如何建立安全的電子郵件
文章來源: 文章作者: 發布時間:2006-11-24 06:56 字體: [ ]  進入論壇
(單詞翻譯:雙擊或拖選)
Unencrypted messages can be hijacked1 in transit2 and read or altered.If the mail is not digitally signed,you can’t be sure where it came from.
There are many options for securing e-mail,all with a few strengths and probably more weaknesses.
Let’s take care of the easy decisions.Secure/Multipurpose Internet Mail Extensions(S/MIME)should be the message encryption and digital signature format3 because it’s the accepted standard and is built into leading e-mail clients such as Microsoft Outlook 98/2000 and Lotus Notes R5.Yet a standard such as S/MIME only takes you so far.Each vendor4 has implemented5 its own interpretation6 of S/MIME,which makes interoperability problematic.This drawback is exacerbated7 by the emergence8 of S/MIME Version 3 in the newest e-mail clients,which again could create interoperability issues.
The path of least resistance is to get an e-mail security gateway9, which is analogous10 to a firewall for e-mail.Every message going in or out pases through the gateway,allowing security policies to be enforced (where and when messages can be sent),virus checking to be performed,and messages to be signed and encrypted. One drawback of the gateway approach is that it doesn’t provide user-based security.For example,the gateway encrypts outbound messages so recipients12 can verify they came from your company,but recipients can’t prove from whom they came.
Client-based methods use your private key to sign messages(proving it came from you),which is a more granular level of security,but they have weaknesses as well.They need to be configured on each desktop,which includes issuing a digital certificate to each user (for encryption and digital signature),and ensuring that a proper security profile is configured within the e-mail client.
There are also a number of Web-based secure mail services that keep all messages within their environment at all times to ensure security.You use a secure site on the Internet to compose a message.Once you hit“Send”,the site encrypts and stores the message on its site,and sends the recipient11 an e-mail notification that a secure message is waiting.The recipient links to the site, provides a shared secret for authentication,and accesses the message via Secure Sockets13 Layer. Unfortunately,this method does not work with existing enterprise e-mail systems.
The stickiest issue is building a directory of digital certificates.This directory holds the certificates needed to encrypt messages to a recipient.Internally,building the directory may not be a big deal because all certificates for a company can be published in a central Lightweight Directory Access Protocol14 server,but externally this causes many problems.You will need to establish an agreement with a recipient’s organization to ensure access to the right digital certificates.This process, however, creates more user training issues and adds complexity15 to e-mail communications.
