• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Slingmail International Presentation With Voice
 

Slingmail International Presentation With Voice

on

  • 771 views

SlingMail has developed a method for securing data in motion. The basis for all SlingMail products and solutions is our architecture, a platform of security functions that combines rock solid security ...

SlingMail has developed a method for securing data in motion. The basis for all SlingMail products and solutions is our architecture, a platform of security functions that combines rock solid security with the tools that organizations need to maintain control over one of their most valuable resources – information.

By providing a baseline for secure information sharing, SlingMail architecture was designed to protect data by ensuring confidentiality, integrity and non-repudiation.

Statistics

Views

Total Views
771
Views on SlideShare
768
Embed Views
3

Actions

Likes
0
Downloads
4
Comments
0

3 Embeds 3

https://si0.twimg.com 1
http://www.linkedin.com 1
http://translate.googleusercontent.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Slingmail International Presentation With Voice Slingmail International Presentation With Voice Presentation Transcript

    • 1
    • OVERVIEWØ  Slingmail  is  a  service  that  gives  you  the  ability  to  communicate  with  other’s   in  confidence.  It  is  an  encryp:on  so;ware  for  secured  Blackberry  to   Blackberry  email  messaging  Ø  SlingMail  has  been  providing  this  high-­‐level  of  encryp:on  for  10  years  since   2002  Ø  The  markets  covered  by  SlingMail  to-­‐date  are  North  America,  Europe,   Middle  East,  Japan,  Russia  &  South  East  Asia  now  Ø  SlingMail  uses  two  levels  of  strong  encryp:on  for securing data in motionØ  Security  is  further  enhanced  as  communica:on  is  within  a  closed  system,   hence  minimizing  cyber  aMacks.  Data  is  con:nuously  being  purged  as  we   don’t  store  data.  The  keys  are  constantly  changing  and  servers  are  in  a  safe   jurisdic:on   2
    • OVERVIEWØ  The  basis  for  all  SlingMail  products  and  solu:ons  is  our  architecture,  a  plaQorm   of  security  func:ons  that  combines  rock  solid  security  with  the  tools  that   organiza:ons  need  to  maintain  control  over  one  of  their  most  valuable   resources  –  informa:on.  Ø  SlingMail  is  specially  developed  for  Influen:al  World  Organiza:ons,   Governments,  Special  Forces,  Defence  Contractors,  Research  Ins:tu:ons,   Telcos,  Broadcas:ng,  Financial  Ins:tu:ons,  MNC’s,  High  Net  Worth   Individuals  and  Celebri:es.  Ø  SlingMail  Voice  Encryp:on  on  one  device.     3
    • Global Situation (Past & Current) 4
    • BLACKBERRY A THREAT TO FRENCH NATIONAL SECURITYSecurity    By  Humphrey  Cheung  TG  Daily          Thursday,  June  21,  2007  10:04    Paris  (France)  –  French  government  officials  are  ditching  their  Blackberry   devices  for  fears  of  American  eavesdropping.    A  government  advisory,  which   is  being  sent  to  all  French  ministries,  claims  that  the  wireless  email  messages   can  be  intercepted  because  they  pass  through  servers  in  Canada,  United   States  and  the  United  Kingdom.    Research  in  MoKon  adamantly  assures  the   French  that  the  emails  are  secure  from  everyone,  even  from  employees  at   RIM.     The  French  believe  the  emails  could  be  intercepted  and  read  by  the  U.S.   Na:onal  Security  Agency,  but  RIM  says  the  emails  are  heavily  encrypted  by   256-­‐bit  strength  AES  (Advanced  Encryp:on  Standard).    The  sender  and   receiver  addresses  are  also  encrypted.         The  advisory  was  wriMen  by  the  French  secretary-­‐general  for  na:onal  defense   and  first  made  its  rounds  two  years  ago,  but  has  since  been  updated  and  re-­‐ circulated.     5
