Home
Home Page
PHP and Web. Caching
Job with Cookies on PHP
Electronic dispatches
JUzabiliti the main page
Natural keys against artificial keys
Uniform autentifikacija Windows NT/2000 and Oracle
The manual on Link Popularity
Partner Links: optimize an exchange of links
What for registration in catalogues through 1PS.RU is necessary
Krossbrauzernyj DHTML
DHTML-skriplet - it is simple about simple
Promotion of a site with the help of bulletin boards
The practical grant{manual} on a spelling of slogans for websites
We check the site - that has taken place with your ranging?
PHP: Patterns
Use of patterns in PHP4
Really easy change of design
Job with patterns, use HTML-Template with CGI-scripts
Job with files in PHP
Links
Home Page
 

Protected mail with the Web-interface

Originally in tables of ranks of the services given by primogenitors of the Internet, the service of guaranteed delivery of messages won first place. It has been caused by specificity of such networks and them orientirovannost`ju on an operative exchange of the scientific and defensive information. Further the list of services constantly extended, but priority always there was a delivery of messages. In a result it corrected practically without changes has been inherited by system the Internet. The service which has received the name of email (e-mail), has won today the big popularity at users.


The basic advantages e-mail steel:

?         Phenomenal speed of delivery of messages;

?         garantirovannost` deliveries to the addressee;

?         Confidentiality.


After job with electronic system return to paper mail and telegrams is experienced rather painfully.


According to various independent statistical researches, in Russia more than half of Internet users leave in the Network at job, only hardly there is more than quarter - a house, and hardly there is less than quarter - in a place of study (however, and in all other world at job Internet users spend in the Network twice more time, than a house). Thus, it is far from being at all users the Network « always near at hand » and not always there is an opportunity, for example, to adjust « under itself » a mailer. Besides it is not necessary to rely on confidentiality of the standard email especially transmitted within the limits of a corporate network. In some cases with the maintenance{contents} of electronic correspondence of corporate employees the heads (besides a number{line} of the companies practises target use of service addresses with the selective control of correspondence of the employees), let alone possible{probable} checks of corporate letters by employees of special services, under the law having on this full right closely{attentively} gets acquainted. So in most cases electronic correspondence can become much less safe, than even traditional paper as if the paper message is easy for tearing or burning out the electronic message can be restored even in the event that it has been removed.


However, for those Internet - users who though is a little familiar with the Network, it not such the big problem. If it is necessary to discuss in working hours with the colleague or to appoint not service appointment, it is quite possible to send the message, having used services of free-of-charge email of any popular Internet - portal which for certain is outside of reach of corporate programmers. Though in this case it is not necessary to forget that texts of messages become accessible to workers of this portal and all to the same uniquitous workers of special services.


Email use more than two thirds "setjan", therefore so post services with the Web-interface (moreover, occurrence of these services has caused unknown growth of quantity{amount} using email) are popular today. Acting messages in this case are stored{kept} at the provider, and to look through a mail it is possible by means of a usual browser - having specified the name and the password and having connected from any place to a Web-site of the post provider. To use such kind of mail very conveniently.


Side benefit of email with the Web-interface is the opportunity to see{overlook} the acting correspondence, not resorting to preliminary its{her} uploading from a mail server. Thus, on statistics, more than third of incoming mail does not interest at all the addressee, and the immediate answer demands only hardly more a quarter of incoming documents.


The world{global} statistics shows, that email has replaced to millions corporate employees buffets and the tea rooms traditionally serving by a place for consultations, discussions of any ideas, projects or is simple for leisure chatter. Henceforth the information which to us is to be shared with fellow workers or friends and relatives, it became possible to pass through the Internet. Additional pluss here are obvious - to leave{abandon} absence of necessity a workplace, to borrow{occupy} service phone and to allow to the heads a superfluous occasion for suggestions because of delayed performance of the task owing to unproductive expenses working hours.


Besides Internet - portals often give various means of creation and conducting public or private groups. So, any group gives the members the general{common} resources similar to those, that are available for the usual user (a group mail box, a group directory and a task list), and also a number{line} of specific opportunities:

?         Hierarchical storehouse of documents of any type;

?         An opportunity to attribute to each document a status (or the status) from preliminary determined by the owner of group of the list, allowing to organize the elementary document circulation inside group;

?         Conferences;

?         Chats;

?         Pollings or votings of members of group.


