DOCSLIB.ORG

2. Application Layer

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
2. Application Layer 2. Application Layer Computer Networking: A Top Down Approach th 6 edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross, All Rights Reserved Application Layer 2-1 2. Application layer: Outline 2.1 principles of network 2.6 P2P applications applications 2.7 socket programming 2.2 Web and HTTP with UDP and TCP 2.3 FTP 2.4 electronic mail § SMTP, POP3, IMAP 2.5 DNS Application Layer 2-2 2. Application layer: Goals our goals: v learn about protocols by v conceptual, examining popular implementation aspects application-level of network application protocols protocols § HTTP § transport-layer § FTP service models § SMTP / POP3 / IMAP § client-server § DNS paradigm v creating network § peer-to-peer applications paradigm § socket API Application Layer 2-3 Some network apps v e-mail v voice over IP (e.g., Skype) v web v real-time video v text messaging conferencing v remote login v social networking v P2P file sharing v search v multi-user network games v … v streaming stored video v … (YouTube, Hulu, Netflix) Application Layer 2-4 Creating a network app application transport network data link write programs that: physical v run on (different) end systems v communicate over network v e.g., web server software communicates with browser software no need to write software for application transport network-core devices network data link application physical transport v network-core devices do not network data link run user applications physical v applications on end systems allows for rapid app development, propagation Application Layer 2-5 Application architectures possible structure of applications: v client-server v peer-to-peer (P2P) Application Layer 2-6 Client-server architecture server: v always-on host v permanent IP address v data centers for scaling clients: v initiate communication to client/server server v intermittently connected v may have dynamic IP addresses v do not communicate directly with each other Application Layer 2-7 P2P architecture v no always-on server peer-peer v peers request service from other peers, provide service in return to other peers § self scalability – new peers bring new service capacity, as well as new service demands v peers are intermittently connected and change IP addresses § complex management Application Layer 2-8 Processes communicating process: program running clients, servers within a host client process: process that v within same host, two initiates communication processes communicate server process: process that using inter-process communication (defined by waits to be contacted OS) v processes in different hosts communicate by exchanging v aside: even P2P applications messages have client processes & server processes Application Layer 2-9 Sockets v process sends/receives messages to/from its socket v socket analogous to a dropbox at door § sending process shoves message into dropbox § sending process relies on transport to deliver message to dropbox at receiving process application application socket controlled by process process app developer transport transport network network controlled by OS link Internet link physical physical Application Layer 2-10 Addressing processes v to receive messages, v identifier includes both IP process must have identifier address and port numbers v host device has unique 32- associated with process on bit IP address host. v Q: does IP address of host v example port numbers: on which process runs § HTTP server: 80 suffice for identifying the § mail server: 25 process? v to send HTTP message to § A: no, many processes www.cs.umass.edu web can be running on same server: host § IP address: 128.119.240.84 § port number: 80 v more shortly… Application Layer 2-11 App-layer protocol defines v types of messages open protocols: exchanged, v defined in RFCs § e.g., request, response v allows for interoperability v message syntax: v e.g., HTTP, SMTP § what fields in messages proprietary protocols: & how fields are v e.g., Skype delineated v message semantics § meaning of information in fields v rules for when and how processes send & respond to messages Application Layer 2-12 What transport service does an app need? data integrity throughput v some apps (e.g., file transfer, v some apps (e.g., web transactions) require multimedia) require 100% reliable data transfer minimum amount of throughput to be v other apps (e.g., audio) can “ ” tolerate some loss effective v other apps (“elastic apps”) timing make use of whatever throughput they get v some apps (e.g., Internet telephony, interactive security games) require low delay to be “effective” v encryption, data integrity, … Application Layer 2-13 Transport service requirements: common apps application data loss throughput time sensitive file transfer no loss elastic no e-mail no loss elastic no Web documents no loss elastic no real-time audio/video loss-tolerant audio: 5kbps-1Mbps yes, 100’s video:10kbps-5Mbps msec stored