Secure Messaging
Secure Messaging ( English for " Secure Mail " ) refers to a server-based secure e- mail system. E -mails are protected during transmission before inspection by third parties, confidentiality is guaranteed. Secure Messages have a high liability because the recipients are identified similar to Internet banking in the first communication personally and transactions can be notarized by the Secure E -mail platform.
Operation
Secure Messaging is an online service. The user logs on to a secure messaging platform and receives a user account. As with an ordinary e- mail account the user logs in at every use of secure messaging with username and password (or strong authentication ) in his account. There he can send encrypted e -mail messages over a secure SSL connection to various recipients. Upon initial contact with a receiver a unique communication password (Message Unlock Code, MUC) comes to train. The solution integrates without installation of software in the standard e -mail environment.
Send a Secure Message
MUC (Message Unlock Code )
A MUC is a communication password that is transmitted from the transmitter upon initial contact with a recipient of a secure e -mail. For safety reasons ( out of band ), a MUC is the receiver on a channel other than via e -mail communicated (eg in person, by telephone or by SMS). With the MUC, the receiver can pick up via a secure SSL connection confidential message on the secure messaging server. When a contact has been once checked by the code, it needs no longer the subsequent E- mail contact. This possible incorrect deliveries can be prevented, and only the intended recipient can open the secure message.
Shipping options
Secure messaging has different shipping methods. In addition to a protected web environment, there is the possibility of S / MIME or PGP encrypted communication and secure communication with all mail domains or individual e- mail programs (via SMTP / TLS according RFC 2487 or eg POP3 with SSL). In a mail to different recipients various deliveries can be considered.
Trust Management
Secure Messaging relies on the method of dynamic personal trust network ( Dynamic Personal Web of Trust). This method synthesizes the authentication approach of the Web of Trust, which was known by PGP, with the advantages of a hierarchical structure, as is known to offer from centralized PKI systems, which combined with certifications high quality of electronic identities. The approach puts the user in the center and allows immediate and personal trust structure, respectively cancellation ( revocation ), and the modeling of Informationsaustäuschen ( usage control).
Difference by e- mail to the secure messaging
Secure Messaging is a paradigm shift to the known e -mail procedures and protocol (RFC 822). Messages will only be encrypted and authenticated to the receiver delivered. Moreover, in addition to the confidentiality of the contents and relationship confidentiality be achieved - ie it is for a third party (eg ISP) that observes a user of Secure Messaging, not obvious, with whom communicated to the other side.
Application
Secure messaging is used in many business areas with firmenübergreifendem, sensitive and schützenswertem data exchange application. So putting financial institutions, insurance companies, government, healthcare organizations and information services to the protection with secure messaging. When using Secure Messaging in enterprises, the service can be integrated into the existing e -mail infrastructure (Microsoft Outlook, Mozilla Thunderbird, Lotus Notes, GroupWise, etc.).
In the administrative environment secure messaging can take over functions of electronic delivery ( post office). For this to come into legal validity, require individual countries accredited as ' Secure transmission platform ' (eg Switzerland )