However practice shows, that the problem of confidentiality of the personal information of Internet users costs{stands} very sharply. Besides the non-authorized dispatches (a so-called spam) in result of "outflow" e-mail-adresov (not a secret, that some public servers simply trade in the given information) here there are some more important problems. One of them is an openness of the information transmitted under standard reports of email. Any of standard post reports (SMTP, POP3, IMAP4) does not include mechanisms of the protection, capable to guarantee confidentiality of correspondence. The maintenance{contents} of the letter and the files enclosed to it  can be without effort opened and read by malefactors.


Moreover, the majority of people forget, that the Internet is a public place and that email before she will reach{achieve} the addressee, passes through some computers and, "travelling" from one provider to another, from the site to the site, at each stage can be perlustrated. Naturally, any of these computers is not protected from curious eyes.


The special problem is represented with an opportunity easily to create letters with false addresses and to change maintenances{contents} of the letter (as the standard SMTP-letter does not contain means of check of authorization and integrity).


Potential malefactors can be:

?         The personnel of your office. Not the secret, that more often the malefactor appears the one who works or still yesterday worked with you beside. Researches show, that the basic part of threats proceeds from colleagues and the personnel of the companies, and the number of external penetrations does not exceed a quarter. As a rule, « intrigues are repaired » by the employees, feeling offended, or simply office intriguers, trying to adjust colleagues against each other. However, direct payoff or blackmail is not excluded also - not always in fact the passion to peeping is disinterested. In any case, the information is a force and authority, and "police dogs" thirst for authorities. Means for perlustration of your correspondence exist much. (And besides special programs - like telephone "zhuchkov", listening to all traffic which is taking place in the Network, your enemies, using your carelessness, can is banal to use your access.)

?         Technicians of providers and intermediate communication sites. Such "penetration" can occur as to the mercenary purpose, and neumyshlenno, is simple by virtue of imperfection of used technologies in the field of data transfer. Also be not under a delusion, when delete the come correspondence on the local computer: on a mail server she can be stored{kept} even long months …

?         Special public services. And here you will be not not rescued even with the old kind closed safe as you can "ask" to open it  voluntary, having supported "request" the arguments excluding refusal. Besides various systems conduct the constant control of telecommunications over any sanctions. In Russia, for example, exists SORM (system special operativnorozysknykh actions) which can establish special programmnoapparatnye means directly on platforms of the telecommunication companies.

?         Private{Individual} security firms. Some specialized private{individual} organizations carry out illegal gathering and sale of the information. In Moscow, for example, there are firms which can deliver your ill-wishers not only recording of telephone conversations, but also contents of electronic letters.

?         Hackers. Though opportunities of hackers, in opinion of experts, are strongly exaggerated by diligence of press and TV, they nevertheless cannot be dismissed. Certainly, the qualified hackers are rather rare, and they will not be exchanged for trifles. However almost everyone has competitors and ill-wishers. And to put you the appreciable harm, the qualified hacker and it is not necessary. At existing technologies it can make even studentnedouchka, keen on computers and decided{solved} it is a little to earn additionally on the hobby or simply to be trained on casually turned up Internetadrese or a computer left in the Network « without supervision ». Besides in streams of email often there are "not clear" inserts on JavaScript, specifying that this problem is quite real. To avoid such "shadowing", it is necessary to refuse at least use HTMLkoda in electronic messages, to disconnect JavaScript and to apply encryption. However, as a rule, very few people concerns to such advice{councils} seriously, will not collide{face} yet danger.


As as it is necessary to protect


Obligatory protection demands:

?         Contents of the transmitted and received information. It is the most obvious kind of protection which is usually realized by means of coding the information (encryption). Preliminary encryption of email can be executed and by means of special programs, but thus such program should be at both addressees.

?         The validity of the addressee and integrity of the information. If not to accept special safety measures it is possible to receive the information from other person, but signed by a familiar name or changed (forged).

?         Acknowledgement{Confirmation} in reception (notice). In many cases it is desirable to assert{approve} demonstratively, that your partner received, looked through the received data and even, probably, put the signature. Such acknowledgement{confirmation} is provided with the so-called digital signature.


To provide an opportunity of closing (encryption) of the transmitted data any algorithm of encryption (including with an open key) can. The quantity{amount} of the applications using systems of cryptographic protection with open keys, all over the world quickly increases. The only thing, that usually excites ordinary users is a simplicity in circulation with system of administration of encryption and check of electronic certificates.


Thus it is necessary, that anybody, even the manager of system, could not read basically your mail, and work with her it would be not more complex , than with usual post system or a Web-browser.


