Password-Authenticated Key Exchange Based
on RSA
Philip MacKenzie1,Sarvar Patel1,and Ram Swaminathan2
1Bell Laboratories,Lucent Technologies,
{philmac,sarvar}@https://www.doczj.com/doc/6b11423816.html,
2Hewlett-Packard Research Laboratories,
swaram@https://www.doczj.com/doc/6b11423816.html,
Abstract.There have been many proposals in recent years for password-
authenticated key exchange protocols.Many of these have been shown
to be insecure,and the only ones that seemed likely to be proven secure
(against active adversaries who may attempt to perform o?-line dictio-
nary attacks against the password)were based on the Di?e-Hellman
problem.In fact,some protocols based on Di?e-H ellman have been re-
cently proven secure in the random-oracle model.We examine how to
design a provably-secure password-authenticated key exchange protocol
based on RSA.We?rst look at the OKE and protected-OKE protocols
(both RSA-based)and show that they are insecure.Then we show how
to modify the OKE protocol to obtain a password-authenticated key ex-
change protocol that can be proven secure(in the random oracle model).
The resulting protocol is very practical;in fact the basic protocol requires
about the same amount of computation as the Di?e-Hellman-based pro-
tocols or the well-known ssh protocol.
1Introduction
Consider the following scenario:Alice and Bob share a short secret(say,a4digit PIN number or a6character password)that they wish to use to identify and authenticate each other over an insecure network(say,the Internet).They do not carryanyother information with them.Of course,neither wants to reveal the secret to the other until the other has revealed his/her own knowledge of the secret.In fact,neither wants to reveal anything that could be used to verify the secret(such as a one-wayfunction applied to the secret)since the secret can then be found byany one using a dictionaryattack(bysimplyiterating through the relativelysmall number of possible secrets,apply ing the one-wayfunction to each of them,and comparing each result to the transmitted value).So how do Alice and Bob authenticate themselves?In general,Alice and Bob will want to not onlyauthenticate themselves,but set up a secure channel between themselves. For this theyneed a cry ptographicallystrong shared session key.So a variation of the question above would be:how do Alice and Bob bootstrap a short secret into a secure strong secret?
This problem,which we call password-authenticated key exchange,was?rst proposed in Bellovin and Merritt[BM92].In that paper,the Encrypted Key
T.Okamoto(Ed.):ASIACRYPT2000,LNCS1976,pp.599–613,2000.
c Springer-Verlag Berlin Heidelberg2000
600Philip MacKenzie,Sarvar Patel,and Ram Swaminathan
Exchange(EKE)protocol was proposed as a solution.The problem has since been studied extensively[BM93,GLNS93,Gon95,Jab96,Jab97,Luc97,STW95, Wu98],but onlytwo recent papers[BPR00,BMP00]present protocols along with proofs of security,and in fact,many of the previously-proposed protocols have been shown to be insecure[Ble99,Pat97].Both of the protocols that were proven secure were based on Di?e-Hellman.Speci?cally,[BPR00]developed a clean and elegant protocol based on EKE and proved its securitybased on C omputational Di?e-Hellman(CDH),using the random oracle and ideal symmetric encryption function assumptions.The protocol in[BMP00]is similar,but with the proof of securitybased on Decisional Di?e-Hellman(DDH),using onlythe random oracle assumption.
1.1Overview of Our Results
We studypassword-authenticated keyexchange protocols based on RSA.We?rst look at the OKE(Open KeyExchange)and protected-OKE protocols of Lucks [Luc97],since theyare the?rst ones that were based on RSA and were claimed to have proofs of security.We show that in fact they are insecure.Then we show how to modifythe OKE protocol to obtain a protocol that we prove to be secure. This new protocol requires only4moves,and onlyone public-keyoperation(i.e., a modular exponentiation)per side(either encryption or decryption).Thus it is e?cient enough to be used in practice,e.g.,for securing remote user access to a server,and is roughlyas e?cient as the other Di?e-Hellman-based protocols or the ssh protocol,all of which require two exponentiations per side.1 In this scenario,it is actuallyuseful for the server to store onlysome veri?-cation information for the password(such as a one-wayfunction applied to the password)but not the password itself.This provides resilience to server com-promise,meaning that an adversarythat compromises the server and steals the password information is still not able to impersonate a user,unless the adversary actuallyperforms a dictionaryattack on the veri?cation information.We show how to extend our protocol to provide some resilience to server compromise,but due to space limitations,we omit the full proof of securityfor this extended protocol.
The proposals presented in this paper have been presented in informal set-tings under the names SNAPI(Secure Network Authentication with Password Information)and SNAPI-X.To avoid confusion,we will continue to use those names here.
1.2Security Model and De?nitions
What does it mean for a password-authenticated keyexchange protocol to be secure?Informally,it means that the probability that an adversary can success-fullyauthenticate itself is at most negligiblymore than that of an adversary 1It is di?cult to do more than rough comparisons,since modulus size and exponent size may vary among the di?erent protocols.
Password-Authenticated Key Exchange Based on RSA601 who runs a trivial attack of simplyiterativelyguessing passwords and running the authentication protocol(i.e.,attempting to login).In SNAPI,we speci?cally show that if the adversarycan do non-negligiblybetter than this trivial attack, then one can break RSA[RSA78].We use the random-oracle model[BR93a]for our proofs.While a protocol having a securityproof in the random-oracle model is certainlyless desirable than a protocol having a proof in the standard model (using standard cryptographic assumptions)[CGH98],it is certainly preferable over a protocol which lacks anyproof.Other techniques proven secure in the random-oracle model include Optimal Asymmetric Encryption Padding[BR94] (used in PKC S#1v.2[Not99])and ProvablySecure Signatures[BR96].
For our proofs we use the securitymodel for password-authenticated keyex-change from[BMP00],in which the adversarytotallycontrols the network,a la[BR93b],and which is based on the multi-partysimulatabilityparadigm as described in[Bea91,BC K98,Sho99].In this paradigm,securityis de?ned us-ing an ideal system,which describes the service(of key exchange)that is to be provided,and a real system,which describes the world in which the protocol participants and adversaries work.The ideal system should be de?ned such that an“ideal world adversary”cannot(by de?nition)break the security.Then,in-tuitively,a proof of security would show that anything an adversary can do in the real system can also be done in the ideal system,and thus it would follow that the protocol is secure in the real system.
Although it is not a password-onlyprotocol,we do point out that the(one-way)authentication protocol given in Halevi and Krawczyk[HK98]is the?rst password-based authentication protocol to be formallyproven secure,with stan-dard securityassumptions.The proof methods in this paper are signi?cantly in?uenced bytheir techniques.Boy arsky[Boy99]has recentlydiscussed enhance-ments to the protocol of Halevi and Krawczyk to make it secure in the multi-user scenario.
We note that basic shared-secret authentication protocols(e.g.,[BR93b])are not secure when the parties share short secrets.However,there is a similarity between basic authentication and password-based authentication:both seem to be verydi?cult to get correct,and manyprotocols have been published for both,which have subsequentlybeen broken.This is preciselythe reason whywe emphasize provable security in this paper.
2Attack on the RSA Open Key Exchange Protocol Interest in developing RSA-based password-authenticated keyexchange proto-cols has been strong[Luc97,RCW98]ever since Bellovin and Merritt?rst de-scribed the RSA-EKE protocol[BM92],their RSA version of the Encrypted KeyExchange protocol.However,the use of RSA in password-onlyprotocols has proven to be quite tricky.Many of the RSA-based password-authenticated keyexchange protocols have been shown to be insecure[Ble99,Pat97].A di?er-ent approach from the EKE protocols was used byLucks[Luc97]to propose an RSA-based protocol which has so far resisted attacks.In this section,we present
602Philip MacKenzie,Sarvar Patel,and Ram Swaminathan
an e?cient attack against this RSA-based protocol.In later sections,we modify the basic protocol in [Luc97]to obtain an RSA-based password-authenticated keyexchange protocol that can be proven secure.
Lucks presented two protocols:the Open KeyExchange (OKE)protocol and the protected-OKE protocol,both described in terms of generic encryption func-tions with certain properties.When instantiated with RSA,the OKE protocol has a problem,as noted byLucks,which can allow an attacker to recover the password.Hence,Lucks modi?ed the basic OKE protocol to create the protected-OKE protocol that was supposed to be secure when the encryption function was instantiated with RSA.We present the basic steps of the RSA versions of the OKE and protected-OKE protocols along with our attack.Details of OKE and protected-OKE can be found in [Luc97].We ?rst describe OKE:
Step A Alice and Bob agree on a common secret π.Alice in advance generates
an RSA keypair ((e,N ),(d,N )).
Step B Alice chooses a random m and sends (e,N )and m to Bob.
Step C Bob chooses a random μand then a random a from ?N ,computes
p =H (e |N |m |μ|π)and q =E (a ) p and sends μand q to Alice.H is a random function with range ?N ,E is the RSA encryption function and is the RSA multiplication operation.
Step D Alice computes p like Bob,and recovers a byperforming an RSA de-
cryption of q p ?1.
The remaining authentication and keygeneration steps are omitted because theyare not needed for the attack.Lucks noted that there is a problem with this scheme because when an attacker can choose (e,N )such that function E maynot be invertible,E (a )would not be uniformlydistributed.Hence some information about p will be leaked which would be useful in ruling out candidate values for p and π.This lead Lucks to propose protected OKE which changes step C to step C below:
Step C Bob chooses a ∈R Z ?N ,but instead of μ,Bob chooses 2values μ?1,μ0∈R ?N .Bob uses μi =E (μi ?2 H (μi ?1))to compute μ1,μ2,...,μK where
H is another random function mapping to ?N .The value p =H (e |n |m |μ?1|μ0|π)is computed,and q =E (a ) p is sent to Alice along with the last two values μK ?1and μK .
Lucks reasoned that if E is not invertible then there are at least two choices for μK ?2,and then for everychoice of μK ?2there are two choices for μK ?3and so on.Thus we expect 2K choices for μ?1.For suitablylarge values of K,say80,it would be infeasible for the adversaryto evaluate all possible p ;so the information leaked about p from q =E (a ) p is of no use to the adversary.Unfortunately,RSA protected OKE has a weakness and we present an example attack:
Step 1The attacker picks e and N such that e is 3,N is a large prime,and
3|N ?1and then sends m and (e,N )to Bob.
Password-Authenticated Key Exchange Based on RSA603 Step2Unwittingly,Bob calculates p=H(e|N|m|μ?1|μ0|π)and sends out q,μK?1andμK.