audio/video loss-tolerant same as above interactive games loss-tolerant few kbps up yes, few secs text messaging no loss elastic yes and no, 100s msec Application Layer 2-14 Common Internet transport services TCP service: UDP service: v reliable transport between v unreliable data transfer sending and receiving between sending and process receiving process v flow control: sender won’t overwhelm receiver v does not provide: reliability, flow control, v congestion control: throttle sender when network congestion control, overloaded timing, throughput guarantee, security, v does not provide: timing, minimum throughput orconnection setup, guarantee, security v connection-oriented: setup Q: why bother? Why is required between client and there a UDP? server processes Application Layer 2-15 Internet apps: application, transport protocols application underlying application layer protocol transport protocol e-mail SMTP [RFC 2821] TCP remote terminal access Telnet [RFC 854] TCP Web HTTP [RFC 2616] TCP file transfer FTP [RFC 959] TCP streaming multimedia HTTP (e.g., YouTube), TCP or UDP RTP [RFC 1889] Internet telephony SIP, RTP, proprietary (e.g., Skype) TCP or UDP Q: Why might skype use TCP? Application Layer 2-16 Securing TCP TCP & UDP SSL is at app layer v no encryption v Apps use SSL libraries, v cleartext passwds sent which “talk” to TCP into socket traverse SSL socket API Internet in cleartext v cleartext passwds sent SSL into socket encrypted v provides encrypted before transmission TCP connection v See Chapter 7 v data integrity v end-point authentication Application Layer 2-17 Q1: TCP vs. UDP v Which of the following is true? A. FTP uses UDP B. HTTP uses UDP C. UDP ensures in-order delivery but not reliability D. HTTP uses TCP Application Layer 2-18 Q2 Endpoint process identifier v A network application process is identified uniquely by which of the following? A. IP address B. IP address, port C. IP address, port, MAC address D. domain name Application Layer 2-19 Q3 Transport v Pick the true statement A. TCP provides reliability and guarantees a minimum bandwidth. B. TCP provides reliability while UDP provides bandwidth guarantees. C. TCP provides reliability while UDP does not. D. Neither TCP nor UDP provide reliability. Application Layer 2-20 Q4 HTTP v Persistent HTTP fetches multiple web objects over a single TCP connection while non- persistent HTTP uses a separate TCP connection for each object. True/false? A. True B. False Application Layer 2-21 2. Application layer: Outline 2.1 principles of network 2.6 P2P applications applications 2.7 socket programming 2.2 Web and HTTP with UDP and TCP 2.3 FTP 2.4 electronic mail § SMTP, POP3, IMAP 2.5 DNS Application Layer 2-22 Web and HTTP First, a review… v web page consists of objects v object can be HTML file, JPEG image, Java applet, audio file,… v web page consists of base HTML-file which includes several referenced objects v each object is addressable by a URL, e.g., www.someschool.edu/someDept/pic.gif host name path name Application Layer 2-23 HTTP overview HTTP: hypertext transfer protocol v Web’s application layer protocol PC running Firefox browser v client/server model § client: browser that requests, receives, (using HTTP protocol) server and “displays” Web running objects Apache Web § server: Web server server sends (using HTTP protocol) objects in iphone running response to requests Safari browser Application Layer 2-24 HTTP overview (continued) uses TCP: HTTP is “stateless” v client initiates TCP v server maintains no connection (creates socket) information about to server, port 80 past client requests § cookies an exception v server accepts TCP connection from client aside protocols that maintain v HTTP messages “state” are complex! (application-layer protocol v past history (state) must be messages) exchanged maintained between browser (HTTP v if server/client crashes, their client) and Web server views of “state” may be (HTTP server) inconsistent, must be v TCP connection closed reconciled Application Layer 2-25 HTTP connections non-persistent HTTP persistent HTTP v at most one object v multiple objects can sent over TCP be sent over single connection TCP connection § connection then between client, server closed v downloading multiple objects required multiple connections Application Layer 2-26 Non-persistent HTTP suppose user enters URL: (contains text, www.someSchool.edu/someDepartment/home.index references to 10 jpeg images) 1a. HTTP client initiates TCP connection to HTTP server (process) at 1b. HTTP server at host www.someSchool.edu on port www.someSchool.edu waiting 80 for TCP connection at port 80. “accepts” connection, notifying 2. HTTP client sends HTTP request client message (containing URL) into TCP connection socket. 3. HTTP server receives request Message indicates that client message, forms response wants object someDepartment/ message containing requested home.index object, and sends message into its socket time Application Layer 2-27 Non-persistent HTTP (cont.) 4.