Although there is technology available for secure e-mail, widespread deployment16 is still problematic. However,as more companies and regular e-mail users see the need to secure their messages,the use of digital certificates will one day become a transparent17 part of your everyday activities.

  未加密的信息可能在傳輸中被截獲、偷看或竄改。如果郵件不是數字簽名的,你就不能肯定郵件是從哪里來的。
  確保電子郵件的安全有多種選擇,它們都有些長處,但有可能存在更多弱點。
  讓我們先關注一下容易做的決定,安全/多用途因特網郵件擴展(S/MIME)應該是信息加密和數字簽名的格式,因為它是已被認可的標準,被做進了主要的電子郵件客戶端軟件中,如微軟的Outlook 98/2000和蓮花公司的Notes R5。迄今為止,你只能用S/MIME一類的標準。每家供應商都有自己對S/MIME的解釋,這就引出 了互用性問題,最新的電子郵件客戶端軟件中S/MIME三版的出現,加重了這個缺陷,它再次可能帶來互用性問題。
  阻力最小的道路就是采用電子郵件安全網關,它相當于電子郵件的防火墻。進出的每一條信息都要經過網關,網關可以實施安全政策(信息在何 時向何地發送)、執行病毒檢查并給信息簽名和加密。這種網關方法的一個缺陷就是它不 能提供基于用戶的安全性。例如,網關對向外發的信息進行加密,因而接收方能驗證它 們來自你的公司,但接收方不能證明它們來自哪個人。
  基于客戶端的方法采用你私人密鑰來簽署信息(證明它出自于你),這是更細化的安全等級,但它們也有弱點。它們需要配置到每個桌面系統,包括向每個用戶發數字證書(用于加密和數字簽名),并確保在每個電子郵件客戶端都配置了合適的安全配置文件。
  也有多種基于Web的安全郵件服務,這些服務在任何時候把所有信息都保持在它們的環境中,以確保安全性。你利用因特網上一個安全網站來 編寫信息,一旦你點擊了“發送”,網站就進行加密和把信息保存在該網站中,并向接收方發一份電子郵件通知,告訴他有一份安全的信息等他去接收。接收方鏈接到該網站,提供用于認證的共享秘密,通過安全入口層(SSL)訪問該信息。可惜,此方法不能與現有的企業電子郵件系統一起工作。
  最困難的問題是建立數字證書目錄。此目錄保存著向一名接收人發的信息進行加密所需的證書。從內部講,建目錄可能不是件大事,因為一家公司的所有證書可以由中央簡化目錄訪問協議服務器頒發,但從外部講,這會引起很多問題。你需要與收件人所在組織達成協議,以確保訪問正確的數字證書。然而,這個過程會造成更多的用戶培訓問題以及增加電子郵件通信的復雜性。
  雖然已有技術可用于安全的電子郵件,但廣泛部署仍是個問題。然而,隨著更多的公司和普通電子郵件用戶看到了確保其信息安全的需要,終 有一天使用數字證書會變得透明,成為你日常生活的一部分。 


點擊收聽單詞發音收聽單詞發音  

1 hijacked 54f3e68c506e45e75f9a155a27738c2f     
劫持( hijack的過去式和過去分詞 ); 綁架; 攔路搶劫; 操縱(會議等,以推銷自己的意圖)
參考例句:
  • The plane was hijacked by two armed men on a flight from London to Rome. 飛機在從倫敦飛往羅馬途中遭到兩名持械男子劫持。
  • The plane was hijacked soon after it took off. 那架飛機起飛后不久被劫持了。
2 transit MglzVT     
n.經過,運輸;vt.穿越,旋轉;vi.越過
參考例句:
  • His luggage was lost in transit.他的行李在運送中丟失。
  • The canal can transit a total of 50 ships daily.這條運河每天能通過50條船。
3 format giJxb     
n.設計,版式;[計算機]格式,DOS命令:格式化(磁盤),用于空盤或使用過的磁盤建立新空盤來存儲數據;v.使格式化,設計,安排
參考例句:
  • Please format this floppy disc.請將這張軟盤格式化。
  • The format of the figure is very tasteful.該圖表的格式很雅致。
4 vendor 3izwB     
n.賣主;小販
參考例句:
  • She looked at the vendor who cheated her the other day with distaste.她厭惡地望著那個前幾天曾經欺騙過她的小販。
  • He must inform the vendor immediately.他必須立即通知賣方。
5 implemented a0211e5272f6fc75ac06e2d62558aff0     
v.實現( implement的過去式和過去分詞 );執行;貫徹;使生效
參考例句:
  • This agreement, if not implemented, is a mere scrap of paper. 這個協定如不執行只不過是一紙空文。 來自《現代漢英綜合大詞典》
  • The economy is in danger of collapse unless far-reaching reforms are implemented. 如果不實施影響深遠的改革,經濟就面臨崩潰的危險。 來自辭典例句
6 interpretation P5jxQ     
n.解釋,說明,描述;藝術處理
參考例句:
  • His statement admits of one interpretation only.他的話只有一種解釋。
  • Analysis and interpretation is a very personal thing.分析與說明是個很主觀的事情。
7 exacerbated 93c37be5dc6e60a8bbd0f2eab618d2eb     
v.使惡化,使加重( exacerbate的過去式和過去分詞 )
參考例句:
  • The symptoms may be exacerbated by certain drugs. 這些癥狀可能會因為某些藥物而加重。
  • The drugs they gave her only exacerbated the pain. 他們給她吃的藥只是加重了她的痛楚。 來自《簡明英漢詞典》
8 emergence 5p3xr     
n.浮現,顯現,出現,(植物)突出體
參考例句:
  • The last decade saw the emergence of a dynamic economy.最近10年見證了經濟增長的姿態。
  • Language emerges and develops with the emergence and development of society.語言是隨著社會的產生而產生,隨著社會的發展而發展的。
9 gateway GhFxY     
n.大門口,出入口,途徑,方法
參考例句:
  • Hard work is the gateway to success.努力工作是通往成功之路。
  • A man collected tolls at the gateway.一個人在大門口收通行費。
10 analogous aLdyQ     
adj.相似的;類似的
參考例句:
  • The two situations are roughly analogous.兩種情況大致相似。
  • The company is in a position closely analogous to that of its main rival.該公司與主要競爭對手的處境極為相似。
11 recipient QA8zF     
a.接受的,感受性強的 n.接受者,感受者,容器
參考例句:
  • Please check that you have a valid email certificate for each recipient. 請檢查是否對每個接收者都有有效的電子郵件證書。
  • Colombia is the biggest U . S aid recipient in Latin America. 哥倫比亞是美國在拉丁美洲最大的援助對象。
12 recipients 972af69bf73f8ad23a446a346a6f0fff     
adj.接受的;受領的;容納的;愿意接受的n.收件人;接受者;受領者;接受器
參考例句:
  • The recipients of the prizes had their names printed in the paper. 獲獎者的姓名登在報上。 來自《簡明英漢詞典》
  • The recipients of prizes had their names printed in the paper. 獲獎者名單登在報上。 來自《現代英漢綜合大詞典》
13 sockets ffe33a3f6e35505faba01d17fd07d641     
n.套接字,使應用程序能夠讀寫與收發通訊協定(protocol)與資料的程序( Socket的名詞復數 );孔( socket的名詞復數 );(電器上的)插口;托座;凹穴
參考例句:
  • All new PCs now have USB sockets. 新的個人計算機現在都有通用串行總線插孔。
  • Make sure the sockets in your house are fingerproof. 確保你房中的插座是防觸電的。 來自超越目標英語 第4冊
14 protocol nRQxG     
n.議定書,草約,會談記錄,外交禮節
參考例句:
  • We must observe the correct protocol.我們必須遵守應有的禮儀。
  • The statesmen signed a protocol.那些政治家簽了議定書。
15 complexity KO9z3     
n.復雜(性),復雜的事物
參考例句:
  • Only now did he understand the full complexity of the problem.直到現在他才明白這一問題的全部復雜性。
  • The complexity of the road map puzzled me.錯綜復雜的公路圖把我搞糊涂了。
16 deployment 06e5c0d0f9eabd9525e5f9dc4f6f37cf     
n. 部署,展開
參考例句:
  • He has inquired out the deployment of the enemy troops. 他已查出敵軍的兵力部署情況。
  • Quality function deployment (QFD) is a widely used customer-driven quality, design and manufacturing management tool. 質量功能展開(quality function deployment,QFD)是一個廣泛應用的顧客需求驅動的設計、制造和質量管理工具。
17 transparent Smhwx     
adj.明顯的,無疑的;透明的
參考例句:
  • The water is so transparent that we can see the fishes swimming.水清澈透明,可以看到魚兒游來游去。
  • The window glass is transparent.窗玻璃是透明的。
TAG標簽:
發表評論
請自覺遵守互聯網相關的政策法規,嚴禁發布色情、暴力、反動的言論。
評價:
表情:
驗證碼:點擊我更換圖片
必威体育官网 <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <文本链> <文本链> <文本链> <文本链> <文本链> <文本链>