Step3We will now uniquelyrecover values up toμ2andμ1using some basic results from number theorybyshowing how to recoverμi?2fromμi?1and μi.We make a note that we can e?ciently?nd dth roots if d|N?1[BS96].
We thus decryptμi=E(μi?2 H (μi?1))bysolving for the three cubic roots ofμi.Then we multiplyeach root with(H (μi?1))?1to get three possible solutions forμi?2.Of the three possible solutions,onlyone will be a cubic residue.We know apriori that the correct value forμi?2will be a cubic residue becauseμi?2was formed byencry pting(i.e.,cubing):μi?2=E(μi?4 H (μi?3)).Of the three possible values,we can identifythe cubic residue becauseμi?2N?13≡1mod N.We continue to recover the rest of theμi values untilμ1.
Step4μ0andμ?1are random values and thus cannot be uniquelyrecovered using Step3.There will be three possible values forμ0and for eachμ0value there will be three possible values forμ?1.Hence there are nine possible(μ0,μ?1)pairs.We will now tryto eliminate some candidate passwords from the list of possible password for Bob.If the password is guessed correctlyand the (μ0,μ?1)pair is correct then solving for E(a)from q=E(a) p will result in an E(a)which is a cubic residue.Conversely,if the solved E(a)is not a cubic residue,assuming(μ0,μ?1)pair is correct,then we know the password guess is incorrect.We do not know the correct(μ0,μ?1)pair,however,if for all9pairs the9possible solutions for E(a)turn out not to be cubic residues then we can eliminate this password guess.
This will happen with a signi?cant probabilityand thus we can eliminate
a signi?cant portion of the possible passwords.The probabilityfor a given
password that a(μ0,μ?1)pair will be such that the result will be non-cubic residue is equivalent to a random number being a non-cubic residue which is2
3
.The probabilitythat all9(μ0,μ?1)pairs result in non-cubic residues
is(2
3)9which is about2.5%.
Step5We repeat the above procedure(Step1-Step4)eliminating a constant fraction of the remaining passwords in each run,until onlyone password remains.
It maybe tempting to propose blocking this attack bychecking for primality of N and rejecting the session if N is prime.Although we have described the example attack using a prime N to keep the presentation simple,we could have done the same steps using a composite N=pq and using the chinese remainder theorem where necessary;we omit the details.The above attack can e?ciently discover a user’s password after a small number of sessions.One can also tryto reduce the probabilityof the attack’s success byrequiring e to have onlylarge factors.However,this maystill allow some leakage and does not rule out other attacks.Ad hoc countermeasures are not verysatisfactoryin password-based protocols because everyavenue of information leakage has to be blocked.Details matter.
604Philip MacKenzie,Sarvar Patel,and Ram Swaminathan
3Model
For our proofs,we use the model de?ned in[BMP00],which extends the formal notion of securityfor keyexchange protocols from Shoup[Sho99]to password-authenticated keyexchange.We assume the adversarytotallycontrols the net-work,a la[BR93b].
Brie?y,this model is de?ned using an ideal key exchange system,and a real system in which the protocol participants and adversaries work.The ideal system will be secure byde?nition,and the idea is to show that any thing an adversary can do to our protocol in the real system can also be done in the ideal system, and thus it would follow that the protocol is secure in the real system.
3.1Ideal System
We assume there is a set of(honest)users,indexed i=1,2,....Each user i may have several instances j=1,2,....Then(i,j)refers to a given user instance.A user instance(i,j)is told the identityof its partner,i.e.,the user it is supposed to connect to(or receive a connection from).An instance is also told its role in the session,i.e.,whether it is going to open itself for connection,or whether it is going to connect to another instance.
There is also an adversary that mayperform certain operations,and a ring master that handles these operations bygenerating certain random variables and enforcing certain global consistencyconstraints.Some operations result in a record being placed in a transcript.
The ring master keeps track of session keys{K ij}that are set up among user instances(as will be explained below,the keyof an instance is set when that instance starts a session).In addition,the ring master has access to a random bit string R of some agreed-upon length(this string is not revealed to the adversary).We will refer to R as the environment.The purpose of the environment is to model information shared byusers in higher-level protocols.
We will denote a password shared between users A and B asπ[A,B].
The adversarymayperform the following operations:(1)initialize user op-eration with a new user number i and a new identi?er ID i as parameters;(2) set password with a new user number i,a new identi?er ID ,and a passwordπas parameters(modeling the adversarycreating his own account);(3)initialize user instance with parameters including a user instance(i,j),its role,and a user identi?er denoting the partner with whom it wants to connect;(4)terminate user instance with a user instance(i,j)as a parameter;(5)test instance password with a user instance(i,j)and a password guessπas parameters(this querycan onlybe asked once per instance and models the adversaryguessing a password and attempting to authenticate herself);(6)start session with a user instance (i,j)as a parameter(modeling the user instance successfullyconnecting to its partner and establishing a random session key;(7)application with a function f as parameter,and returning the function f applied to the environment and any session keys that have been established(modeling leakage of session key infor-mation in a real protocol through the use of the keyin,for example,encry ptions
Password-Authenticated Key Exchange Based on RSA605 of messages);(8)implementation,with a comment as parameter(modeling real world queries that are not needed in the ideal world).
For an adversary A?,IdealWorld(A?)is the random variable denoting the transcript of the adversary’s operations.
For a detailed description of the syntax and semantics of the above opera-tions,see[BMP00].
3.2Real System
In the real system,users and user instances are denoted as in the ideal system. User instances are de?ned as state machines with implicit access to the user’s ID,P ID,and password(i.e.,user instance(i,j)is given access toπ[ID i,PID ij]). User instances also have access to private random inputs(i.e.,theymaybe randomized).A user instance starts in some initial state,and maytransform its state onlywhen it receives a message.At that point it updates its state, generates a response message,and reports its status,either continue,accept,or reject,with the following meanings:
–continue:the user instance is prepared to receive another message.
–accept:the user instance(say(i,j))is?nished and has generated a session key K ij.
–reject:the user instance is?nished,but has not generated a session key.
The adversarymayperform the following ty pes of operations:(1)initialize user operation as in the ideal system;(2)set password operation as in the ideal system;(3)initialize user instance as in the ideal system;(4)deliver message with an input message m and a user instance(i,j)as parameters,and returning the message output from(i,j)upon receiving m;(5)random oracle with the random oracle index i and input value x as parameters,and returning the result of applying random oracle H i to x;(6)application as in the ideal system.
For an adversary A,RealWorld(A)denotes the transcript of the adversary’s operations.
Again,details of these operations can be found in[BMP00].
3.3De?nition of Security
Our de?nition of securityis the same as the one in[Sho99]for keyexchange.It requires
https://www.doczj.com/doc/6b11423816.html,pleteness:for anyreal world adversarythat faithfullydelivers messages
between two user instances with complimentaryroles and identities,both user instances accept;and
2.simulatability:for everye?cient real world adversary A,there exists an ef-
?cient ideal world adversary A?such that RealWorld(A)and IdealWorld(A?) are computationallyindistinguishable.
606Philip MacKenzie,Sarvar Patel,and Ram Swaminathan
4SNAPI
In this section we will start bypresenting the de?nition of RSA and giving a standard and well-accepted version of the RSA securityassumption.2Then we will present the SNAPI and SNAPI-X protocols.
First we give some preliminaryde?nitions.Let k and denote our security parameters,where k is the “main”securityparameter and can be thought of as a general securityparameter for hash functions and secret key s (say128or 160bits),and >k can be thought of as a securityparameter for RSA or discrete-log-type public keys (say 1024bits).Let {0,1}?denote the set of ?nite binarystrings and {0,1}n the set of binarystrings of length n .Let “|”denote the concatenation of bit strings in {0,1}?.A real-valued function (n )is negligible if for every c >0,there exists a n c >0such that (n )<1/n c for all n >n c .
The RSA encryption scheme is generally de?ned as follows:Let key generator GE de?ne a familyof RSA functions to be (e,d,N )←GE (1 )such that N =P Q ,where P and Q are prime numbers.Then,the public keyis the pair (e,N )where gcd(e,φ(N ))=1and the order of the group φ(N )=(P ?1)·(Q ?1).The encryption function E :?N →?N is de?ned by E (x )≡x e mod N and the decryption function D :?N →?N is D (x )≡x d mod N ,where the secret exponent d is chosen such that ed ≡1mod φ(N ).
The choice of P ,Q ,and e is generallyleft to the implementation,although it is recommended that P and Q be random large primes with about the same bit length (about /2for securityparameter )[IEE98],and for e?ciency e is often chosen to be a small prime and with a small number of ones in its binary representation,such as 3,17,or 65537.
For the securityof SNAPI,we make explicit requirements on the generation of P ,Q ,and e ,which are well within the scope of the general RSA securityrec-ommendations.Speci?cally,we require that GE (1 )chooses two random primes P and Q from the range {2 /2?1,...,2 /2}(for convenience,we assume is a multiple of 2).This implies that 2 ?2≤N ≤2 .We also require that e be a prime in the range {2 +1,...,2 +1}.Note that this guarantees that gcd(e,φ(N ))=1.For e?ciencyin our protocol,a standard value of e for a given securityparameter could be chosen beforehand.This would eliminate the need for a primalitytest byBob.(An alternative requirement on e would be that e is a prime,e ≥√N and (N mod e )|N ,since this can be checked in (probabilistic)polynomial time,and also implies that gcd(e,φ(N ))=1[Len84].)
Given these requirements on GE ,we use the following assumption on RSA:RSA Security Assumption:Let be the securityparameter.Let keygener-
ator GE de?ne a familyof RSA functions (i.e.,(e,d,N )←GE (1 )).For any probabilistic polynomial-time algorithm A ,Pr[u e ≡w mod N :(e,d,N )←GE (1 );w ∈R {0,1} ;u ←A (1 ,w,e,N )]is negligible.
2The security of the SNAPI protocol can actually be proven under a slightly more general security assumption.Details are omitted.
Password-Authenticated Key Exchange Based on RSA607 4.1The Protocol
Before the SNAPI protocol starts,two players agree on a common password π∈P.Let A and B be the identities of the two players,with A playing the role of Alice,and B playing the role of Bob.From this point on,we will refer to A as Alice and B as Bob,except when we must explicitlyuse their identities.