Has historically developed so, that the infrastructure of certificates of open keys (PKI) was created on the basis of foreign kriptostandartov (RSA, DES) in view of their specific features. Abroad given technology has received wide development at the expense of its{her} support on the part of such large American manufacturers of the software, as Microsoft, Hewlett-Packard, Intel, etc. Corporation Microsoft of one of the first has developed and has introduced products on base PKI in standard delivery of system software Windows 95/98/NT/2000/Me/XP. However, proceeding « from the maximum{supreme} state interests the USA », corporation Microsoft by deliveries of the located products abroad uses in them « weak cryptography » (small length of a key). However, for the usual user of the greater also it is not required. If stronger protection it is possible to use and special decisions on the basis of an infrastructure of certificates and open keys is necessary.


The system of protected mail on the basis of the Web-interface is represented in this sense more convenient. Here the maximal protection and convenience of use is guaranteed, and any special software it is not required. It is possible to work from any public place with access in the Internet. Thus such system can provide and additional opportunities (sometimes paid):

?         Between the user and the server the confidential channel under report SSL is in addition established;

?         The documentary notice on delivery of mail to the correspondent or the automatic answer to incoming letters is carried out;

?         The digital signature is realized;

?         It is kept in contact with other post services. It is possible to accept and send letters to other addresses, thus the channel up to a mail server can be protected;

?         The notice on other (open) mail box that in the protected mail box the new message has appeared is sent. Processing of incoming letters is made by adjusted filters, including transfer of messages on pagers and cellular telephones as SMS is possible{probable};

?         Coding (encryption) of the information (file) on a local computer (diskette) can be carried out even without his  parcel{sending}. Deciphering will be is made at any time and in any place with access in the Internet;

?         There is an opportunity of additional realization of conducting a notepad for storage of notes in the structured storehouse or an opportunity of conducting draft copies;

?         Reception of letters is limited only to the certain correspondents.


The list of additional opportunities is substantially defined{determined} by circle of users for which concrete service is designed. For one category of users simplicity of the interface is more critical, and they are excited a little with volume of a mail box or floppy rules of processing of incoming mail. Other category can be raz``ezdnye workers for whom, on the contrary, great volume of a box and reliability of storage are determining factors. Supervising and ranking officers more all will estimate an opportunity of the operative notice on a cellular telephone on SMS about arrival of some letters. Therefore developers already at the initial stage are compelled to be guided by the certain circle of users, differently the server will be overloaded with seldom used functions which are slowing down performance of priority operations.

Criteria of a choice of post service (under reviews and testings)


However, despite of various opportunities of encryption, the basic criteria, by which the user is guided at a choice of this or that modern post service (it is protected thus mail whether or not), the following:

?         Reliability of delivery of the correspondence;

?         Speed of sending and reception of the message;

?         Convenient design facilitating using (thus it is necessary to take into account, that old habits die off for a long time, therefore the interface in any case should not differ strongly from Microsoft Outlook);

?         Time of loading of a home page and toolkit (it is possible, for the newbie and for the experienced user of a point of an input{entrance} should be various);

?         Availability of RORZ servers, SMTP and IMAP4 and an opportunity to store{keep} the message on the removed server without a unloading on a local computer;

?         Availability of services through Webinterfejs (HTTP/HTTPS);

?         Small time of reaction of service of technical support.


The everything else is not so important. The myth that people prefer huge supermarkets (where everything that can be necessary for them, physically is in one place) is fair only for a real life - in the Internet the physical site of a role does not play (all there is from each other on distance of one clique). Therefore association of every possible functions in one service has no special sense. It is better to have two - three various post addresses and to use them for the different purposes. Therefore if you choose the protected mail its{her} main problem  should be all the same protection. Thus there are no reasons that some the specialized services could not work together, creating networks, the general{common} points of an input{entrance}, concluding partner agreements, alliances, opening partner programs, etc.

Protection of email


For the beginning it is necessary to save integrity of email and its{her} authentic authorization - a guarantee of that the message is sent by that by whom it is signed, and has not been changed during transfer, the digital signature can give you.


Be not frightened, if in your mailer Outlook to you suddenly there will be such message:


It means, that the received message is signed by the digital signature. Safely press Continue - and receive the text of the message with red lentochkoj in heading:


To answer the similar letter not so it is simple! Correspondence in this case should be completely confirmed and with one, and on the other hand. For the answer too it is necessary for you to receive such digital certificate (for example, on http://www.thawte.com/ it it is possible to receive the free-of-charge certificate for personal use - Free Personal Email Certificate). It is a unique digital code which is applied to the message and allows you to check up his  authorship and authenticity to the original. The code is calculated on the basis of a confidential key available at the sender and the maintenance{contents} of the message. And to make sure that the electronic message has not changed along the line, the addressee checks it  with the help of an open key of the sender:


But completely to cipher the message, it{he} is necessary for coding. Coding is the basic mechanism providing confidentiality of the transmitted or stored{kept} information. Coding can be used for protection of any information, whether it be email or loaded files. Besides coding can protect the information at its{her} storage, for example in the databases which are taking place on a computer which physical safety it is impossible to provide (for example, on a portable computer).


