Final PowerPoint Report To SUG

369 views
293 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
369
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Final PowerPoint Report To SUG

  1. 1. Encryption - Fall 2005 SUG Presentation 1/9/2006
  2. 2. Outline <ul><li>Introduction </li></ul><ul><li>Encryption for Email </li></ul><ul><ul><li>Email Password Encryption </li></ul></ul><ul><ul><li>Email data encryption </li></ul></ul><ul><li>Encryption for File Transfer </li></ul><ul><ul><li>Secure protocols in file transfer clients supported at Penn </li></ul></ul><ul><li>Supporting references and tables </li></ul>
  3. 3. Introduction <ul><li>Team’s purpose </li></ul><ul><ul><li>Provide information for LSPs regarding purposes and methods for encryption of: </li></ul></ul><ul><ul><ul><li>passwords and data for email </li></ul></ul></ul><ul><ul><ul><li>passwords and data for file transfer </li></ul></ul></ul><ul><ul><ul><li>files and file systems </li></ul></ul></ul><ul><ul><li>… with respect to supported platforms and clients </li></ul></ul><ul><ul><li>Provide supplemental information regarding third party products and recommendations re: possible applications of such technologies </li></ul></ul>
  4. 4. Encryption for Email <ul><li>Email Password Encryption </li></ul><ul><ul><li>Need for email password encryption </li></ul></ul><ul><ul><li>Methods of email password encryption </li></ul></ul><ul><ul><li>Client/Server support for email password encryption at Penn </li></ul></ul>
  5. 5. Table A: Email Clients and Support for Use of Encrypted Passwords with Common Penn Mail Servers
  6. 6. Encryption for Email <ul><li>Email Data Encryption </li></ul><ul><ul><li>Limitations of SSL encryption for email data </li></ul></ul><ul><ul><li>Using PGP/GPG and S/MIME with email clients </li></ul></ul><ul><ul><li>Other uses of PGP/GPG </li></ul></ul>
  7. 7. Encryption for File Transfer <ul><li>Protocols for secure file transfer </li></ul><ul><ul><li>Kerberos for password protection </li></ul></ul><ul><ul><li>SCP/SFTP for password and data stream encryption </li></ul></ul><ul><ul><li>Need for PGP/GPG for end to end encryption </li></ul></ul><ul><li>Secure protocols in file transfer clients supported at Penn </li></ul>
  8. 8. Table B: File Transfer Clients and Support for Password/Data Encryption with Common Penn Web Servers
  9. 9. Recommendations <ul><li>Use of cleartext passwords for email and file transfer protocols should be avoided </li></ul><ul><li>End to end data encryption should be implemented where needed </li></ul><ul><li>Any future email and file transfer client evaluation teams should continue to include these functions in product evaluations </li></ul>
  10. 10. Team Members <ul><li>David Taylor, ISC Security </li></ul><ul><li>Brian Doherty, SAS </li></ul><ul><li>Jerry Cheng, HR </li></ul><ul><li>Angela M. Coleman, Vet School </li></ul><ul><li>Jim Cunningham, ISC AIT </li></ul><ul><li>Dan Dougherty, ISC TSS </li></ul><ul><li>Wenhwai Horng, Wistar </li></ul><ul><li>Shumon Huque, ISC N&T </li></ul><ul><li>Cynthia Kwan, SAS </li></ul><ul><li>Larry Macy, Psychiatry </li></ul><ul><li>Annette Martinez, VPUL </li></ul><ul><li>Barbara McAleese, SOM </li></ul><ul><li>Jordan McClead, ISC TSS </li></ul><ul><li>Kristin E. Nelson, ISC TSS </li></ul><ul><li>Adam Preset, ISC N&T </li></ul><ul><li>John Quigley, Bioinformatics </li></ul><ul><li>David Staskin, Purchasing </li></ul>
  11. 11. Web Site <ul><li>Following website will be updated with team’s report: </li></ul><ul><li>http://www.upenn.edu/computing/eval/2005/encryption </li></ul>

×