We assume that Alice has chosen an RSA keypair((e,N),(d,N)).In gen-eral,Alice would most likelyuse the same keypair in manysessions,although for perfect forward secrecy,Alice would need to choose a new pair in each ses-sion.That is,if Adv discovers the decryption key then Adv can determine all session keys obtained in sessions using that key pair.Obviously,some tradeo?s of securityversus e?ciencycould be performed.Alternatively,the two parties could obtain perfect forward secrecybycomputing the session keywith a Di?e-Hellman keyexchange[DH76]using,for instance,the m andμvalues.This, however,would require the Di?e-Hellman assumption for security,along with the RSA assumption.For simplicity,we will assume Alice uses the same encryp-tion/decryption pair for each session,although if Adv impersonates Alice,Adv could use a di?erent one.
De?ne hash functions h,h ,h :{0,1}?→{0,1}k and H:{0,1}?→{0,1}η(whereη≥ +k).We will assume that h,h ,h ,and H are independent random functions.Let S N={p:p≤2η?(2ηmod N)and gcd(p,N)=1}.
The protocol is shown in Figure1.Alice and Bob exchange random values, and Alice also gives her public keyto Bob.Theyboth compute hashes of all of these values,plus the password.Then Bob encrypts a random value a,multiplies it bythe hash,and sends it to Alice.Alice can divide the received value bythe hash and decrypt the result(using her private key)to obtain a.This value a can be used as a“long”secret for authentication.The idea of whythis works is that even if Bob computes hashes corresponding to other passwords,Bob cannot?nd another value a whose encryption times the other hash would equal the value sent to Alice,since Bob does not have the private key.3
Theorem1The SNAPI protocol is a secure password-authenticated key ex-change protocol under the RSA assumption and the random oracle model.
Proof in appendix.
5SNAPI-X
We now present a protocol for password-onlyauthentication that is“weakly”resilient to server compromise.4
Let g be a generator of a cyclic group?of sizeωsuperpolynomial in k in which the Di?e-Hellman problem is hard.In the SNAPI-X protocol,we assume 3Naturally,proving that this is the case is much more di?cult.
4By“weakly,”we mean that our protocol can be proven secure assuming that once the adversary has corrupted the server it does not actually impersonate the server to a real client,perhaps because it is unable to do network address spoo?ng.
608Philip MacKenzie,Sarvar Patel,and Ram Swaminathan
Alice(A)Step1:Choose m∈R{0,1}k,and send(A,m,(N,e))to Bob.
Bob(B)Step2:If m∈{0,1}k,N∈[2 ?2,2 ],e∈(2 ,2 +1],
or e is not prime,then reject,
Else
1.Chooseμ∈R{0,1}k and a∈R?N.
https://www.doczj.com/doc/6b11423816.html,pute p=H(N|e|m|μ|A|B|π).
3.If p∈S N then set q=a,
Else set q≡pa e mod N.
4.Send(μ,q)to Alice.
Alice(A)Step3:Ifμ∈{0,1}k or gcd(q,N)=1,then reject,
Else
https://www.doczj.com/doc/6b11423816.html,pute p=H(N|e|m|μ|A|B|π).
2.If p∈S N then reject,
Else,set a≡(q/p)d mod N and
send r=h(N|e|m|μ|A|B|q|a)to Bob.
Bob(B)Step4:If p∈S N or r=h(N|e|m|μ|A|B|q|a),then reject,
Else,send t=h (N|e|m|μ|A|B|q|a)to Alice,
set K=h (N|e|m|μ|A|B|q|a),and accept.
Alice(A)Step5:If t=h (N|e|m|μ|A|B|q|a),then reject,
Else set K=h (N|e|m|μ|A|B|q|a)and accept.
Fig.1.SNAPI Protocol
there is an initialization in which a client with identity B(whom we will refer to as Bob)chooses a passwordπ∈P,computes x=H (A|B|π)(where A is the identityof the server,whom we will refer to as Alice)and sends Alice X=g x,which we call the password veri?er.Alice generates an RSA keypair ((e,N),(d,N)).After the initialization Bob onlyneeds to rememberπ.As in SNAPI,we assume that Alice has chosen an RSA keypair((e,N),(d,N)).
De?ne hash functions h,h ,h :{0,1}?→{0,1}k and H,H :{0,1}?→{0,1}η(whereη≥ +k).We will assume that h,h ,h ,H,and H are indepen-dent random functions.Let S N={p:p≤2η?(2ηmod N)and gcd(p,N)=1}.
The protocol is shown in Figure2.Alice and Bob exchange random values, and Alice also gives her public keyto Bob.Theyboth compute hashes of all of these values,plus the password veri?er.Then Bob encrypts a random value a,multiplies it bythe hash,and sends it to Alice.Alice can divide the received value by the hash and decrypt the result(using her private key)to obtain a.This value a can be used as a“long”secret for authentication.Also,to verifythat Bob knows the password and not just the password veri?er,a type of“Di?e-Hellman”exchange is used.Alice generates her Di?e-Hellman values randomly, and Bob uses the password veri?er along with its discrete log as his value.The secret Di?e-Hellman value can thus be computed byboth parties and included in the authentication value sent byBob.Due to space restrictions,we omit the discussion of the securitymodel and proof,and simplystate our theorem.
Password-Authenticated Key Exchange Based on RSA609 Bob(B)Step0:Send B to Alice.
Alice(A)Step1:Retrieve X from password?le for B.
Choose m∈R{0,1}k,and send(A,m,(N,e))to Bob.
Bob(B)Step2:If m∈{0,1}k,N∈[2 ?2,2 ],e∈(2 ,2 +1],
or e is not prime,then reject,
Else
1.Set x=H (A|B|π).
2.Chooseμ∈R{0,1}k and a∈R?N.
https://www.doczj.com/doc/6b11423816.html,pute p=H(N|e|m|μ|A|B|g x).
4.If p∈S N then set q=a,Else set q≡pa e mod N.
5.Send(μ,q)to Alice.
Alice(A)Step3:Ifμ∈{0,1}k or gcd(q,N)=1,then reject,Else
https://www.doczj.com/doc/6b11423816.html,pute p=H(N|e|m|μ|A|B|X).
2.If p∈S N then reject,Else,
(a)Set a≡(q/p)d mod N
(b)Chooseγ∈ω.
(c)Set r=h(N|e|m|μ|A|B|q|a)and y=gγ.
(d)Send(r,y)to Bob.
Bob(B)Step4:If p∈S N or r=h(N|e|m|μ|A|B|q|a),then reject,
Else,
1.Send t=h (N|e|m|μ|A|B|q|a|y x)to Alice.
2.Set K=h (N|e|m|μ|A|B|q|a),and accept.
Alice(A)Step5:If t=h (N|e|m|μ|A|B|q|a|Xγ),then reject,
Else set K=h (N|e|m|μ|A|B|q|a)and accept.
Fig.2.SNAPI-X Protocol
Theorem2The SNAPI-X protocol is a secure password-only authentication and key exchange protocol with weak resilience to server compromise,in the random oracle model under the RSA assumption and assuming the hardness of Decision Di?e-Hellman.
Acknowledgements
We thank Daniel Bleichenbacher for helpful and stimulating discussions,and for showing us how our protocol can remain secure with a shorter RSA public exponent e(our alternative requirement for e in Section4).We also thank Victor Boyko for his thorough reading of the paper and helpful comments.
References
[BCK98]M.Bellare,R.Canetti,and H.Krawczyk.A modular approach to the design and analysis of authentication and key exchange protocols.In STOC’98
[STO98],pages419–428.
[Bea91]Donald Beaver.Secure multiparty protocols and zero-knowledge proof sys-tems tolerating a faulty minority.Journal of Cryptology,4(2):75–122,1991.
610Philip MacKenzie,Sarvar Patel,and Ram Swaminathan
[Ble99] D.Bleichenbacher,1999.Personal Communication.
[BM92]S.M.Bellovin and M.Merritt.Encrypted key exchange:Password-based protocols secure against dictionary attacks.In Proceedings of the IEEE
Symposium on Research in Security and Privacy,pages72–84,1992. [BM93]S.M.Bellovin and M.Merritt.Augumented encrypted key exchange:A password-based protocol secure against dictionary attacks and password
?le compromise.In CCS’93[CCS93],pages244–250.
[BMP00]V.Boyko,P.MacKenzie,and S.Patel.Provably-secure password authen-
tication and key exchange using Di?e-
H ellman.In EUROCRYPT2000
[EUR00].
[Boy99]M.Boyarsky.Public-key cryptography and password protocols:The multi-user case.In CCS’99[CCS99],pages63–72.
[BPR00]M.Bellare,D.Pointcheval,and P.Rogaway.Authenticated key exchange secure against dictionary attacks.In EUROCRYPT2000[EUR00].
[BR93a]M.Bellare and P.Rogaway.Random oracles are practical:A paradigm for designing e?cient protocols.In CCS’93[CCS93],pages62–73.
[BR93b]M.Bellare and P.Rogaway.Entity authentication and key distribution.
In CRYPTO’93,LNCS vol.773,pages232–249.Springer-Verlag,August
1993.
[BR94]Mihir Bellare and Phillip Rogaway.Optimal asymmetric encryption.In EUROCRYPT94,LNCS vol.950,pages92–111.Springer-Verlag,May
1994.
[BR96]M.Bellare and P.Rogaway.The exact security of digital signatures—how to sign with RSA and Rabin.In EUROCRYPT96,pages399–416,1996. [BS96] E.Bach and J.Shallit.Algorithmic Number Theory:Volume1E?cient Algorithms.The MIT Press,Cambridge,Massachusetts,1996.
[CCS93]First ACM Conference on Computer and Communications Security,1993. [CCS99]Sixth ACM Conference on Computer and Communications Security,1999. [CGH98]R.Canetti,O.Goldreich,and S.H alevi.The random oracle methodology, revisited.In STOC’98[STO98],pages209–218.
[DH76]W.Di?e and M.H ellman.New directions in cryptography.IEEE Trans.
Info.Theory,22(6):644–654,1976.
[EUR00]Advances in Cryptology—EUROCRYPT’2000,LNCS vol.1807.Springer-Verlag,14–18May2000.
[GLNS93]L.Gong,T.M.A.Lomas,R.M.Needham,and J.H.Saltzer.Protecting poorly chosen secrets from guessing attacks.IEEE Journal on Selected
Areas in Communications,11(5):648–656,June1993.
[Gon95]L.Gong.Optimal authentication protocols resistant to password guessing attacks.In Proc.8th IEEE Computer Security Foundations Workshop,
pages24–29,1995.
