• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Final PowerPoint Report To SUG

Final PowerPoint Report To SUG






Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Final PowerPoint Report To SUG Final PowerPoint Report To SUG Presentation Transcript

    • Encryption - Fall 2005 SUG Presentation 1/9/2006
    • Outline
      • Introduction
      • Encryption for Email
        • Email Password Encryption
        • Email data encryption
      • Encryption for File Transfer
        • Secure protocols in file transfer clients supported at Penn
      • Supporting references and tables
    • Introduction
      • Team’s purpose
        • Provide information for LSPs regarding purposes and methods for encryption of:
          • passwords and data for email
          • passwords and data for file transfer
          • files and file systems
        • … with respect to supported platforms and clients
        • Provide supplemental information regarding third party products and recommendations re: possible applications of such technologies
    • Encryption for Email
      • Email Password Encryption
        • Need for email password encryption
        • Methods of email password encryption
        • Client/Server support for email password encryption at Penn
    • Table A: Email Clients and Support for Use of Encrypted Passwords with Common Penn Mail Servers
    • Encryption for Email
      • Email Data Encryption
        • Limitations of SSL encryption for email data
        • Using PGP/GPG and S/MIME with email clients
        • Other uses of PGP/GPG
    • Encryption for File Transfer
      • Protocols for secure file transfer
        • Kerberos for password protection
        • SCP/SFTP for password and data stream encryption
        • Need for PGP/GPG for end to end encryption
      • Secure protocols in file transfer clients supported at Penn
    • Table B: File Transfer Clients and Support for Password/Data Encryption with Common Penn Web Servers
    • Recommendations
      • Use of cleartext passwords for email and file transfer protocols should be avoided
      • End to end data encryption should be implemented where needed
      • Any future email and file transfer client evaluation teams should continue to include these functions in product evaluations
    • Team Members
      • David Taylor, ISC Security
      • Brian Doherty, SAS
      • Jerry Cheng, HR
      • Angela M. Coleman, Vet School
      • Jim Cunningham, ISC AIT
      • Dan Dougherty, ISC TSS
      • Wenhwai Horng, Wistar
      • Shumon Huque, ISC N&T
      • Cynthia Kwan, SAS
      • Larry Macy, Psychiatry
      • Annette Martinez, VPUL
      • Barbara McAleese, SOM
      • Jordan McClead, ISC TSS
      • Kristin E. Nelson, ISC TSS
      • Adam Preset, ISC N&T
      • John Quigley, Bioinformatics
      • David Staskin, Purchasing
    • Web Site
      • Following website will be updated with team’s report:
      • http://www.upenn.edu/computing/eval/2005/encryption