Trusted S/MIME Gateways
暂无分享,去创建一个
The utility of Web-based email clients is clear: a user is able to access their email account from any computer anywhere at any time. However, this option is unavailable to users whose security depends on their key pair being stored either on their local computer or in their browser. Our implementation seeks to solve two problems with secure email services. The first that of mobility: users must have access to their key pairs in order to perform the necessary cryptographic operations. The second is one of transition: initially, users would not want to give up their regular email clients. Keeping these two restrictions in mind, we decided on the implementation of a secure gateway system that works in conjunction with an existing mail server and client. Our result is PKIGate, an S/MIME gateway that uses the DigitalNet (formerly Getronics) S/MIME Freeware Library and IBM’s 4758 secure coprocessor. This thesis presents motivations for the project, a comparison with similar existing products, software and hardware selection, the design, use case scenarios, a discussion of implementation issues, and suggestions for future work.
[1] Jon Callas. Improving Message Security With a Self-Assembling PKI , 2003 .
[2] Bennet S. Yee,et al. Secure Coprocessors in Electronic Commerce Applications , 1995, USENIX Workshop on Electronic Commerce.
[3] Sean W. Smith,et al. Using a High-Performance, Programmable Secure Coprocessor , 1998, Financial Cryptography.
[4] Sean W. Smith. Outbound authentication for programmable secure coprocessors , 2004, International Journal of Information Security.