[H K98]S.H alevi and H.Krawczyk.Public-key cryptography and password pro-
tocols.In Proceedings of the Fifth Annual Conference on Computer and
Communications Security,pages122–131,1998.
[IEE98]IEEE P1363Annex D/Editorial Contribution1c:Standard speci?cations for public-key cryptography,June1998.
[Jab] D.Jablon.Integrity sciences web site.https://www.doczj.com/doc/6b11423816.html,. [Jab96] D.Jablon.Strong password-only authenticated key exchange.ACM Com-puter Communication Review,ACM SIGCOMM,26(5):5–20,1996.
[Jab97] D.Jablon.Extended password key exchange protocols immune to dictio-nary attack.In WETICE’97Workshop on Enterprise Security,1997.
Password-Authenticated Key Exchange Based on RSA611 [Len84]H.W.Lenstra.Divisors in residue classes.Mathematics of Computation,
42:331–340,1984.
[Luc97]Stephan Lucks.Open key exchange:H ow to defeat dictionary attacks with-
out encrypting public keys.In Proc.Workshop on Security Protocols,1997. [MPS]P.MacKenzie,S.Patel,and R.Swaminathan.Password-authenticated key
exchange based on rsa.full version.
[Not99]RSA Laboratories Technical Note.PKCS#1,version2,RSA encryption
standard.https://www.doczj.com/doc/6b11423816.html,/rsalabs/pubs/PKCS/,1999.
[Pat97]S.Patel.Number theoretic attacks on secure password schemes.In Proc.
IEEE Symposium on Research in Security and Privacy,pages236–247,
1997.
[RCW98]M.Roe,B.Christianson,and D.Wheeler.Secure sessions from weak se-
crets.Technical report,Univ.of Cambridge and Univ.of H ertfordshire,
1998.
[RSA78]R.Rivest,A.Shamir and L.Adleman.A method for obtaining digital
signature and public key https://www.doczj.com/doc/6b11423816.html,m.of the ACM,21:120–126,
1978.
[Sho99]V.Shoup.On formal models for secure key exchange.IBM Research Report
RZ3121,April1999.
[STO98]Thirtieth ACM Symposium on Theory of Computing,May1998.
[STW95]M.Steiner,G.Tsudik,and M.Waidner.Re?nement and extension of
encrypted key exchange.ACM Operating System Review,29:22–30,1995. [Wu98]T.Wu.The secure remote password protocol.In Proc.1998Internet
Society Network and Distributed System Security Symposium,pages97–
111,1998.
[Wu99]T.Wu.A real world analysis of kerberos password security.In1999Internet
Society Network and Distributed System Security Symposium,1999.
A Security of the SNAPI Protocol
The completeness requirement follows directlybyinspection.Here we prove that the simulatabilityrequirement holds.The basic technique is essentiallythat of
Shoup[Sho99].The idea is to create an ideal world adversary A?byrunning the
real world adversary A against a simulated real system,which is built on top of the underlying ideal system.In particular,A?(i.e.,the simulator combined with A)will behave in the ideal world just like A behaves in the real world,except that idealized session keys will be used in the real world simulation instead of
the actual session keys computed in the real system.
Thus our proof consists of constructing a simulator(that is built on top of an ideal system)for a real system so that the transcript of an adversary attacking the simulator is computationallyindistinguishable from the transcript of an adversaryattacking the real sy stem.Due to space restrictions we are onlyable to sketch the simulation.Details maybe found in the full version of the paper[MPS].The di?cult part of the simulation is to answer queries to user instances and random oracles that are consistent with the ideal world,but without a priori knowing the passwords.
First we deal with the random oracle queries.Note that the user IDs and nonces allow the simulator to know which conversations theycorrespond to.
612Philip MacKenzie,Sarvar Patel,and Ram Swaminathan
The simulator always answers an H querywith the encry ption of a known value,which helps in the later simulation.
For an h query,the simulator is able to test whether this corresponds to a password test byencry pting the a value in the query,and then for each H query corresponding to the same conversation,multiplying the encryption of a bythe result of that queryand testing if the result equals the q value sent in the conversation.If for any H querythis test is positive,the simulator must make a test instance password queryto the ringmaster in the ideal world.Naturally we must show that the simulator never makes a test instance password query unless the adversaryis activelyinvolved in the conversation,and in that case the simulator makes at most one test instance password query.(We sketch the proofs of those below.)If there is no password being tested,or if there is a password being tested and it is incorrect,the simulator simplyresponds with a random bit string.Otherwise,the simulator responds with a bit string consistent with previous values of the protocol.
For h and h queries,the simulator simplyresponds with random bit strings, and these will be indistinguishable(details omitted).