Load more

Recommended publications
  • SMTP Protocol
    CS 280 Lecture 4: Application Layer, Email, DNS, P2P John Magee 21 September 2016 Most slides adapted from Kurose and Ross, Computer Networking 7/e Source material copyright 1996-2016 1 J.F Kurose and K.W. Ross Chapter 2: outline Last Class: 2.1 principles of network Next Class: applications 2.6 video streaming and 2.2 Web and HTTP content distribution networks Today: 2.7 socket programming with UDP and TCP 2.3 electronic mail • SMTP, POP3, IMAP 2.4 DNS 2.5 P2P applications Application Layer 2-2 outgoing Electronic mail message queue user mailbox Three major components: user agent . user agents . mail servers mail user server . simple mail transfer agent protocol: SMTP SMTP mail user server agent User Agent SMTP . a.k.a. “mail reader” SMTP user agent . composing, editing, reading mail server mail messages user . e.g., Outlook, Thunderbird, agent iPhone mail client user . outgoing, incoming agent messages stored on server Application Layer 2-3 Electronic mail: mail servers mail servers: user agent . mailbox contains incoming messages for user mail user server . message queue of outgoing agent (to be sent) mail messages SMTP mail user . SMTP protocol between server agent mail servers to send email SMTP messages SMTP user agent • client: sending mail mail server server • “server”: receiving mail user server agent user agent Application Layer 2-4 Electronic Mail: SMTP [RFC 2821] . uses TCP to reliably transfer email message from client to server, port 25 . direct transfer: sending server to receiving server . three phases of transfer • handshaking (greeting) • transfer of messages • closure . command/response interaction (like HTTP) • commands: ASCII text • response: status code and phrase .
    [Show full text]
  • Statement from Directtrust Regarding the EFAIL Vulnerability
    Statement from DirectTrust regarding the EFAIL Vulnerability Summary EFAIL is a set of attacks used to exploit vulnerabilities in email clients that decrypt and display PGP and S/MIME encrypted messages by coercing them into sending the decrypted text of the emails to an attacker. Properly implemented, Direct is NOT vulnerable. However, we recommend that if you are exchanging with anyone outside of the DirectTrust Network, you will want to understand at a reasonable depth how their implementation protects against EFAIL. How does EFAIL work? EFAIL consists of two different attack scenarios that create “backchannels” to send the decrypted text to an attacker. Both require an attacker to first obtain the encrypted message. 1. The attacker “wraps” the encrypted body with carefully crafted markup that can result in an email client decrypting the message and sending the decrypted body to the attacker. 2. The attacker manipulates the encrypted body of the message using well known S/MIME weaknesses that produce a message that can send the decrypted body to the attacker once rendered in the email client. Although the attacks are different, the end result is the same: a vulnerable email client sends the decrypted text to the attacker. How is this relevant to Direct? Direct uses S/MIME to encrypt messages, so in theory every Direct message could be vulnerable to this attack. However, Direct, when implemented correctly, is NOT vulnerable. The vulnerability is only applicable if decryption and rendering of the message are done in certain email clients like Thunderbird, iOS, Apple Mail, and some versions of Outlook.
