======================================================
Compatible Security
with Secure Message Pickup
Secure Message Pickup Encryption
uses a trusted “encryption middleman” to give you the almost same level of
security offered by asymmetric key encryption, but with universal
compatibility. Here is how it works:
The sender
connects to the middleman’s SMTP or WebMail portal on a secure
TLS connection
The middleman
validates the sender.
The sender
creates a message.
The message
sender chooses some method for the recipient’s identity to be verified (e.g.
via a password, a question an answer, a login to a portal, etc.)
The middleman
encrypts the message (e.g. using AES256) and stores it on his server.
The middleman
sends a plain text message to the recipient that contains only a secure link to
the middleman’s web portal, and a unique message password that is part of
the encryption key. The middleman then ‘forgets’ this password so that he cannot
decrypt the message until he gets the password back from the recipient.
The recipient
connects to the middleman’s web portal over a secure TLS connection and
logs in (the message password coming along for the ride).
The middleman
decrypts the message and presents it to the recipient.
The encryption middleman handles all
the encryption dirty work; it doesn’t matter if the sender uses PGP and the
recipient uses S/MIME. In fact, it doesn’t matter if either uses encryption at
all! All that the sender and recipient need is a web browser and regular email
service. The middleman takes care of everything else.
How does it solve the security
problems we mentioned earlier?
Eavesdropping: No one can eavesdrop on the
message because the sender and recipient connect to the middleman on a secure
TLS connection.
Identity Theft: No one can steal the sender’s
login information or the recipient’s verification information because both the
sender and the recipient use TLS connections.
Invasion
of Privacy: The recipient knows nothing about the sender’s computer,
email client, or location. She only knows that he used the middleman.
Message
Modification: No one can modify the message
because it never leaves the middleman’s server and is encrypted and signed
while residing there.
False
Messages: The message is only accessed on the middleman’s server, so
no one else can pretend to send it.
Message
Replay: No one can re-send the message because it never leaves the
middleman’s server.
Unprotected
Backups: The message is encrypted when it is stored, so it is
secure even in backups.
Repudiation:
The recipient knows that the sender really did send the message because he was
validated by the middleman and because digital signatures are used.
In addition, the middleman can keep
a log of who accesses the message and at what times. Thus the sender can audit
the message to see who has viewed it.
Notice that the message is secure
and anonymous: the message is encrypted and stored on the middleman’s servers,
so it is not subject to the security of intermediate relaying servers. Only the
middleman can encrypt and decrypt the message, and only authorized recipients
can access the message. The recipient knows nothing about the sender’s
computer, only that he used the middleman. As long as the middleman is
trustworthy, the message is completely secure, completely anonymous, and
completely compatible.
LuxSci’s SecureLine service
provides complete provides “Escrow”
encryption as a form of “Secure Message Pickup” … along with options
for PGP, S/MIME, and TLS.
===================================================
Have you ever wondered how it would be if your email suddenly came to life? You are about to find out.====================================================
===========================================================
**Important note** - contact our sister company for very powerful solutions for IP management (IPv4 and IPv6, security, firewall and APT solutions:
www.tabularosa.net
In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:
www.amazon.com/author/paulbabicki
If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications.
Lastly, I
am the founder and president of Tabula
Rosa Systems, a company that provides “best of breed” products for network,
security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT
product information for virtually anyone.
==============================================
No comments:
Post a Comment