Secure Communication using Identity Based Encryption

Secured communication has been widely deployed to guarantee confidentiality and\ud integrity of connections over untrusted networks, e.g., the Internet. Although\ud secure connections are designed to prevent attacks on the connection, they hide\ud attacks inside the channel from being analyzed by Intrusion Detection Systems\ud (IDS). Furthermore, secure connections require a certain key exchange at the\ud initialization phase, which is prone to Man-In-The-Middle (MITM) attacks. In this paper, we present a new method to secure connection which enables Intrusion Detection and overcomes the problem of MITM attacks. We propose to apply Identity Based Encryption (IBE) to secure a communication channel. The key escrow property of IBE is used to recover the decryption key, decrypt network traffic on the fly, and scan for malicious content. As the public key can be generated based on the identity of the connected server and its exchange is not necessary, MITM attacks are not easy to be carried out any more. A prototype of a modified TLS scheme is implemented and proved with a simple client-server application. Based on this prototype, a new IDS sensor is developed to be capable of identifying IBE encrypted secure traffic on the fly. A deployment architecture of the IBE sensor in a company network is proposed. Finally, we show the applicability by a practical experiment and some preliminary performance measurements

E-mail encryption framework for Malaysian public sector

Securing confidential data shared through the electronic mail is depending on the current encryption method deployed by the E-mail service provider as well as the current procedures and regulation of the organization. Hence, the E-mail encryption framework is a fundamental factor in designing a secure E-mail service in the Malaysian Public Sector. Therefore, the purpose of this study is to develop the Email encryption framework for Malaysian Public Sector in order to secure the E-mail system. In this study, the qualitative study has been conducted in order to understand the criteria of the E-mail encryption framework for the Malaysian Public Sector. Thus, the descriptive design is conducted to discover the features E-mail encryption framework for Malaysian Public Sector from the E-mail administrator and related personnel. Therefore, in-depth interview with the semi-structured method of interview is used in this study. The E-mail encryption framework has been proposed which comprising of organizational, operational, technological, legal and ethical components. The proposed framework was evaluated to measure its effectiveness towards an existing e-mail system. Findings on the proposed e-mail encryption framework will benefit the Malaysian Public Sector in providing secure e-mail service thus deciding applicable security control. Finally, this study generally contributes to enhance the current secure e-mail system implementation in Malaysian public sector agencies