    [Show full text]
  • [Hal-00744922, V1] Improving Content Availability in the I2P Anonymous
    Improving Content Availability in the I2P Anonymous File-Sharing Environment Juan Pablo Timpanaro, Isabelle Chrisment*, Olivier Festor INRIA Nancy-Grand Est, France *LORIA - ESIAL, Universit´ede Lorraine Email: fjuanpablo.timpanaro, [email protected] Email: [email protected] Abstract. Anonymous communication has gained more and more inter- est from Internet users as privacy and anonymity problems have emerged. Dedicated anonymous networks such as Freenet and I2P allow anony- mous file-sharing among users. However, one major problem with anony- mous file-sharing networks is that the available content is highly reduced, mostly with outdated files, and non-anonymous networks, such as the BitTorrent network, are still the major source of content: we show that in a 30-days period, 21648 new torrents were introduced in the BitTor- rent community, whilst only 236 were introduced in the anonymous I2P network, for four different categories of content. Therefore, how can a user of these anonymous networks access this varied and non-anonymous content without compromising its anonymity? In this paper, we improve content availability in an anonymous environment by proposing the first internetwork model allowing anonymous users to access and share content in large public communities while remaining anonymous. We show that our approach can efficiently interconnect I2P users and public BitTorrent swarms without affecting their anonymity nor their performance. Our model is fully implemented and freely usable. 1 Introduction Peer-to-peer file-sharing has always been one of the major sources of the Internet hal-00744922, version 1 - 24 Oct 2012 traffic, since its early beginnings in 2000. It has been moving from semi-central approaches (eDonkey2000, for example), to semi-decentralized approaches (Kazaa, for instance) to fully decentralized file-sharing architectures (like the KAD net- work).
    [Show full text]
  • Security with SSH.Pdf
    Security with SSH Network Startup Resource Center http://www.nsrc.org/ These materials are licensed under the Creative Commons Attribution-NonCommercial 4.0 International license (http://creativecommons.org/licenses/by-nc/4.0/) Topics • What is SSH • Where to get SSH • How to enable and configure SSH • Where to get SSH clients for Windows • Host keys: authentication of server to client • Issues to do with changing of the host key • Password authentication of client to server • Cryptographic authentication client to server • hostkey exchange, scp, and sftp labs What is SSH? From Wikipedia: Secure Shell (SSH) is a cryptographic network protocol for secure data communication, remote command-line login, remote command execution, and other secure network services between two networked computers that connects, via a secure channel over an insecure network, a server and a client (running SSH server and SSH client programs, respectively). i.e., ssh gives you a secure command line interface on remote machines… Topics • Where SSH applies directly to dealing with these two areas of security: - Confidentiality - Keeping our data safe from prying eyes • Authentication and Authorization - Is this person who they claim to be? - With keys alternative method to passwords Where to get SSH • First see if SSH is installed on your system and what version. Easiest way is: $ ssh ±V • Commonly used SSH in Linux and FreeBSD is OpenSSH. You can find the home page here: http://www.openssh.org/ • You can install OpenSSH via packages on Linux and FreeBSD. Ubuntu 12.04.3 LTS currently installs version 5.9p1 of OpenSSH. Obtain SSH Client for Windows There are several free, shareware, and commercial ssh clients for Windows.