    • GOVT MAY GET KEYS TO YOUR BLACKBERRY MAILBOX SOON15  May  2008,  0810  hrs  IST,  Rashmi  Pratap,  TNN  The  Economic  Times      MUMBAI:  In  a  major  change  of  stance,  Canada-­‐based  Research  In  Mo:on  (RIM)  may   allow  the  Indian  government  to  intercept  non-­‐corporate  emails  sent  over  BlackBerrys.   This  is  expected  to  solve  the  row  between  the  Department  of  Telecom  (DoT)  and  RIM   to  a  large  extent,  since  the  government’s  security  concerns  pertain  more  to  emails   from  individual  users  than  enterprise  customers.       At  the  core  of  the  issue  is  the  data  encryp:on  technology  used  in  BlackBerrys.   BlackBerry  uses  a  very  high  level  of  encryp:on  —  at  256  bits  —  while  sending  data.   BlackBerry  scrambles  messages  before  sending  and  unscrambles  them  at  the  receiver’s   BlackBerry.  Owing  to  security  concerns,  the  government  wants  to  be  able  to  intercept   and  decode  the  data.       However,  the  government’s  decryp:on  so;ware  can  decode  messages  encrypted  only   up  to  40  bits.  India  wants  RIM  to  either  hand  over  the  decryp:on  keys  or  reduce   encryp:on  to  40  bits.       According  to  officials  close  to  the  development,  Canadian  High  Commissioner  David   Malone  and  RIM  officials  met  telecom  secretary  Siddhartha  Behura  on  May  7  .  “It  was   explained  by  RIM  that  it  should  be  possible  for  the  government  to  monitor  emails  to   non-­‐business  enterprise  customers,”  sources  told  ET.  “RIM  is  considering  giving  access   to  individual  users’  email  to  the  government.  Details  on  this  will  be  provided  in  two  or   three  weeks,”  sources  said.     6
    • UAE BLACKBERRY UPDATE WAS SPYWAREJuly  21,  2009  BBC  Middle  East  Business  Report,  Dubai  BBC  World  News  An  update  for  Blackberry  users  in  the  United  Arab  Emirates  could  allow  unauthorized  access  to    private  informa:on  and  e-­‐mails.    The  update  was  prompted  by  a  text  from  UAE  telecoms  firm  E:salat,  sugges:ng  it  would   improve  performance.  Instead,  the  update  resulted  in  crashes  or  dras:cally  reduced  baMery  life.    E:salat  is  a  major  telecommunica:ons  firm  based  in  the  UAE,  with  145,000  Blackberry  users  on  its  books.  In  the  statement,  RIM  told  customers  that  “E:salat  appears  to  have  distributed    a  telecommunicaKons  surveillance  applicaKon...  Independent  sources  have  concluded  that  it  is  possible  that  the  installed  so;ware  could  then  enable  unauthorised  access  to  private  or  confiden:al  informa:on  stored  on  the  user’s  smartphone”.       7
    • Solution Features two strong levels of encryption,purging of data, constant changing of keys, servers in a secure environment and a closed system 8
    • Features 9
    • How  SlingMail  Works  By  providing  a  baseline  for  secure  informa:on  sharing,  SlingMail  architecture  was  designed  to  protect  data  by  ensuring  confiden:ality,  integrity  and  non-­‐repudia:on.  ConfidenKality  -­‐  SlingMail  ensures  the  intended  recipient  can  examine  the  message.  Dealing  with  data  in  mo:on,  privacy  and  confiden:ality  can  be  assured  through  a  process  of  valida:on,  authoriza:on  and  encryp:on.Integrity  -­‐  ensures  a  message  has  not  been  tampered  while  in  transit.  One  of  the  steps  of  integrity  can  be  achieved  by  their  own  unique  password  to  send  and  view  messages.  Another  step  taken  to  validate  the  integrity  of  an  email  is  the  use  of  our  mathema:cal  computa:on  that  is  uniquely  generated  at  place  of  origin  so  not  one  strain  of  data  is  the  same.EncrypKon  -­‐  modifies  data  so  that  the  resul:ng  message  can  be  read  only  with  the  aid  of  addi:onal  informa:on  –  a  key  that’s  obtainable  only  to  the  sender  and  the  intended  target.  