An Analysis of IMAP Security - PowerPoint PPT Presentation

About This Presentation
Title:

An Analysis of IMAP Security

Description:

It will allow a client to access and manipulate electronic mail messages on server ... Managing IMAP, 1st Editionby Dianna Mullet; Kevin Mullet. Q &A ... – PowerPoint PPT presentation

Number of Views:120
Avg rating:3.0/5.0
Slides: 12
Provided by: cisc62
Category:

less

Transcript and Presenter's Notes

Title: An Analysis of IMAP Security


1
An Analysis of IMAP Security
  • CMPE 209
  • Presented By
  • Divya Panchal
  • Bepsy Paul Menachery

2
Agenda
  • What is IMAP
  • State Flow Diagram
  • Advantages of IMAP over POP3
  • Analysis of IMAP Security
  • Future of IMAP Security
  • Conclusion

3
What is IMAP
  • IMAP Internet Message Access Protocol
  • It is the most popular Internet Standard Protocol
    to retrieve email
  • The other protocol is POP3
  • It will allow a client to access and manipulate
    electronic mail messages on server
  • IMAP4version1 assumes a reliable data stream such
    as that provided by TCP
  • When TCP is used IMAP4version 1 will listen on
    port 143

4
State Flow Diagram
5
Advantages of IMAP over POP3
Features IMAP POP
Where is INBOX being stored? Email Server Email Server
Where are Mail Folders being stored? Email Server Mainly on User's own local desktop
Can Mail Folders be created on Mail Server? Yes No, only on User's own local desktop
Can Mail Folders be created on local desktop? Yes Yes
Can Mail Folders be accessed from different computers, like the PC at home, in office, or from oversea? Yes No, only on the local desktop the mail being saved
Typical Email Clients Netscape Messenger Outlook Express Outlook 2000 Outlook 98 PINE MailDrop, etc Eudora Outlook 97, etc
6
Analysis of IMAP Security
  • The basic IMAP sends username and pass word in
    clear
  • To secure IMAP, the use of Kerberos was
    recommended as part of SASL proposal
  • Another method is to use SSH for securing the
    IMAP messages.
  • A perfect solution is to use SSL or SSL wrapper
    to encrypt both login information and data in the
    messages.

7
Analysis of IMAP Security (contd.)
  • The restriction of LOGIN command usage
  • Recommended use of STARTTLS
  • Must used cipher suite -TLS_RSA_WITH_RC4_128_MD5
    TLS
  • Recommended cipher suite - TLS_DHE_DSS_WITH_3DES_E
    DE_CBC_SHA TLS

8
Future of IMAP Security
  • With the demand for universal multi-device
    connectivity, IMAP is best suited for accessing
    email from different devices simultaneously
  • The importance of IMAP for both back-end and
    front-end user interfaces are increasingly
    popular
  • IMAP for use with client devices such as PDAs,
    Palm OS, Win CE and cell phones are becoming
    popular
  • Use of IMAP in messaging products are an
    essential requirement in the market

9
Conclusion
  • IMAP when used by itself is not secure
  • IMAP used with secure mechanisms such as SSH, SSL
    or Kerberos is secure
  • With the demand for universal multi-device
    connectivity, the future of IMAP is very
    promising

10
Refrences
  • http//tools.ietf.org/html/rfc3501
  • http//en.wikipedia.org/wiki/Internet_Message_Acce
    ss_Protocol
  • http//www.ust.hk/itsc/email/tips/imap-or-pop.html
  • http//www.coruscant.demon.co.uk/mike/imap/securit
    y.html
  • http//security.fi.infn.it/tools/stunnel/index-en.
    html
  • Managing IMAP, 1st Editionby Dianna Mullet Kevin
    Mullet

11
  • Q A
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "An Analysis of IMAP Security" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!