Professional Documents
Culture Documents
5 EMAIL
Address the security aspects of the deployment of a mail server through maintenance and
administration standards
Ensure that the mail server application is deployed, configured and managed to meet the
security policy and guidelines instituted by management.
Consider the implementation of encryption technologies to protect user authentication and mail
data
There are two different types of encryption techniques used to ensure security, symmetric key and
asymmetric key system. If the email is protected using a symmetric button at the end of the receiver,
the user must know the one secret button to decode the message. If a public key is used as an
asymmetrical key system, the user must use the private key to decrypt the message and use a digital
signature verification tool to validate the signature at the receiving end.
Message Digest is a technique for ensuring the integrity of data sent across an unsecured channel
(where the content of the message can be changed). A Cryptographic hash function is used to encrypt
the message. This function produces a Digest image, which is a compressed version of the message.
Lets assume, Alice sent a message and digest pair to Bob. To check the integrity of the message Bob runs
the cryptographic hash function on the received message and gets a new digest. Now, Bob will compare
the new digest and the digest sent by Alice. If, both are same then Bob is sure that the original message
is not changed.
This message and digest pair is equivalent to a physical document and fingerprint of a person on that
document. Unlike the physical document and the fingerprint, the message and the digest can be sent
separately.