如何建立安全的电子邮件
Unencrypted messages can be hijacked in transit and read or altered.If the mail is not digitally signed,you can’t be sure where it came from. There are many options for securing e-mail,all with a few strengths and probably more weaknesses. Let’s take care of the easy decisions.Secure/Multipurpose Internet Mail Extensions(S/MIME)should be the message encryption and digital signature format because it’s the accepted standard and is built into leading e-mail clients such as Microsoft Outlook 98/2000 and Lotus Notes R5.Yet a standard such as S/MIME only takes you so far.Each vendor has implemented its own interpretation of S/MIME,which makes interoperability problematic.This drawback is exacerbated by the emergence of S/MIME Version 3 in the newest e-mail clients,which again could create interoperability issues. The path of least resistance is to get an e-mail security gateway, which is analogous to a firewall for e-mail.Every message going in or out pases through the gateway,allowing security policies to be enforced (where and when messages can be sent),virus checking to be performed,and messages to be signed and encrypted. One drawback of the gateway approach is that it doesn’t provide user-based security.For example,the gateway encrypts outbound messages so recipients can verify they came from your company,but recipients can’t prove from whom they came. Client-based methods use your private key to sign messages(proving it came from you),which is a more granular level of security,but they have weaknesses as well.They need to be configured on each desktop,which includes issuing a digital certificate to each user (for encryption and digital signature),and ensuring that a proper security profile is configured within the e-mail client. There are also a number of Web-based secure mail services that keep all messages within their environment at all times to ensure security.You use a secure site on the Internet to compose a message.Once you hit“Send”,the site encrypts and stores the message on its site,and sends the recipient an e-mail notification that a secure message is waiting.The recipient links to the site, provides a shared secret for authentication,and accesses the message via Secure Sockets Layer. Unfortunately,this method does not work with existing enterprise e-mail systems. The stickiest issue is building a directory of digital certificates.This directory holds the certificates needed to encrypt messages to a recipient.Internally,building the directory may not be a big deal because all certificates for a company can be published in a central Lightweight Directory Access Protocol server,but externally this causes many problems.You will need to establish an agreement with a recipient’s organization to ensure access to the right digital certificates.This process, however, creates more user training issues and adds complexity to e-mail communications. Although there is technology available for secure e-mail, widespread deployment is still problematic. However,as more companies and regular e-mail users see the need to secure their messages,the use of digital certificates will one day become a transparent part of your everyday activities. 未加密的信息可能在传输中被截获、偷看或窜改。如果邮件不是数字签名的,你就不能肯定邮件是从哪里来的。 确保电子邮件的安全有多种选择,它们都有些长处,但有可能存在更多弱点。 让我们先关注一下容易做的决定,安全/多用途因特网邮件扩展(S/MIME)应该是信息加密和数字签名的格式,因为它是已被认可的标准,被做进了主要的电子邮件客户端软件中,如微软的Outlook 98/2000和莲花公司的Notes R5。迄今为止,你只能用S/MIME一类的标准。每家供应商都有自己对S/MIME的解释,这就引出 了互用性问题,最新的电子邮件客户端软件中S/MIME三版的出现,加重了这个缺陷,它再次可能带来互用性问题。 阻力最小的道路就是采用电子邮件安全网关,它相当于电子邮件的防火墙。进出的每一条信息都要经过网关,网关可以实施安全政策(信息在何 时向何地发送)、执行病毒检查并给信息签名和加密。这种网关方法的一个缺陷就是它不 能提供基于用户的安全性。例如,网关对向外发的信息进行加密,因而接收方能验证它 们来自你的公司,但接收方不能证明它们来自哪个人。 基于客户端的方法采用你私人密钥来签署信息(证明它出自于你),这是更细化的安全等级,但它们也有弱点。它们需要配置到每个桌面系统,包括向每个用户发数字证书(用于加密和数字签名),并确保在每个电子邮件客户端都配置了合适的安全配置文件。 也有多种基于Web的安全邮件服务,这些服务在任何时候把所有信息都保持在它们的环境中,以确保安全性。你利用因特网上一个安全网站来 编写信息,一旦你点击了“发送”,网站就进行加密和把信息保存在该网站中,并向接收方发一份电子邮件通知,告诉他有一份安全的信息等他去接收。接收方链接到该网站,提供用于认证的共享秘密,通过安全入口层(SSL)访问该信息。可惜,此方法不能与现有的企业电子邮件系统一起工作。 最困难的问题是建立数字证书目录。此目录保存着向一名接收人发的信息进行加密所需的证书。从内部讲,建目录可能不是件大事,因为一家公司的所有证书可以由中央简化目录访问协议服务器颁发,但从外部讲,这会引起很多问题。你需要与收件人所在组织达成协议,以确保访问正确的数字证书。然而,这个过程会造成更多的用户培训问题以及增加电子邮件通信的复杂性。 虽然已有技术可用于安全的电子邮件,但广泛部署仍是个问题。然而,随着更多的公司和普通电子邮件用户看到了确保其信息安全的需要,终 有一天使用数字证书会变得透明,成为你日常生活的一部分。 |