There is a big number of algorithms of coding, but experts recommend what are for a long time used in practice already enough, that confirms their real ability to provide safety of the data.


Post services give 40-, 56-or a 128-bit mode of coding of the information depending on the used version of a browser. Standard (located) versions Netscape supported 40-bit coding, Microsoft Explorer - 56-bit (for job at a level of 128-bit coding it was necessary to load special modules). It is necessary to note also, that today the software for 128-bit coding can be also a subject of import or operational regulation in the various countries.


Email protected at a level of 128 bats, provides quite sufficient protection of confidentiality of correspondence and safety of files - applications against the non-authorized access or from their interception by representatives of power structures, competitors or hackers. Leading experts recommend to use in the Internet keys in length not less than 75 bats, and it is better in the length of 90 bats and more - the solid international trading companies, banks, broker offices, medical establishments and the insurance companies resort to similar coding.


The most popular technology of encryption is Pretty Good Privacy (PGP) Bill Tsimmermanna in which cryptographic circuit RSA (an abbreviation is used is made of the first letters of surnames of founders of the circuit: Rivest, Shamir and Adleman). Protective properties RSA are provided with complexity of decomposition of the big numbers on a multiplier. PGP (http://www.pgp.com/) besides allows you to supply the message with a digital signature, giving the addressee of the message an opportunity to make sure that you have sent it .


Today powerful computers are accessible almost for each user, but even 40-bit coding is still considered "strong" in the environment of encoders. And 128-bit represents rather reliable method of coding on the predicted future even with the account « Moore's law » which marks, that computer capacities of the world are doubled each eighteen months.

Email with the Web-interface


To one of the best specialized servers giving services of protected email with the Web-interface (including Russian-speaking), is for today http://www.s-mail.com/, developed company Network Research Lab Ltd (NR Lab).


S-mail - the protected email, allowing to send and receive the messages absolutely protected from extraneous eyes. Thus safe transfer of the coded post messages on a network the Internet occurs maximum user-friendly. Friendly and intuitively understandable Web-interface does not demand special knowledge. To protect the correspondence, it is not necessary to master numerous procedures or to exchange confidential keys - it is necessary to be registered simply in this system and to write letters how it is usually done{made} in open post systems with the Web-interface.


For users of system S-mail all correspondence is absolutely confidential: if the sender and the addressee use system S-mail nobody can penetrate into their correspondence as, before to leave from a computer of the sender, messages are coded and saved in the coded kind until will be automatically decoded on a computer of the addressee after last will enter the password. Thus it is not necessary to download and establish specially any programs, to buy additional modules or the specialized devices. Essentially facilitates job and that users should not exchange preliminary keys or passwords with the subscribers on safe correspondence.


All messages and applications to them before sending in a network the Internet are coded with the help of the standard cryptographic algorithms which provide the highest degree of protection: the system works on the basis of standard OpenPGP, and used cryptographic algorithms, reports and formats komponuemykh and messages transmitted on communication networks are realized according to RFC 2440 « OpenPGP Message Format ». This standard describes structure of messages, the order of application of algorithms, their parameters, etc. As symmetric algorithm block algorithm CAST-5 with length of a key of 128 bats (16 bytes) in mode CFB is used. As algorithm with an open key algorithm Diffie-Hellman is used. Lengths of parameters of algorithm have the following values: P - 2048 bats, G = 2, X - 512 bats.


Naturally, system S-mail cooperates with any other post systems and allows to receive and send messages on any electronic addresses, but function of protection as much as possible operates only when both the sender and the addressee are subscribers S-mail.


That he is not adhered to a concrete computer of the user concerns to side benefits of service S-mail and is accessible from any place where there is an Internet connection. Moreover, using technology S-mail, it is possible to store{keep} the information in the coded kind and to decipher her , got access to any computer connected to the Network.


For the ordinary user free-of-charge registration on S-mail server is open, and corporate users besides it can organize own post system of any configuration on the basis of used technologies of protection.


Let's especially note, that service S-mail guarantees absolute absence of advertising (both on the server, and as inserts, dispatches and an other spam in items of mail).