    [Show full text]
  • Imail V12 Web Client Help
    Ipswitch, Inc. Web: www.imailserver.com 753 Broad Street Phone: 706-312-3535 Suite 200 Fax: 706-868-8655 Augusta, GA 30901-5518 Copyrights ©2011 Ipswitch, Inc. All rights reserved. IMail Server – Web Client Help This manual, as well as the software described in it, is furnished under license and may be used or copied only in accordance with the terms of such license. Except as permitted by such license, no part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, recording, or otherwise, without the expressed prior written consent of Ipswitch, Inc. The content of this manual is furnished for informational use only, is subject to change without notice, and should not be construed as a commitment by Ipswitch, Inc. While every effort has been made to assure the accuracy of the information contained herein, Ipswitch, Inc. assumes no responsibility for errors or omissions. Ipswitch, Inc. also assumes no liability for damages resulting from the use of the information contained in this document. Ipswitch Collaboration Suite (ICS), the Ipswitch Collaboration Suite (ICS) logo, IMail, the IMail logo, WhatsUp, the WhatsUp logo, WS_FTP, the WS_FTP logos, Ipswitch Instant Messaging (IM), the Ipswitch Instant Messaging (IM) logo, Ipswitch, and the Ipswitch logo are trademarks of Ipswitch, Inc. Other products and their brands or company names are or may be trademarks or registered trademarks, and are the property of their respective companies. Update History December 2011 v12 April 2011 v11.5 October 2010 v11.03 May 2010 v11.02 Contents CHAPTER 1 Introduction to IMail Web Client About Ipswitch Web Messaging Help ..................................................................................................................
    [Show full text]
  • Everyone's Guide to Bypassing Internet Censorship
    EVERYONE’S GUIDE TO BY-PASSING INTERNET CENSORSHIP FOR CITIZENS WORLDWIDE A CIVISEC PROJECT The Citizen Lab The University of Toronto September, 2007 cover illustration by Jane Gowan Glossary page 4 Introduction page 5 Choosing Circumvention page 8 User self-assessment Provider self-assessment Technology page 17 Web-based Circumvention Systems Tunneling Software Anonymous Communications Systems Tricks of the trade page 28 Things to remember page 29 Further reading page 29 Circumvention Technologies Circumvention technologies are any tools, software, or methods used to bypass Inter- net filtering. These can range from complex computer programs to relatively simple manual steps, such as accessing a banned website stored on a search engine’s cache, instead of trying to access it directly. Circumvention Providers Circumvention providers install software on a computer in a non-filtered location and make connections to this computer available to those who access the Internet from a censored location. Circumvention providers can range from large commercial organi- zations offering circumvention services for a fee to individuals providing circumven- tion services for free. Circumvention Users Circumvention users are individuals who use circumvention technologies to bypass Internet content filtering. 4 Internet censorship, or content filtering, has become a major global problem. Whereas once it was assumed that states could not control Internet communications, according to research by the OpenNet Initiative (http://opennet.net) more than 25 countries now engage in Internet censorship practices. Those with the most pervasive filtering policies have been found to routinely block access to human rights organi- zations, news, blogs, and web services that challenge the status quo or are deemed threatening or undesirable.
    [Show full text]
  • Designing a User Interface for the Innovative E-Mail Client Semester Thesis
    Designing a User Interface for the Innovative E-mail Client Semester Thesis Student: Alexandra Burns Supervising Professor: Prof. Bertrand Meyer Supervising Assistants: Stephanie Balzer, Joseph N. Ruskiewicz December 2005 - April 2006 1 Abstract Email Clients have become a crucial application, both in business and for per- sonal use. The term information overload refers to the time consuming issue of keeping up with large amounts of incoming and stored email. Users face this problem on a daily basis and therefore benefit from an email client that allows them to efficiently search, display and store their email. The goal of this thesis is to build a graphical user interface for the innovative email client developed in a previous master thesis. It also explores the possibilities of designing a user interface outside of the business rules that apply for commercial solutions. 1 Contents 1 Introduction 4 2 Existing Work 6 2.1 ReMail ................................. 6 2.1.1 Methods ............................ 6 2.1.2 Problems Identified ...................... 7 2.1.3 Proposed Solutions ...................... 7 2.1.4 Assessment .......................... 8 2.2 Inner Circle .............................. 8 2.2.1 Methods ............................ 8 2.2.2 Problems Identified ...................... 9 2.2.3 Proposed Solutions ...................... 9 2.2.4 Assessment .......................... 10 2.3 TaskMaster .............................. 10 2.3.1 Methods ............................ 10 2.3.2 Problems Identified ...................... 11 2.3.3 Proposed Solution ...................... 11 2.3.4 Assessment .......................... 12 2.4 Email Overload ............................ 12 2.4.1 Methods ............................ 12 2.4.2 Problems Identified ...................... 13 2.4.3 Proposed Solutions ...................... 13 2.4.4 Assessment .......................... 14 3 Existing Solutions 16 3.1 Existing Email Clients .......................