Now we deal with user instance queries.In general,theyare handled as in the actual protocol,except that the q value is set to a random encryption(not multiplied bythe result of an H query,since the password is not known to the simulator),and the authentication values r and t are generated randomly,except when a password test bythe adversaryis detected(byexaming the random oracle queries).If necessary,the simulator makes a test instance password query to the ideal world ringmaster,and responds accordingly.If the simulator detects a matching conversation,i.e.,an incoming authentication value was sent bya valid partner using the same nonces,then the simulator accepts the authentication value(even though it cannot actuallycheck it since the simulator does not know the password).
To prove that the adversarynever forces the simulator to make a test instance password queryfor a matching conversation,we assume that the adversarydoes and break the RSA assumption as follows.We take a challenge RSA keyand ciphertext and guess the user A involved in the o?ending conversation.The simulator sends the challenge RSA keywhen simulating user A,and for any user instance in a conversation with A sends q equal to a random encryption multiplied bythe challenge ciphertext.Then for anyrandom oracle querythat tests a password,one can compute the decryption of the ciphertext(using the fact that the output of the H oracle is a value whose decryption is known to the simulator).
To prove that the adversarynever forces the simulator to make two test instance password queries for a non-matched conversation with an“Alice”user instance,we assume that the adversarydoes and break the RSA assumption as follows.We take a challenge RSA keyand ciphertext and guess the user A involved in the o?ending conversation.The simulator sends the challenge RSA keywhen simulating user A,and for any H queryinvolving user A,?ips a coin to decide whether to set the output to the encryption of a known value,or the
Password-Authenticated Key Exchange Based on RSA613 encryption of a known value multiplied by the challenge ciphertext.If two h or h queries are made along with two H queries such that two password tests must be performed,then these correspond to the same q value sent to user A and thus can be related byan equation which allows one to solve for the decry ption of the challenge ciphertext,as long as exactlyone of the H queryoutputs included
.
the challenge ciphertext.This happens with probability1
2
如何使邮件营销不被视为垃圾邮件 来源: 邮件营销发布时间: 2011-01-16 18:04 259 次浏览大小: 16px 14px 12px 如何使邮件营销不被视为垃圾邮件 如何使邮件不被拒收,邮件白名单[邮件营销] 关键词:如何群发邮件不被认定为垃圾邮件, 早些时候,我们单位也曾经使用过电子邮件群发进行【网络营销】之【电子邮件营销】。在这里将其中的一些问题和技巧分享给大家 一般的无论您使用的是免费邮箱还是收费的企业邮箱,一个邮箱帐户每天最多的发送量要求是【不能超过1000封】的, 强比科技和网易企业邮箱都是反对群发垃圾邮件的,但对于应用型的邮件和向会员发送邮件,就不在此列。 注:网易企业邮箱是防垃圾邮件协会的主要倡导者,对于发送垃圾邮件并没有特权,使用企业邮箱并不会让您的应用型邮件发的更多更广,但我们会告诉您一些规避被认定为垃圾邮件的规则 1、单邮件单发,收件人里不要一下填上两百个收件人帐号。。。保守的建议:收件人、抄送、密送栏,每栏都不要超过10个以上的收件帐户 2、您发送的收件人是否准确?如果您发送的收件人帐号有错误,请一定要注意将其从列表删除,如果服务器收到太多的退信,会对您的帐户进行监测或被认定为发送的是垃圾邮件 3、群发邮件主题及内容最好每次有所变化和注意相关的垃圾词汇。群发邮件时,一定要注意邮件主题和邮件内容,很多邮件服务器为过滤垃圾邮件设置了垃圾字词过滤,如果邮件主题和邮件内容中包含有如:大量、宣传、赚钱等字词(当然发票,枪支等更是不行的),服务器将会过滤掉该邮件,致使邮件不能发送。因此在书写邮件主题和内容时应尽量避开你认为的有垃圾字词嫌疑的文字和词语,才能顺利群发邮件。另外标题尽量不要太商业化,内容也不宜过多(尽量小于7k),如果一看就是推销邮件,效果就不会太好(有可能直接del了),而内容过多就会使阅读者不耐烦甚至根本不看。 4、会员广告邮件最好能在标题中标注(AD)这个网易等邮箱会直接发送到广告邮件夹里,
Exchange邮件系统解决方案建议书 上海有孚计算机网络有限公司 2014年9月
目录 1.系统方案设计 (1) 1.1.系统整体拓扑 (1) 1.2.邮件系统解决方案 (1) 1.2.1.邮件系统拓扑 (1) 1.2.2.Exchange系统角色介绍 (2) 1.2.3.访问方式 (3) 1.2.4.功能清单 (3) 1.2.5.系统技术说明 (5) 2.成功案例 (13) 2.1.绫致时装 (13) 2.2.泸州老窖 (13) 2.3.卡友信息 (14) 3.公司介绍 (15) 3.1.基本情况 (15) 3.2.竞争优势 (15) 3.3.荣誉资质 (16)
1.系统方案设计 1.1.系统整体拓扑 本方案推荐选择当前市场性能最好最稳定的Exchange 2013作为邮件系统,并建议采用高可用性架构部署方式,系统部署在公司总部机房,通过公网连接使用有孚网络的邮件中继服务,实现发往外部的邮件可以通过中继服务中的反垃圾、反病毒以及海外加速等功能,内部用户的邮件投递通过内网传输。出于成本考虑本项目的建设,推荐采用虚拟化部署方式。 1.2.邮件系统解决方案 1.2.1.邮件系统拓扑 上图为邮件系统逻辑拓扑,服务器数量可根据用户实际情况增减。邮箱服务器部署在企业内部,在内网的用户可以通过内网访问邮箱服务器,且域内用户间的邮件投递也是在域内进行,不需要出公网。包括防病毒、防垃圾的功能,并提供海外加速服务。
1.2.2.Exchange系统角色介绍 Exchange 2013包括以下服务器角色: ●邮箱服务器角色(MailBox)邮箱服务器可以使用到后端高可用性组 集群(DAGs)。 ●客户端访问服务器角色(CAS)这角色包含的客户端,如Microsoft Office Outlook 中,Outlook Web App,移动设备,和SMTP代理服务器 连接,并接收邮件和邮件传送到Internet上的其他邮件主机。客户端访 问服务器,可以组成客户端访问服务器阵列。 客户端访问服务器角色和邮箱服务器角色的工作过程如下图所示:
电子邮件送达率是衡量电子邮件营销效果的重要指标之一。随着垃圾邮件越来越泛滥,世界上所有的 ISP 和服务器提供商都采取了越来越严厉的过滤垃圾邮件措施,同时也给正常邮件,以及合法合理、用户欢迎的电子邮件营销带来不便。不过这是大势所趋,不是营销人员能解决的。 垃圾邮件过滤方法垃圾邮件过滤方法 电子邮件营销人员能做的是尽量减少自己的邮件被当作垃圾邮件的机会。要做到这一点,首先需要了解主要的垃圾邮件过滤方法。 第一种是以触发式过滤算法鉴别垃圾邮件,这样的过滤器通常已经装在电子邮件客户端软件或邮件服务器上。其原理是过滤软件检查邮件的发信人,标题,正文内容,邮件中出现的链接和域名,甚至电话号码,当发现带有明显广告性质,或经常出现已知垃圾邮件的典型特征,则给这封邮件打一定的垃圾邮件特征分数。当分数达到一定数值时,邮件将被标志为垃圾邮件,直接过滤到垃圾邮件文件夹。 比如,邮件标题中出现¥、$符号,可能给予2 分垃圾分数。邮件内容中出现“免费”、“发票”、“促销”等典型垃圾邮件中经常出现的词汇时,也各给 1 分。邮件中如果包含已经被确认的经常发垃圾的域名,再加 1 分。甚至邮件内容中出现被确认与垃圾邮件相关联的电话号码,也给个分数。 当这些垃圾分数相加达到某一个数值时,比如达到 10 分,这个邮件将被标志为垃圾。 第二种方法是以黑名单为基础。有一些创建和维护链接邮件黑名单的组织,专门接受用户的垃圾邮件投诉,如果确认确实是垃圾邮件,黑名单运行者将把发送垃圾邮件的服务器和用户IP 地址放入黑名单。 比较有规模的垃圾黑名单通常都与其他ISP 及服务器运营商共享黑名单数据库。一旦某个IP 地址被列入黑名单,世界上很多ISP 和邮件服务器将拒收来自这个 IP 地址的所有邮件。 有的时候用户投诉其实并不是真的因为所收到邮件是垃圾邮件,而是用户忘记了曾经注册这个电子杂志。如果你的IP 地址被错误地投诉而列入黑名单,唯一的方法是联系黑名单维护组织,说明情况,提出证据,要求把你的IP 地址从黑名单中删除。不过这一过程有时非常复杂艰难。 第三种方法是邮件防火墙。很多大公司的服务器是运行在邮件防火墙之后,这些防火墙会综合使用各种过滤器以及黑名单,再加上自行研制的一些算法,来鉴别和剔除垃圾邮件。这些防火墙的算法则更复杂,并且不与其他人分享细节,对正常邮件的送达也可能起到致命的影响。 第四种方法是使用邮件确认。当电子邮件帐号收到一封email 时,这封 email 会首先进入待送达队列中排队,同时自动回复给发信人一封确认邮件。确认邮件中包含有一个确认链接,或标题中包含有一个独特的确认序列号,只有原来的发件人点击确认链接,或回复这封确认邮件,发信人的邮件地址才会被列入白名单,原来所发送的第一封原始邮件才真正被送达到收件箱。 鉴别和阻挡垃圾邮件大致上是这几种方法,有一些邮件服务器可能会综合使用这些方法。 为了避免邮件被这些过滤手段鉴别为垃圾邮件,应该注意下面一些问题。 检查服务器 IP 地址是否在黑名单中?选择邮件服务器时,应该检查服务器提供商的IP 地址是否被列在主要的垃圾黑名单中。国际上主要的垃圾黑名单包括: https://www.doczj.com/doc/6b11423816.html,
