The mail server then forwards the message the individual user

more secure mail system. This will allow one to authenticate internal and external mail users. The internal requirements will only add one server and a router/filter outside the firewall, and the external requirements will require that there be a publicly available certificate authority (CA) for the world to access.

Now a system has been created that will allow users to segregate inter-nally encrypted messages from externally. Each person will have two pub-lic keys to maintain:

Mail Sent Securely. The following steps break down the path with which a secure message can be sent (see Exhibit 3-4). This is a recommended method of securing all one’s internal and external mail.

1. Before sending or receiving any messages, the author of the mes- sage gets a private encryption key from his private network.

3. The author of an e-mail message logs on to his personal network and is also authenticated by the mail server via usage of a password to get ready to send electronic mail.

4. They the author composes the message using his personal mail util- ity that has been preconfigured with the following settings.

©2002 CRC Press LLC
© 2004 by CRC Press LLC

8. In front of the firewall on the recipient’s end is a hardware device that decrypts the traffic at layer three, but leaves it encrypted and signed as it was originally sent. Loss of this level of encryption is noted by the author. However, unless the outside recipient of this message has the proper hardware to decrypt the message, this level of protection will impede the communications and the recipient will not be able to read the message.

13. The mail recipient goes out to the appropriate public key server (internal for internal users and off the public key for external users) and retrieves the sender’s public key before trying to open the sender’s message.

14. The mail server then forwards the message to the individual user, who then opens the message after it is decrypted and verifies the signature based matching message digests.

are several layers of protection and validation that show that the message is authentic. The sender and the recipient both know who the message is from and to whom it is being sent, and both parties have confirmation of receipt.

If senders are not concerned about protecting the content of their indi-vidual messages, then the encryption part could be skipped, thereby speeding up the process of delivery. It is this author’s opinion that digital signatures should always be used to authenticate any business-related or personal message to another party.

Setting up a system of checks and balances to verify transmission, to authenticate users, to authenticate messages and protect them from pry-ing eyes becomes the task at hand for the systems administrator and the security officer. Effective implementation of encryption, digital certificates, and configuration of mail servers placed in the proper areas of a network are all components of making this happen efficiently enough that users will not try to bypass the controls.

The security officer is responsible for the information in the corpora-tion, and becomes a security consultant by default when the architecture of a mail system is to be built. The security officer will be asked how to, when to, and where to implement security, all the while keeping in mind that one must inflict as little impact on the user community as possible. The security officer will be asked to come up with solutions to control access to e-mail and for authentication methods.