    [Show full text]
  • Peer to Peer Networks Contents
    Peer to Peer Networks Contents The Client Explorer helps you manage all your client data files. Users on a network can Types of Network installs .................. 2 share the same database so that the index is constantly up-to-date for all to see, and files Network Configuration ...................... 3 never disappear in forgotten local folders. Client Explorer Server Install - Peer If you run ProFile on a network and intend to share databases or manage client files be- to Peer Networks ......................... 4 tween different workstations, you must install and configure a ProFile database server on Share database between worksta- at least one networked computer. The ProFile Server ensures that different machines can tions ............................................. 5 share Client Explorer data across the network. Note: If your computer is not on a network, Use ProFile on a Network ................. 6 you should not use the ProFile Server installer. The following instructions are intended for network administrators or for ProFile users who are knowledgeable in systems and network configuration. What can we share on our network? Network configuration Before installing on a network, make sure that your ProFile is designed for users in a network environment as well as licence agreement covers the number of users who will those on stand-alone workstations. On a network you may choose have access to the software. If you have any questions, any or all of these options: please call us at 1.800.452.9970 • Share the same ProFile program
    [Show full text]
  • Configure Mac Mail 4.2 (And Higher) to Access Mcgill Email
    Configure Mac Mail 4.2 (and higher) to access McGill email Note: These instructions use the recommended MS Exchange protocol, which gives you full access to the features of Exchange email, including the Global Address Book contacts and calendaring. However, if you wish, you may set up your email client using IMAP or POP protocol. For an overview of all email protocols, and the pros and cons of each, see Email 101 - fundamentals. 1. Launch Mail (.app) from the dock or from Applications folder. 2. In the Welcome screen: 1. Enter the following information: . Name: your full name, as you want mail recipients to see it. Email Address: your McGill email address ([email protected] or [email protected] - same as your McGill Username) Password: your McGill Password 2. After filling in the fields, hold down the Option and command keys at the same time before clicking Continue. 3. For the Incoming Mail Server, enter the following and then click Continue: o Account Type: select Exchange 2010. * Note: If you are using OS X 10.7 or 10.8, you will only have to select Exchange. o Description: Enter a description, such as "McGill Email". o Incoming Mail Server: "exchange.mcgill.ca" o User Name: your McGill Username o Password: your McGill Password o Address Book contacts and iCal calendars checkboxes are selected by default. You can deselect these choices if desired before clicking Continue. 4. The Account Summary screen should look like the screenshot below, with Take account online selected by default. Click Create. Note on attachments: The maximum size allowed for an attachment in Mac Mail is 5 MB.
    [Show full text]
  • Emails in Silent Danger
    Emails in Silent Danger SMTP Proposals Take Aim at Prominent TLS Security Gaps By: Cathy Kingeter, Senior Product Marketing Manager for Zix Corporation Published December 2016 Focus on Securing Emails “In-transit” Email is the heartbeat of business communications with more than 883 million workers worldwide using email for business. But, did you know that email is inherently insecure? When you send an email, your company’s and customers’ confidential information could be eavesdropped on, potentially intercepted and setup for malicious attack – all without your knowledge. Email breaches often go undetected, and the dangers are not evident until the damage is done. As evidenced by recent compromises experienced by Yahoo!, Democratic National Convention, Hillary Clinton and Colin Powell. In some cases attacks went undetected for years, while attackers lurked waiting for incentives to reveal their spoils. How do businesses combat threats to email security? A comprehensive approach is required as every email is susceptible to multiple danger points where it can be compromised by an attacker. On the user’s machine as a message is composed and stored, between sending email client and sending email server, in-transit as message traverses the internet, and finally as email travels from receiving mail server to recipient users device. Happening in seconds, it can be an extended journey with multiple stops. While security risks are at every stage, the most insecure phase is after the email has left your network and is in-transit over the internet. Here attacks are not visible to your security monitors and tools, leaving email content and attachments vulnerable to attack.
    [Show full text]
  • Retain for Groupwise
    Data Sheet Information Management & Governance Retain for GroupWise Micro Focus® Retain™ provides enterprise-level archiving for GroupWise® on-premises or in the cloud. Retain securely archives all email, appointments, files, and attachments for Micro Focus GroupWise. This data is archived in one central location, which can be accessed by end users and administrators directly through Retain’s Web Access Archive Viewer. Product Highlights source, item type, message status, the age of Retain Unified Archiving The Retain archive includes powerful tools to the message, and attachments. You can also enable your organization to quickly access, filter by folder and attachment type. In addition, search, and audit archived communication data. Retain has the ability to implement retention Easily place litigation holds, print, forward, save, policies for all archived data. redact, and export your message data. Retain In addition to GroupWise email archiving, reduces cost, mitigates risk, and manages Flexible Archive Access: The Retain Archive Retain provides unified archiving of all business communication including email, social media, and complexity on-premises or in the cloud. can be browsed and searched directly from mobile communication data for case assessment, mul tiple access points, including the end user search, and eDiscovery. It can be deployed Key Features email client, the Retain mobile app, the browser- on-premises or in the cloud. based web access client, and the Offline Archive Environment Options Viewer. Plus, archived data can be exported to a Supported GroupWise Systems: Retain portable stand-alone archive viewer. sup ports archiving for GroupWise 7.0.3 HP1 or above, GroupWise 8, GroupWise 2012, GroupWise Messenger Archiving: Archive all GroupWise 2014+, and GroupWise 18+.
    [Show full text]
  • A Security Analysis of Email Communications
    A security analysis of email communications Ignacio Sanchez Apostolos Malatras Iwen Coisel Reviewed by: Jean Pierre Nordvik 2 0 1 5 EUR 28509 EN European Commission Joint Research Centre Institute for the Protection and Security of the Citizen Contact information Ignacio Sanchez Address: Joint Research Centre, Via Enrico Fermi 2749, I - 21027 Ispra (VA), Italia E-mail: [email protected] JRC Science Hub https://ec.europa.eu/jrc Legal Notice This publication is a Technical Report by the Joint Research Centre, the European Commission’s in-house science service. It aims to provide evidence-based scientific support to the European policy-making process. The scientific output expressed does not imply a policy position of the European Commission. Neither the European Commission nor any person acting on behalf of the Commission is responsible for the use which might be made of this publication. All images © European Union 2015, except: Frontpage : © bluebay2014, fotolia.com JRC 99372 EUR 28509 EN ISSN 1831-9424 ISBN 978-92-79-66503-5 doi:10.2760/319735 Luxembourg: Publications Office of the European Union, 2015 © European Union, 2015 Reproduction is authorised provided the source is acknowledged. Printed in Italy Abstract The objective of this report is to analyse the security and privacy risks of email communications and identify technical countermeasures capable of mitigating them effectively. In order to do so, the report analyses from a technical point of view the core set of communication protocols and standards that support email communications in order to identify and understand the existing security and privacy vulnerabilities. On the basis of this analysis, the report identifies and analyses technical countermeasures, in the form of newer standards, protocols and tools, aimed at ensuring a better protection of the security and privacy of email communications.
    [Show full text]