一、电子邮件系统概述 电子邮件系统, 用于在中铁快运总部和下属各单位传送文件、信息、通知、报告, 并作为辅助办公工具。 电子邮件系统采用微软的Exchange Server作为基础平台, Exchange Server 是专为 Windows Server 设计的服务器应用程序, 它具有增强的可靠性、可扩展性和性能, 以及经过对邮件、协作和网络资源的统一管理而获得的 较低的拥有成本。内置的工作流引擎为部门和企业工作流和跟踪应用程序提供高 性能、可靠和安全的平台。Exchange Server 是可靠的、可扩展的和可管理 的体系结构。 客户端采用浏览器, 为实时协作用户提供了一个一致性的用户界面。 二、使用电子邮件系统 客户端使用浏览器登录邮件系统。在办公系统的主页面点”电子邮件”, 会提示输入用户名和口令。( 如果用户还没有在邮件系统申请用户, 请向有关部 门提交申请。) 如图:
邮件系统的主页面如图: 邮箱工具栏: 导航窗格: 位于主窗口旁边的导航窗格, 提供对邮件和联系人的一键单击访问。能够使用导航窗格来管理邮件文件夹、日历、联系人等。如下
表工具栏功能概述 工具项视图说明 默认电子邮件文件夹, 包括”日历”、”联系人”、”已删 除邮件”、”草稿”、”收件箱”、”垃圾邮件”、”日记”、”便 笺”、”发件箱”、”已发送邮件”和”任务”。 ”收件箱”旁边的括号中将显示收件箱中的新邮件数目。 收件箱以粗体显示新邮件。打开邮件后, 邮件将还原为正常 体。 能够创立和跟踪约会, 并可组织和安排与合作者的会 议, 然后按需要更新或修改会议信息( 时间、地点或与会 者) 。 联系人文件夹用于存储那些经常保持通信联系的个人 信息和业务信息, 使用这一功能能够存储电子邮件地址、 街道地址、电话号码以及其它任何与联系人有关的信息。 能够按联系人名称的任何一部分或按其它的联系人信息对 联系人进行排序或分组。还能够将联系人移动或复制到其它 文件夹, 或将文件( 如 Microsoft Word 文档) 附加到联 系人以将相关信息保存在一起。 任务指需要跟踪完成的与个人或工作相关的事务。任 务能够是单次任务或定期任务。定期任务能够定期重复, 也 能够基于您标记的任务完成日期重复。 能够收集、组织并与工作组或组织中的其它成员共享 信息,并可使用公用文件夹共享文件或在电子公告牌张贴信
垃圾邮件防护系统分析与应用方法 【内容提要】: 随着联机上网费用日趋便宜,发送电子邮件广告几近零成本又有利可图,因此造成垃圾邮件如今日混乱猖獗的现况。针对这种问题,许多公司研究出许多垃圾邮件防护和过滤机制产品,本文将对垃圾邮件的有关防护过滤技术和解决方法作一个基本介绍。 【关键词】:垃圾邮件、邮件防护、技术分析、AFS、华硕、过滤、机制 引言---------- 随着互联网的蓬勃发展,E-mail信息的传播达到了前所未有的广度和深度。同时不请自来的电子邮件也以各种形式闯入我们的邮箱- 商品推销、诈骗、政治或宗教抨击、病毒载体以及无法归类的稀奇古怪的形式。有些人每天甚至要收到100 到200 封这样的垃圾电子邮件(甚至更多)。因为更多的人开始使用英特网的关系(自因特网建立以来,人数飞速增长),对于商人、小贩、想入非非者以及蓄意破坏者而言,可以无偿地联系到数目巨大的各类人,诱惑力变得难以抵挡,自此大量的垃圾邮件在世界的各个角落产生,并瞬间传递到世界其他任何地方,这种费时且消耗CPU 的破坏行为迅速对经济产生了极大的负面影响。 现今越来越多的人开始意识到垃圾邮件的传递所带来的严重后果,并不断提出防治的新需求。 一垃圾邮件的定义 一封完整的电子邮件包含以下项目:邮件信封Mail Envelope、邮件标题Mail Header、邮件本文Mail Body 与邮件附檔Mail Attachment。电子邮件传输处理分为两阶段:邮件传输代理Mail Transfer Agent (简称MTA),例如邮件服务器,以及与邮件使用代理Mail User Agent (简称MUA),例如Outlook 或Outlook Express。 如果以邮件內容定义垃圾邮件,容易随个人主观认定而异;对银行业、娛乐业,广告业而言,包含其他银行贷款广告、色情广告的邮件,可能是种具有价值的市场资讯,而非垃圾邮件;因此,必需依邮件行为始能,依众人认知、法律规范与国际法规逐一精确定义何为垃圾邮件。 1. 众人认知:不请自來、来路不明、无法拒绝之邮件。 2. 法律规范:造成骚扰、匿名文书或嫁祸他人之邮件。 3. 国际法规: 2003 年底美国立法明定「Can Spam」垃圾邮件法规「Can Spam」字面表示可以「Spam」,惟有「但书」,寄件者必须表明身分,让收件者可以追溯来源不可以匿名、伪造,或者刻意隐匿或篡改资讯等行为发送电子邮件;发送方式方式不可为垃圾邮件滥发者(Spammer) 慣用之垃圾邮件滥发方式或程式,如借用邮件代替(Open Relay)、出现过多邮件转(Received) 或机器自动发送,以及不断尝试各种进入企业信箱方法等,必须提供收件者「选择权」,具有「取消订阅」机制。 综上所述,垃圾邮件之所以恼人并不是因为內容无趣不吸引人,而在于大量滥发,任意长驱直入收信者电子邮件信箱。 二邮件信息安全的影响
Exchange邮件系统安全性分析 Exchange邮件系统是用于公司域的用户的邮件系统,为人们的办公提供了极大的便捷,可以被用来构架应用于企业、学校的邮件系统,目前,Exchange 邮件系统已经在多个大中型企业之中得到了广泛的应用,极大的方便了企业之间的沟通和互联。本文主要基于Exchange邮件系统的安全性进行分析。 标签:Exchange邮件系统;安全性;分析 一、Exchange邮件系统存在的必要性 所谓的Exchange邮件系统,是指一种一般用于公司域的用户的邮件系统,这个邮件系统区别与其他系统的根本特质是支持体系不同。Exchange邮件系统的存在确实有其必要性: (1)能方便人与人之间的联系。这种联系尤其在工作之后的生活当中体现的最为明显。现在的快节奏生活常常使得人们在一天工作结束之后身心俱疲,相信这种情况下,没有人愿意在再接到单位的电话或者收到单位的短信。但是,对于有些公司上的业务,是必须要按时进行汇报的。这时候,就可以借助Exchange 邮件系统,将所要表达的内容编辑成邮件发送给对方。这样既完成了自己的工作,同时也不会对其他人的生活造成影响。所以,Exchange邮件系统的存在,能方便人与人之间的联系。 (2)能方便公司与员工之间的联系。在一些企业,特别是规模较大的企业当中,普通的员工是很难有机会见到公司高层的。但是,在一些特殊情况下,员工确实需要与高层进行联系。这时候就可以借助企业内部的Exchange邮件系统。员工可以将自己所要叙述的事情编辑成邮件发送给高层。还有,企业高层在做出某项决议之后,是一定要将这项决议传达给每一位员工的。为了保证所有的员工都能接受到企业的指令,就必须在企业内部建立统一的沟通方式。Exchange邮件系统正好能满足企业的要求。所以,可以在企业的内部建立Exchange邮件系统,能方便公司与员工之间的联系。 二、Exchange邮件系统存在的安全问题 Exchange邮件系统在使用过程中可能会涉及到很多至关重要的信息,所以,一定要保证该系统的安全性。下面将详细介绍Exchange邮件系统中存在的安全问题: (1)可能导致邮件内容泄露。Exchange邮件系统进行收发活动,是需要借助无线局域网络的。因为我国目前的无线网络技术发展的还不是特别的成熟,所以,在使用无线网络进行邮件的收发的时候,可能会造成邮件内容的泄露。这些邮件内容大多涉及到收发人的隐私或者企业内部的机密,一旦发生泄露,是会给邮件收发人或者企业带来巨大损失的。
[精华] 【经验交流】Lotus Domino/Notes如何有效防止垃圾邮件. 为普及Lotus办公自动化平台(OA)而努力...... 1.前言 随着Internet技术的普及与发展,电子邮件已经成为大多数人必不可少的通讯工具。企业拥有自己的邮件系统,已经随处可见。然而,一个日益严重的问题却困扰着众多的系统管理员,那就是如何有效地防止—垃圾邮件。 垃圾邮件的破坏性是显而易见的,它不仅阻塞有限的网络带宽,而且降低了邮件服务器的信誉度,使得其它邮件服务器可能不接收此服务器发出的邮件。那么,如何有效地预防和限制垃圾邮件呢?在这一方面,Domino提供了各种配置参数,如何有效地使用这些参数,来全面制止垃圾邮件,是本文关心的话题。 下文以lxpServer/test为例,图文并茂进行阐述。 2.Domino提供的SMTP配置参数 2.1.服务器文档: 关于SMTP的参数配置有: ·邮件返回(进入服务器)时是否需要进行身份验证。一般的SMTP在返回邮件时是不需要身份认证的。 ·是否需要启用SSL端口。这主要是为了防止邮件在传输过程中被人截获而泄密。因为SMTP邮件在网络上传输时,采用的是明码的方式,对于敏感数据,可能需要启用SSL加密。 2.2.配置文档 关于SMTP的诸多限制,都是在配置文档中体现的,包括这几个方面的设置: ·Notes用户限制:允许Notes网络域中的哪些用户向外(Internet)发送邮件。 ·转发控制:邮件源地址控制参数,邮件目标地址控制参数,是否需要核实源地址身份。 ·外出控制:允许哪些(Internet)用户向外(Internet)发送邮件。 ·邮件返回控制:允许哪些用户发邮件给本服务器,是否核实对方的身份。 关于参数的详细说明,大家可以参考Domino管理帮助。下面我们通过一些实际的例子,来看看这些参数如何运用。
0 引言 垃圾邮件的泛滥,已经对互联网和现实社会造成了危害。对垃圾邮件的治理已成为与抗击网络病毒并列的重任。1 垃圾邮件的概况 所谓垃圾邮件,包括下述属性的电子邮件: 收件人事先没有提出要求或者同意接收的广告、电子刊物、各种形式的宣传品等宣传性质的电子邮件;收件人无法拒收的电子邮件;隐藏发件人身份、地址、标题等信息的电子邮件;含有虚假的信息源、发件人、路由等信息的电子邮件。 垃圾邮件的分类从内容上看,主要是商业广告性质的邮件;另外,有少量政治,团体组织的宣传邮件。从邮件的发送形式上看,有直接发送和第三方转发两种。 所谓直接发送,就是邮件的发送者使用自己的服务器,IP 地址,自己的网络资源传送这些邮件。目前使用更多的是使用第三方服务器转发。对于这种垃圾邮件,只要关闭有关服务器的转发功能就可以了。 垃圾邮件的危害。占用网络带宽,造成邮件服务器拥塞,进而降低整个网络的运行效率;侵犯收件人的隐私权,侵占收件人信箱空间,耗费收件人的时间、精力和金钱。有的垃圾邮件还盗用他人的电子邮件地址做发信地址,严重损害了他人的信誉;被黑客利用成助纣为虐的工具;严重影响ISP的服务形象, ISP每年因垃圾邮件要失去7.2%的用户;妖言惑众,骗人钱财,传播色情等内容的垃圾邮件,已经对现实社会造成了危害。 2 技术上的应对措施 2.1 找出真正发件人 垃圾邮件一般采用了群发软件发送,发信人的地址是可以任意伪造的,查看信头可以让您找到真正的发件人。查看信头的方法是: (1)如果您是在Web页面上看邮件的话,直接打开邮件,点击信件显示页面上方菜单中的“原文”,就可以看到信头。 (2)如果是用Outlook Express来收信的话,指向邮件,不要打开,点击鼠标右键,看信件的属性,再点击详细资料,就可以看到信头。如果有sender的话,sender后面就是真正的发件人;如果没有sender,最后一个re-ceived from就是发件人所用的SMTP服务器。 Receive语句的基本表达格式是:from Server A byServer B,Server A为发送服务器,Server B为接收服务器。 例如: ReturnPath:<ownerenewsdaily@enet.com.cn> Received:from ns.enet.com.cn ([202.106.124.167]) bymail.777.net.cn(8.9.3/8.8.7) with SMTP id TAA13043; Thu, 28 Oct 1999 19:51:28 +0800 Received:(from list@localhost) by ns.enet.com.cn (8.9.3/8.9.0) id RAA19714 for enewsdailylist;Thu, 28 Oct 1999 17:50:30 +0800 Received:from chinanetweek.com ([210.72.235.218]) by ns.enet.com.cn (8.9.3/8.9.0) with ESMTP id RAA19690 for <enewsdaily@enet.com.cn>; Thu, 28 Oct 1999 17:50:28 +0800 Received: from chinanetweek.com ([10.1.2.105]) by chinanetweek.com (8.9.3/8.9.0) 作者简介:隆益民(1965-) ,男,副教授,硕士,研究方向为计算机及网络安全。 垃圾邮件的危害及应对措施 摘要:电子邮件是人们生活中加强沟通的重要交流工具,但垃圾邮件的泛滥已经使整个因特网不堪重负,垃圾邮件严重影响了人们使用互联网。治理垃圾邮件已成为与抗击网络病毒并列的重任。我国就垃圾邮件的处理上尚未制订相关的法律。也可参照国际通行的做法,针对垃圾邮件制订的较为严格的法律和规定,对垃圾邮件问题进行立法研究,从行政管理和法律角度加强对垃圾邮件的管理。 关键词:反垃圾邮件;群发;ID;电子邮票;黑名单;法律 隆益民 广东女子职业技术学院 计算机系 广东 511450