SlingMail  supports  four  types  of  encryp:on  the  Advanced  Encryp:on  Standard  (AES),  3DES  encryp:on  algorithms  in  all  of  its  encryp:on  so;ware,  S/MIME  (Secure/Mul:purpose  Internet  Mail  Extensions)  and  our  unique  keys  generator.  The  key  server  generates  a  new  random  key,  stores  it  and  returns  a  copy  to  the  sending  so;ware  to  use  for  encryp:on.  When  recipient  receives  an  encrypted  email,  the  key  server  is  contacted  to  request  the  key.  If  recipient  is  authorized  to  view  the  intended  email,  the  key  is  retrieved  and  the  message  decrypted.    All  of  these  steps  ensure  that  a  message  actually  came  from  the  indicated  sender  and  not  from  an  imposter.  The  benefit  is  an  assured  level  of  security  unparalleled  in  the  industry.     10
    • SLINGMAIL 1ST LEVEL OF ENCRYPTIONSender’s  of  Email  Slingmail  senders  email  is  encrypted    with  2  full  levels  of   AES256;  ie  (AES256  +  AES256  =  512  bits  encrypKon)  3DES  &   S/MIME    Ø  In  cryptography,  the  Advanced  EncrypKon  Standard  (AES)  is   an  encryp:on  standard  adopted  by  the  U.S.  government.  Ø  In  June  2003,  the  US  Government  announced  that  AES  may  be   used  to  protect  classified  informa:on   11
    • SLINGMAIL 2ND LEVEL OF ENCRYPTIONReceiver’s  of  Email  4096  bit  public  /  private  key  security  Ø  Email  messages  sent  from  the  senders  Blackberry  is  encrypted   at  512  bit  encryp:on  via  S/MIME.    Ø  Messages  arriving  at  Sling  Mails  server  is  further  encrypted  at   4096  bit  encryp:on  level  Ø  Messages  are  then  forwarded  and  received  by  the  receivers   Blackberry  at  4096  bit  security  level  Ø  Only  persons  authorized  to  receive  from  the  sender  will  have   the  private  key  to  decrypt  the  messages   12
    • FURTHER LEVELS OF SECURITY1.  Live  cer:ficate  revoca:on  2.  SlingMail’s  own  cer:ficate  authority  3.  We  do  not  keep  private  keys  on  the  system,  as  your   private  key  is  deleted  once  it  is  delivered  to  end   user  4.  All  keys  used  to  encrypt  emails  have  a  short  life:me.   Keys  are  changed  every  20  days   13
    • CON’T5.  Servers  are  located  in  a  territory  not  subject  to   legisla:on  that  allow  govts  unprecedented  access   to  your  communica:ons  6.  Data  is  purged  from  the  servers  every  60  mins  7.  Emails  in  your  in  box  are  purged  every  10  days  8.  All  this  security  measures  is  then  further  protected  in  a   :ghtly  controlled  system;  i.e.  a  closed  system   14
    • WHY IS THIS LEVEL OF SECURITY NECESSARY?Benefits    1)  By  not  keeping  your  private  key  and  changing  it   frequently,  Slingmail  and  any  other  party  cannot   recover  your  encrypted  mail  2)  Based  in  a  jurisdic:on  not  subject  to  legisla:on  to   keep  or  release  data,  hence,  we  do  not  keep  any   records  or  communica:ons  sent  on  our  systems.   You  will  never  need  to  worry  that  someone  will   somehow  get  them  years  from  now  3)  By  purging  data  on  our  server  every  60  mins,  hence,     we  cannot  recover  encrypted  data  at  all,  EVER   15
    • CON’T4)  Every  single  computer  system  is  subject  to  aMack.   With  a  closed  system,  we  reduce  the  "aMack   surface"  of  our  product  down  to  the  minimum.    Secondly,  we  have  a  beMer  ability  for  aggressive   and  intelligent  monitoring  to  discover  "untoward   ac:vi:es".  Hence,  this  means  we  keep  a  good  eye  on  it,  as  well  as   be  aggressive  in  protec:ng  it.     Systems  that  aMempt  to  be  everything  to  everyone   open  themselves  up  to  everyone.     WE  DO  NOT 16
    • APPLICATIONS Server is only a gateway Server decrypts Acts only as message to a transporter 4096 bits Sender ReceiverPrivate Key’s @ 512bit Private Key’s @ 512bit 17
