular emails can be easily sniffed and there is a chance that our email id may be hacked, which results in the loss of our data.To protect our data and being sniffed from others the concept of security mail came into existence. It is the method where the contents of the email are encrypted.
Here are the few suggestions for the email security.
Log on to secure email server - The most secure email server we can use is the one that is system based which means we must access the email from a computer connected to a specific system.
Use a secure internet connection - Do not use unsecured internet connections or WiFi connections without a password.
To secure your email we can also use windows mail security settings,which allows us to change ,block and ecrypt our mail messgages.
E-mail which is also called as electronic mail is the fastest means of communication through Internet. It is the method of exchanging messages or data from one person to another person. A person who sends email is called as "SENDER" and a person who receives the email is called as "RECIPIENT" .Generally Emails are stored in specified servers. There are different types of email service providers such as Google, Yahoo, and Rediff.
In olden days there was no high end technology as it is now.If a person wants to send an email to another person he/she should be online to receive the respective email else the user cannot receive the mail,that was the main problem with the earlier concept of Email. But now days are changed, though the person is not online the user can send the email to the other user provided the user has other user's Email Id. In order to send an email each user has his/her unique user id and password.There are different type of email service providers,but the once which are popular and more used by the users are google,yahoo and rediff.After user fills the detail he/she must select and Id which is unique and which can be easily rememebered.Then user should select a password which can be easily remembered. Once this process is done then user can use his/her user id and password to login to send the emails.
Now a day's technology has developed to such an extent that whatever we send the data through email can be modified and forged. There is no guarantee that the data which you have send to the desired recipient is delivered or not. There are people who can change our password and may delete or edit our personal data .Such people are called as "HACKERS". There main intention is to modify our data, change the password or they might even steal the data from our computer. So, in order to overcome these problems, the concept of secure email came into existence.
Secure email is the method where
1. Login and passwords are encrypted.
2. Email contents are encrypted such that no one can understand except the user which can be later decrypted for the user.
3. Proper authentication is required.
4. Data cannot be changed or edited by internal or external monitoring.
When we are talking about the concept of secure email,we are talking about the ability to send a message securely in such a way that the contents of the message remain private between me and my intended recipient and vice versa.
Why Email Security is important?
1. Now a day's regular email has no security than a post card.
2. If once hacker gets the password of user's email id, they may reset the password, where there is much chance of loosing of our important data which is in the email.
3. We may loose our ID which cannot be used further because the hacker has changed the password.
Therefore through secure email we can
1. Protect the sensitive data.
2. Prove authenticity to the recipients'.
3. Avoid junk folder.
4. Send attachments normally filtered.
Services provided by secure email
Secure email provides mainly three types of service's they are
2. Message Integrity
3. Sender Authentication.
How does secure email work?
Secure Email uses a set of cryptographic tools which can encapsulate the whole message into a specillay formatted envelope.It uses the concept of encryption and digital signatures to protect the data.Encryption is the method where the actual message is hidden through re arranging or substituting the letters.To get back the original message the concept of decryption is used. Generally it requires a key to unlock the message.
Digital signature is a mathematical method of demonstrating the authenticity of a message or a document. It can also be defined as the act of validating the authenticity of a message. These digital signatures gives a reason that the message was created by known person and it was not modified .Generally digital signatures are used for fraud detection, software distributions and for financial transactions. To be precise digital signatures are almost equal to hand written signatures.
There are many options available in the market for secure email such as
1. PGP (Pretty good Privacy)
2. S/MIME (Secure/Multipurpose Internet Mail Extensions).
3. SSL/TLS Web Browser based Email.
4. SSL/TLS POP/SMTP email.
Pretty Good Privacy( PGP)
PGP was first designed and created by Philip Zimmerman in the year 1991.It is a program that encrypts and decrypts the data which provides authentication and privacy during the transfer of data from one person to another person.PGP uses combination of various methods such as hashing, data compression, symmetric key cryptography and public key cryptography. Generally PGP is used to increase the security of Email communications like sending of data or message from one user to another users.
S/MIME (Secure/Multipurpose Internet Mail Extensions):
S/MIME - It is a secure email standard that uses the concept of X509 certificates to provide message intergrity ,non repudiation using digital signatures.It is almost similar to PGP.But it has more features when compared to PGP.
MIME is standard form of SMTP email which allows various types of message attributes such as text, attachments and message bodies with multiple parts. S/MIME is popular because it provides both cryptographic security and digital signing.Today each and every mail application support S/MIME including Microsoft outlook..S/MIME is complex when compared to PGP.S/MIME helps the recipient in one of the two ways.
In larger companies there is less chances of knowing employees each other. There is a chance that maximum people have same name, the only way to differentiate them is by there surname. As we know S/MIME signature verifies only senders name and email address which would not be useful for the recipient to take a decision.
Public Key Infrastructure
Public key infrastrucuture is used for secure communications using the pair of encryption keys.
The two keys used are one public key and one private key.This is also known as asymmetric cryptography..Basically it is a technical way of describing two different keys but both keys are interrelated.
The concept of trust management is used to verify the actions against the security policies. Actions are nothing but providing sufficient credentials irrespective of there identity .It can be best explained using an example of tickets .For example if you are going to stadium to see cricket match we need to buy a ticket. It is the only way through which he/she can enter into the stadium.It means that user has paid the money for his respective ticket and he/she has the right to enter the stadium and sit on the specified seat. The ticket once brought cannot be transferred to another person. At the entrance of the stadium only ticket will be checked but they will not check the identity of the person. Li and Mitchell defined trust management system into three aspects they are language, deduction and infrastructure.
To implement trust management system we would need to
Choose a policy language.
Attach some credentials to those digitally signed messages'.
Should build a policy checking engine into an email client.
Must convince user's to specify policies that accurately capture the trust behavior while reading email.