Exchange邮件系统迁移方案 1. 背景分析 目前Exchange的用户大多还在使用Exchange 5.5,随着微软官方对于Exchange 5.5的支持在2003年12月31日中止,大量Exchange 5.5的用户面临着巨大的邮件系统升级压力。 Exchange 5.5作为1999年发布的软件产品,在其设计之初,也从未考虑到当前用户对于基于消息的协作要求,例如协同文档处理、协同工作小组、协同桌面会议等,随着用户对协作应用的需求不断增长,Exchange 5.5的用户也需要考虑如何解决上述问题。 面对这些挑战,我们提供了基于Lotus Domino技术的整体解决方案,帮助用户摆脱邮件系统升级的困扰,并获得更强大的功能特性。 2. 方案分析 采用Lotus Domino平台建设用户的邮件系统,并以此为基础,搭建更为强大的业务应用,是整个解决方案的核心。之所以选择Lotus Domino平台替代用户现有的Exchange 5.0(或更高版本),建设用户的邮件系统及业务应用,是基于如下众多事实: 2.1. 技术路线 IBM公司与微软公司作为IT行业的领先者,所遵从的IT技术标准有很大的差异。IBM公司的软件平台大多遵从开放的J2EE标准,而.NET则是微软公司提出并遵从的。 J2EE标准是一个为开发和发布便于达到网络经济要求的应用程序所提供的标准,这个标准是由Sun Microsystems以及多个合作者共同开发的,主要应用于当今
网络经济中的商业领域。建立这个标准的是为了扩展现场、减少了阻碍事务的冲突,通过标准使得商业仅集中在商业问题,而不是集中在复杂的技术问题。 J2EE把应用程序的开发和支持任务分成好多定义好的角色。这种分工的作用是:把复杂的编程任务交给J2EE平台,减少了应用程序开发人员支持新的应用需求的工作量,以及可以清楚地根据特定的技术和条件进行任务分离。这种分离也使得专业知识商品化--J2EE应用程序实质上可以用非定制的组件装配而成,这些组件要遵照定义好的接口,这样就仅需要少量编程或专用化。 Lotus Domino作为一种相对独立的技术路线,目前提供了对J2EE架构的良好支持,其本身就可以作为一个简单的J2EE应用服务器,在系统中为用户提供整合了的J2EE运行环境。而Lotus家族的Workplace系列产品,更是完全基于J2EE架构。 .NET框架(Framework)是一个开发、部署和运行.NET应用的环境,包括了https://www.doczj.com/doc/6b11423816.html,、公共语言运行时环境(CLR)以及.NET框架类。对于.Net不同的人有不同的解释方式。有人认为.NET是一种全新的下一代可视化开发环境;有人认为.NET 是一种新的针对Internet时代的开发语言---C#;有人认为它是基于XML(可扩展标记性语言)和SOAP(简单对象访问协议)的新型信息交换平台,是面向未来的企业级的开发平台。类似这样的定义非常多,这些说法都对,但是都只是涉及到了.NET 的一部分。 单从技术发展本身来看,J2EE应用由于可各种OS上运行,而且很多开发商还提供了Web应用服务器和开发工具,因此用户可以随意选择,而开发商则通过在功能和性能方面相互竞争来不断提高产品水平,这些都使得J2EE架构能够得到快速的发展;而.NET的操作系统环境仅限于Windows,开发工具、运行环境的单一化会严重影响.NET的发展。 如果仅从技术路线来看,两条技术路线目前都得到了众多软件公司和用户的认可,很难评价哪一种路线更先进。但对于我们所针对的高端企业市场来说,适应高端企业需求的软件系统大多采用了J2EE架构,这虽然不能以此来说明针对高端企业
如何使营销邮件不被当作垃圾邮件的几点技巧 E-mail营销已经作为行之有效的方法被越来越多的企业营销人员所接受,但是不正当的邮件营销往往会适得其反,同时目前过滤垃圾邮件的软件、措施已越来越普及,如何用好这把行销的双刃剑,避免发出的营销电子邮件被错误地拒收。这里还是有一些技巧可供大家借鉴的: 1.注意标题 避免利用"收件人"、"抄送"和"暗送"将一封邮件发给大量的接收者。确信一封邮件每次仅发给了一个人。 2.选择适当主题 选择一个能够使人信任的主题。避免使用垃圾邮件常用的单词和符号,例如“免费”“派送”、“优惠”以及怪异字符标点等。 3.选用优秀的邮件发送软件 现在的邮件发送,邮件群发软件越来越多了,其中软件质量效果参差不齐,为了您企业的形象还是建议选用优秀的软件进行营销,同时建议使用注册版的软件,否则不少试用版的都在邮件下端留有版权信息,收件人一看就知道是群发,企业形象大打折扣,事与愿违。 4.响应电子邮件的要求。不仅要在电子邮件中含有"退订"的超级链接。订阅者可能会要求您将他的地址从您的数据库中删除。马上去做,并将处理的结果通知他。响应他们的要求有助于避免潜在的垃圾邮件抱怨,避免他们将您列入ISP的黑名单中。 5.加入白名单。诸如像AOL这样的一些国外ISP,允许用户将电子邮件地址加入到他们个人的白名单里。列在这个表里的电子邮件地址就可以通过ISP的垃圾邮件过滤器。浏览者在您的网站上订阅时,请他们将您的地址加入进他们的白名单中。 您也可以给在使用自己电子邮件程序(如微软的Outlook)的垃圾邮件过滤器的用户一个要求,请他们将您的邮件地址或域名添加进他们的"安全发件人"的列表。 6.监视您的退回邮件。当一个特殊的邮件多次被退回,您可以亲自联系接收人,并请他们将您的地址加入他们的白名单。如果您得不到他们的响应,就要从您的数据库中将这些电子邮件地址删除。如果您使用的是电子邮件管理软件,找出无效的邮件地址并删除它们。过多的退回邮件可能被垃圾邮件过滤器过滤。 也要记住,在您邮件"签名"文件中,含有隐私政策和退订。这样可以让您的浏览者不必担心由此引起其他的垃圾邮件,并随时退订不喜欢的邮件。这信息不仅能够增加您的订阅率,而
Exchange2003服务器配置全攻略 5.4 Exchange架设邮件服务器 Exchange主要是针对内部网或者企业网用户进行搭建的邮件服务器软件。利用它能够很快地搭建内部网邮件系统,同时它的安全性相对来说是很高。下面就详细介绍如何利用Exchange来搭建邮件服务器。 5.4.1 安装准备 1.Exchange部署工具 Exchange部署工具是引导完成安装或升级过程的工具和文档。要确保所有必需的工具和服务都得到安装并正确运行,建议通过Exchange Server部署工具来运行Exchange 2003安装程序。 启动Exchange部署工具,将Exchange插入CD-ROM驱动器。在【欢迎使用 Exc hange Server 2003安装程序】对话框中,选择【Exchange 部署工具】选项。按照Exchange Server部署工具文档中的说明逐步进行操作。 启动工具,指定想要执行【新的Exchange 2003安装】过程之后,系统将提供一份清单,详细列出以下安装步骤: (1)验证组织满足指定的要求。 (2)安装并启用必需的Windows服务。 (3)运行DCDiag工具。 (4)运行NetDiag工具。 (5)运行ForestPrep。 (6)运行DomainPrep。 (7)运行Exchange 安装程序。 2.安装和启用IIS 服务 Exchange安装程序要求在服务器上安装并启用下列组件和服务: ● .NET Framework。 ●https://www.doczj.com/doc/6b11423816.html,。 ●Internet 信息服务(IIS)。
● World Wide Web Publishing 服务。 ● 简单邮件传输协议( SMTP )服务。 ● 网络新闻传输协议(NNTP )服务。 在Windows 2003目录中或域中安装Exchange ,默认情况下不会启用Microsoft .NET Framework 、https://www.doczj.com/doc/6b11423816.html, 、World Wide Web Publishing 服务、SMTP 服务和NNT P 服务。在运行 Exchange 安装向导之前,必须手动启用这些服务。 在Windows Server 2003中启用服务: (1)选择【开始】|【控制面板】命令,选择【添加或删除程序】选项。 (2)在【添加或删除程序】对话框中,选择【添加/删除 Windows 组件】选项。 (3)在【Windows 组件向导】对话框中,选择【Windows 组件】选项,突出显示【应用程序服务器】,选择【详细信息】选项。 (4)在【应用程序服务器】对话框中,选择https://www.doczj.com/doc/6b11423816.html, 复选框,如图5.26所示。 图5.26 添加相关https://www.doczj.com/doc/6b11423816.html, 服务 (5)选择【Internet 信息服务(IIS )】选项,选择【详 细信息】选项。在【Internet 信息服务(IIS )】对话框 中,选中NNTP Service 、SMTP Service 和【万维网服务】 复选框,单击【确定】按钮,如图5.27所示。 (6)在【应用程序服务器】对话框中,选择【Inte rnet 信息服务(IIS )】复选框,单击【确定】以安 装组件。 图5.27 添加【Internet 信息服务(IIS )】
中小企业Exchange邮件系统解决方案 一、中小企业邮件市场分析 中小企业邮件市场状况 邮件系统正逐步成为现代企业内外信息交流的必备工具,据统计Internet上有30%的业务是与电子邮件有关的。企业拥有自己的邮件系统,不仅能够提升企业形象,而且更重要的是能为企业带来实际效益。电子邮件已成为Internet 中最重要的服务,远远超过位列第二的搜索引擎。同时,随着互联网的迅速普及以及企业自身信息化建设的进展,一方面,专业邮件系统的拥有者从IT行业的高端 ——ISP/ICP向行业低端的——中小企业普及的趋势越来越明显; 另一方面,企业越来越多地依赖互联网来提供优质商业服务。拥有企业自己的邮件系统已成为未来不可扭转的必然趋势,一个像“marketing@https://www.doczj.com/doc/6b11423816.html,”这样的邮件地址除了显示出企业向外的名称、品牌标识外,其中更掩饰不住的是企业运作的高效与市场响应的快速。 与大型企业相比较而言,中小企业多数存在技术力量、储备较弱,规模偏小,抵御系统灾难、风险能力弱等缺点; 同时由于竞争环境和成本压力,中小企业的IT状况也参差不齐。因此,要建立一个方便易用的邮件系统,使其易管理,易操作。 推荐选用exchange邮件系统 现在,许多企业采用 Lotus Note, Exchange 或者 GroupWise 作为公司内部的邮件服务器和 SMTP 网关。一些 ISP 采用