    • REQUIREMENTS•  Wireless  BES  E-­‐mail  Service    •  Device  need  to  have  GPRS   Service  •  If  use  local  Telco  service  to   ac:vate  device,  need  to  make   sure  they  have  gateway  with   RIM/Blackberry   18
    • SLINGSECURE MOBILE VOICE ENCRYPTIONProtecKng  Valuable  InformaKon  •  Organiza:ons  make  significant  efforts  to  protect  their  valuable  data  from  loss   or  intercep:on  –  par:cularly  when  accessed  outside  the  office  and  travelling   abroad.  •  In  2010  the  cost  of  mobile  phone  intercep:on  is  significantly  reduced  since   hackers  computed  and  published  free  on  the  internet  a  codebook  to  decrypt   GSM  calls1  –  used  in  80%  of  mobile  phones  worldwide  –  as  well  as   demonstra:ng  intercep:on  equipment  that  is  readily  available  for  under   $2,000.    •  With  SlingSecure,  calls  can  easily  be  protected  on  popular  cell  phones  –  and   securely  connected  to  office  phone  systems  –  so  that  you  can  be  assured   conversa:ons  remain  confiden:al  wherever  they  are.   19
    • CON’TSpeak  With  Confidence  •  SlingSecure  Mobile  is  an  easy-­‐to-­‐use,  next  genera:on  so;ware  solu:on  that   runs  on  standard  mobile  phones  and  uses  the  data  channel  to  serve  up   unparalleled  voice  quality,  low  voice  delays  (latency),  global  coverage  and   intercon:nental  call  capability  -­‐  all  delivered  securely.  •  Using  SlingSecure  Mobile  is  as  easy  as  making  a  normal  call,  yet  provides  the   confidence  that  phone  calls,  whether  in  the  mobile  or  office  environment,  at   home  or  overseas,  within  or  between  departments,  suppliers  and  business   partners,  are  protected  end-­‐to-­‐end.    •  Security  is  assured;  SlingSecure  uses  the  same  well-­‐established  and  trusted   encryp:on  technologies  to  protect  voice  communica:ons  that  are  used  to   protect  laptops,  corporate  data  and  financial  services  transac:ons.   20
    • CON’TCryptography  &  Random  Number  Genera:on  Public  Cryptography    (2048-­‐bit  RSA  &  ECDSA  using  curves  with  384-­‐bit  prime  moduli)       RSA   and   ECDSA   are   used   for   authen:ca:on.   The   key   pairs   are   generated   on   the  phone  during  the  installa:on  and  are  unique  to  each  phone.  A  private  key   is   never   shared.   The   Ellip:c   Curve   Diffie-­‐Hellman   (ECDH)   and   RSA   algorithms   are  used  for  key  exchange.  The  session  key  is  only  valid  for  one  phone  call  and   securely  destroyed  a;er  use.       21
    • CON’TSymmetric  Cryptography  (AES  &  RC4,  both  256  bits)    Both  encryp:on  algorithms  are  used  at  the  same  :me.  The  data  packet  is  first   encrypted  with  RC4  and  the  cipher  text  is  then  encrypted  again  with  AES  in   Counter  Mode  (CTR).  Both  algorithms  are  ini:alized  with  the  exchanged   session  key.  Hashing  Algorithms  (SHA512,  MD5)    Two  industry  standard  hashing  algorithms  are  used  for  increased  integrity   assurance.  Random Number Generation  A  4096  bit  seed  pool  is  generated  during  the  installa:on  and  is  periodically   updated.     22
    • CON’TKey  Benefits  Security    •    Strong  end-­‐to-­‐end  encryp:on:  even  if  a  call  is  intercepted,  it  can’t  be                  decrypted.    •    Algorithm  AES256,  SHA2,RDNG,  DH  compliant  to  FIPS  specifica:ons    •    Double-­‐wrapped  algorithms:  every  cryptographic  calcula:on  uses  two    algorithms  in  case  one  becomes  vulnerable  in  the  future      •  Smartcard  cer:fied  CC  EAL5+  /  Tamper-­‐proof  module  storage      Performance    •    High  call  quality  with  low  latency    •    Operates  on  all  data-­‐capable  wireless  networks    •    Interna:onal  calling  in  over  200  countries    •    Secure  calling  to  landlines  with  SlingSecure  Enterprise  Gateway   23  
    • CON’TEase  of  Use  &  Management  •  Applica:on  can  be  installed,  updated  and  deleted  remotely  on  to  any   supported  device  with  access  to  the  Internet  or  Wireless  GPRS.  •  Management  console  instantly  disable  users  •  Private    Switch(s)  or  SlingSecure  Gateway  could  be  installed  at  clients  own  data   centre  for  added  security.    •  Ease  of  Secure  Conference  Service  between  users  “voice”   24
    • PERMITTING THIRD-PARTY APPLICATIONS TO ENCODE BLACKBERRY DEVICE DATAThe  BlackBerry  Enterprise  Server  and  the  BlackBerry  Device  So;ware  support  a  Transcoder  API.  This  API  permits  third-­‐party  applica:on  developers  to  create  encoding  schemes  that  encrypt,  convert,  or  otherwise  change  the  format  of  data,  and  apply  an  encoding  scheme  to  BlackBerry  device  data  using  transcoder  applica:on  code.  The  third-­‐party  encoding  scheme  prepends  a  transcoder  ID  to  the  data  that  it  encodes.  The  BlackBerry  Enterprise  Solu:on  then  encrypts  the  transcoder-­‐encoded  data  using  standard  BlackBerry  encryp:on.    The  BlackBerry  Enterprise  Solu:on  permits  only  third-­‐party  encoding  schemes  that  the  RIM  signing  authority  system  has  digitally  signed  using  the  RIM  Cryptographic  API  public  key  to  access  the  Transcoder  API  to  create  the  transcoder  applica:on  code.  To  apply  the  third-­‐party  encoding  scheme,  the  BlackBerry  device  must  be  running  corresponding  transcoder  applica:on  code.    Third-­‐party  applica:on  developers  can  use  the  Transcoder  API  to  add  cryptographic  components  that  the  RIM  Cryptographic  API  does  not  support  by  default  to  their  third-­‐party  encoding  schemes.  The  BlackBerry  Enterprise  Solu:on  applies  the  third-­‐party  encoding  schemes  to  any  outgoing  data  to  which  standard  BlackBerry  encryp:on  applies.  The  Transcoder  API  supports  use  of  all  the  cryptography  that  the  RIM  Cryptographic  API  supports.    If  the  BlackBerry  Enterprise  Server  administrator  allows  third-­‐party  applica:ons  to  use  the  Transcoder  API  on  the  BlackBerry  device,  those  applica:ons,  if  not  func:oning  correctly,  might  impact  the  security,  usability  and  performance  of  the  BlackBerry  Enterprise  Solu:on,  and  might  cause  loss  of  BlackBerry  device  data.  To  use  the  third-­‐party  encoding  scheme,  the  BlackBerry  Enterprise  Server  administrator  must  use  the  Security  Transcoder  Cod  File  Hashes  IT  policy  rule  to  specify  the  .cod  file  for  the  third-­‐party  encoding  scheme  that  the  BlackBerry  device  permits  to  register  as  a  transcoder.  For  more  informa:on  about  using  the  Security  Transcoder  Cod  File  Hashes  IT  policy  rule,  see  the  Policy   25Reference  Guide.    
    • WHO NEEDS SLINGMAIL?In  every  country  there  are  groups  of  individuals,  government  agencies  and  companies  who  require  the  highest  level  of  security.  Not  just  physical  security  ,but  also  for  transfer  of  data.  Any  leak  in  its  transfer  could  lead  to  devasta:ng  consequences,  e.g.  leakages  of  highly  sensi:ve  informa:on,  such  as,  the  company’s  strategic  marke:ng  plans  or  the  results  of  a  break-­‐through  product  that  could  poten:ally  cost  the  company  it’s  posi:oning  and  result  in  heavy  financial  losses,  etc  It  is  in  these  above  situa:ons  that  SlingMail  was  developed  where  UNCOMPROMISING  SECURITY  of  data  transfer  for  these  groups  is  paramount.   o  Influen:al  world  organisa:ons   o  Governments   o  Special  land,  air,  sea,  secret  and  intelligence  forces       o  Companies  involved  in  cuyng  edge  research     o  Telco  companies   o  Broadcas:ng  companies   o  Financial  ins:tu:ons   o  Defence  Contractor’s     o  High  net  worth  individuals   o  Celebri:es,  etc   26
    • WHAT VALUE DO YOU PUT YOUR PRIVICY AT? Contact us INFO@GETSLINGMAIL.COM or +1.212.364.2003 WWW.GETSLINGMAIL.COM 27