sendmail(一个著名的Unix/Linux 系统上的邮件服务器软件)或者其他的一些基于Unix/Linux 系统的邮件服务器,比如 Qmail 和Postfix 提供邮件服务。 群件系统如 Lotus Notes是非常强大的商业软件。但这些系统包含的协作功能和每客户端的许可证费用使它们的整体成本急剧上升。而事实上,很多使用这些系统的公司仅仅需要其中的邮件服务器功能。 另外,Sendmail,Qmail 等在Unix/Linux 上的邮件服务器软件也是非常优秀的邮件系统。但如果要使用这些邮件服务器系统为企业和 ISP 等提供良好的邮件服务,必须要有专业的 Unix/Linux 系统维护人员进行系统维护。这样势必增加系统的维护费用。 exchange作为微软推出的一个功能强大的邮件服务器,其易于管理和维护,稳定,高性能,有非常友好的管理界面,在中小企业的邮件服务器软件中占有较大的市场份额。 二、中小企业邮件系统要求 中小企业对用于企业的邮件系统有四个基本要求:一是基于自己的域名;二是维护成本低;三是稳定;四是特性强,特性强指希望厂商能提供像防病毒、防垃圾邮件等等功能。 在功能上,中小企业的邮件系统要实现以下功能。 1.利用 WWW 浏览器即可线上处理电子邮件,电子邮件在线收信、发信功能,电子邮件的自动转发(Forwarding),电子邮件拒收条件的设定(Filter),可以有效的拒绝各种垃圾信件。自动回信功能
发送邮件如何避免被举报被判垃圾邮件的一些技巧 发送的邮件的主题及内容躲避欺诈信息、政治敏感信息、及该国家强烈禁止的相关关键词、字段、句子等。 纯广告的邮件最好少发,这是最不受运营商欢迎的,大多数情况下,你的客户不需要牛皮癣广告,倘若真要发的,请放慢速度,细水长流。主题别忘了加上“(AD)”。 避免被举报,避免在一段较短的时间内重复发送相同或者相关类型的邮件给相关的客户。一般如果有意向的话短时间客户就会有回复的,请不要因为没有回复重复发送而造成骚扰。 邮件主题的设计 原则一:电子邮件主题体现邮件内容的精华,要尽量的简短。 这样可以增加客户的信心,通过邮件主题来让他感觉到邮件内容的价值,迅速做出打开邮件详细阅读的决定。 原则二:电子邮件主题体现出发件人信息中无法包含的内容 发件人中除了显示的发件人名称和Email地址之外,很难容纳更为祥尽的信息,对发件人的信任还需要通过邮件主题来进一步强化,所以切中重点很有必要。 原则三:邮件主题含有丰富的关键词 除了增加客户的印象外,也为了让客户在检索收件箱中的邮件时增加发现的机会。 原则四:电子邮件主题不宜过于简单或过于复杂。 尽管没有严格的标准来限制邮件主题的字数,但保持一定合理的范围之内,既能反应比较重要的信息,又不至于在邮件主题栏默认的宽度内看不到有价值的信息。一般说来,电子邮件主题保持在8-20个汉字范围内是比较合适的。 原则五:要避免使用垃圾邮件常用的单词和符号。 例如“免费”、“派送”、“优惠”以及怪异字符标点等。 邮件内容的设计 1.第一次发的邮件最好不要有图片和附件。如果你和客户有联系,客户有回复你的邮件,邮件系统查实你们之间有邮件来往,这样以后的邮件有图片也问题不大。 2.信中最好不要有URL。有链接的话,也是很容易被拦截,因为邮件系统会认为有潜在威胁。如果是公司的网址最好是取消链接效果,把前面的http去掉,这样客户还是能够看到我们的网站。 3.不要用太奇怪的字体,最好用常规的字体。大家都知道用不同的字体,加上不同的颜色,可以吸引客户,但还是和图片一样,再好看,如果连给客户打开的机会都没有,也是白费功夫。奇怪的字体系统会认为是广告邮件。(虽然我们事实上是有广告性质,但是和那些开发
主流商务智能解决方案的对比和分析 作者:彭潇勇软工一班2010302580155 摘要:针对市场上五种比较流行的商务智能解决方案供应商的产品进行了不同角度的分析与对比,指出了各种解决方案之间的共性和特性,并分析对比了各个产品之间的优劣势。以此作为国内企业寻找切合本企业实际利益的商务智能解决方案的一个依据。 1、引言: 商务智能,指用现代数据仓库技术、在线分析技术、数据挖掘和数据展现技术进行数据分析以实现商业价值。 商务智能(Business Intelligence,简称BI)最早由Gartner Group于1996年提出。Gartner将BI定义为“各种不同的应用程序和技术,可用于收集、存储、分析、共享数据并提供数据访问,从而帮助企业用户做出更好的业务决策。”商务智能的基本理念便是提升业务洞察力,将数据信息转化为商务价值。商业智能的关键是从许多来自不同的企业运作系统的数据中提取出有用的数据并进行清理,以保证数据的正确性,然后经过抽取(Extraction)、转换(Transformation)和装载(Load),即ETL过程,合并到一个企业级的数据仓库里,从而得到企业数据的一个全局视图,在此基础上利用合适的查询和分析工具、数据挖掘工具、OLAP工具等对其进行分析和处理(这时信息变为辅助决策的知识),最后将知识呈现给管理者,为管理者的决策过程提供支持。借助这一手段,企业可以在市场更加多变、竞争更加激烈、组织越来越复杂、规模越来越庞大的商业环境下高效运营、正确决策、快速响应,从而实现从数据到信息、从信息到知识、从知识到利润的转化。因此商务智能应该被看成是一种更好的为企业制定决策提供数据支持和信息知识的解决方案。 既然是解决方案型的技术,便不是一个高下立判的问题。因此我们便有必要对一些主流BI解决方案进行有针对性的分析,提取出其中值得企业关注和投资的信息,以便为企业选择BI解决方案提供一个有针对性的依据。一下便是有关IBM、Microsoft、Oracle、SAS、SAP 这五大BI解决方案提供商的对比分析。 2、五大主流BI解决方案提供商的对比: 2.1、IBM商务智能解决方案特性: IBM 公司在数据仓库/商业智能行业处于领先地位, 根据Survey. com 的2001 报告“数据仓库解决方案”, IBM 的市场占有率将近61% 。全世界跨各行各业的公司都选择了IBM的BI解决方案来帮助他们更具有方向性、更有利润的运营。 IBM具有如此庞大的市场占有率,这与其分布于世界各地的数千名BI咨询专家,以及由在BI方面具备提供解决方案资格的IBM业务合作伙伴组成的巨大网络分不开的。借用集成了各种不同类型的BI工具的DB2,IBM公司具备了相当丰富的经验和专长来开发经济高效、全面的解决方案,可以满足不同行业的具体需求和单个客户的需求。 IBM使用DB2 Warehouse Manager 构建数据仓库。有助于简化和加速构建数据仓库原型,以及后续BI系统的开发与配置。同时,用于构建和管理数据仓库架构的IBM 工具使企业能够构建和提供与Web 数据源相集成的数据仓库, 并且能够构建稳固、可扩展的数据中心和业务应用。 2.2、Microsoft商务智能解决方案: 进入2010年以后,微软的Office 2010、SharePoint2010、SQL Server 2008 R2等重头产品相继发布,从此,微软推出了一个新的组合型商业智能解决方案。 在这个解决方案中,微软强调商务智能的平民化,即企业的每一个员工都可以很容易的上手进行数据分析挖据并得到自己想要的数据。在底层有了SQL Server做保障,用户只要精
亿邮电子邮件系统与Exchange 邮件系统的对比 eYou公司专注于邮件系统平台及相关应用的研发,充分利用公司业界领先的技术成果,自主开发千万级大型电子邮件系统平台。 该系统于2000 年初成功投入市场,迅速在全国各级政府,知名企业、电信系统和全国高校得到应用。该系统支持Web界面,完全由我公司自主开发,拥有独立版权,利用我们业界领先的技术手段优化系统,达到高速检索定位,例如在百万级用户情况下,定位用户目录时间小于1s,MTA勺发送信件速度达到400,000封/日的高速收发;系统稳定性上,独创邮件监控机制,及时的硬盘回写,保证信件不会因系统进程问题丢失;系统安全性方面用户密码密文存储,支持SSL连接,保证连接安全性,防止网络窃听;独具特色的垃圾邮件识别器,针对IP 和信件大小进行的垃圾邮件识别,系统自动提醒系统管理员,考虑对进行攻击的IP拒绝服务;此外我们还采用全Web方式量身定做系统管理界面,最大程度上减轻系统维护人员的负担,全中文的Web用户使用界面简洁易用,同时支持SMTP与POP3后发信件,使用户在使用中有多种选择。 一.亿邮电子邮件系统特点: 1、亿邮核心的MTA技术完全自行开发,是国内为数不多的掌握全套邮件底层技术的厂 商。经过大量测试和长期使用,产品已经非常成熟,系统稳定。经过长期的发展,目前在国内已实施了两千多个项目。产品的安全性,稳定性,实用性都得到了用户的好评。亿邮产品针对大并发采用的是pre fork 技术,相对于单纯的多线程方案有着性能更高,更稳定,更可靠的优势。亿邮的另外一个核心技术是树状的数据分布存储方案,通过Hash方式,能 完美的支持上千万用户的运行。使用Ldap 进行认证,效率高有利于系统的集成和统一认证。完全商业化,产品化的安装实施。支持远程安装,用户自行安装。产品不断发展,系统定期更新、升级,并提供全方位的技术支持,完善的二次开发接口和通信技术。 2、亿邮公司迄今已有9 年的国内邮件系统解决方案的经验,作为国内领先的电子邮件系统的厂商之一,公司技术开发人员主要来自于麻省理工学院、哈佛、清华、南开大学等国际著名学府,拥有雄厚的网络通讯软件产品研发能力。公司管理层均来自美国哈佛大学、耶鲁大学等名校,先后在国内外高科技企业出任要职,具有丰富的专业知识、管理经验和敏锐的眼光。 3、亿邮的用户遍布全国,包括:全球最大中文搜索引擎一一百度,世界上首家以运营模式面向企业用户提供IT应用服务的企业一一中企动力,国网信通公司,中国国电集团公司,国家电力监管委员
如何防止用户邮箱被盗号来发垃圾邮件 1)原因调查 帐户被盗用发垃圾邮件主要情况有以下几种: ①帐户密码设置过于简单,很多邮件用户由于疏忽,设置了一个简单的帐户密码,这种密码很容易被基于字典的破解技术破解。 ②用户使用Outlook ,foxmail 等邮件客户端收发邮件,如果用户的客户端没有安装杀毒 软件,一旦用户的操作系统中了盗取邮件帐户的木马病毒,邮件帐户密码就很容易被盗取。 ③用户在其他网站使用帐户加常用密码注册帐户,如果这些网站的资料泄露,就会导致邮件帐户密码的泄露。 以上几种情况是常见的帐户密码泄露情况,但是一旦帐户密码泄露,影响的不只是一个帐户,而是整个邮件服务器的正常运作。 2)如何预防 无论系统采用如何先进的防盗号技术,最重要的还是要加强用户的安全意识,从根本上杜绝此现象,例如采用复杂度高的密码,避免使用包含用户名或者纪念日之类的数字作为密码,定期修改邮箱密码等等措施。 TurboGate邮件网关系统在防盗号上,做了诸多预防措施和设置,从源头上防止垃圾邮件发送者的侵袭。 ① 防止SMTP盗号 用户邮箱被利用发送垃圾邮件,总是会依据一定的时间频率频繁发送差不多大小的垃圾邮件,根据垃圾邮件发送的特点,TurboGate邮件网关系统会自动扫描用户发邮件状况,在检测 到用户有可能频繁发送垃圾邮件时,能自动锁定账号,及时堵截垃圾邮件的发送,保证其他用户邮件的正常收发。 系统设置 系统管理员postmaster登录后台管理→系统设置→SMTP服务
系统管理员可以根据自己企业的实际情况,通过检测用户定期发送邮件的频率和邮件大小的情况,来判定用户账号是否已被利用来发送垃圾邮件。一旦判定用户已被利用发送大量垃圾邮件,该用户账号将被锁定。该用户需要向管理员申请解锁并修改邮箱密码。 ② 外发邮件使用反垃圾引擎 通过TurboGate邮件网关系统反垃圾引擎,判断系统用户外发的邮件是否为垃圾邮件。若判断为垃圾邮件,可通过邮件网关系统发送“外发垃圾邮件提示”给该用户,及时提醒用户邮箱的使用情况。另外,若外发垃圾邮件达到一定的次数,将自动锁定该用户邮箱账号,避免继续外发垃圾邮件。 系统设置 系统管理员postmaster登录后台管理→反垃圾/反病毒→反垃圾引擎设置 锁定例子 网关系统管理员postmaster登录后台管理→系统监控→SMTP盗号发送垃圾邮件帐号列表 一旦用户邮件账户被锁定,该用户将不能在邮件客户端如outlook、foxmail等使用该邮件账户发送邮件。此时邮件客户端会提示: