Secure Messaging with MicrosoftВ® Exchange Server 2003 (Pro-Other)

Security is a slippery word; if you ask 10 different administrators what it means, you ll probably get 10 different answers, or maybe more! There s a pretty straightforward definition, though, that works well for our initial purposes: a secure system (one that provides an acceptable level of security for a particular need) allows authorized users timely access to data, the integrity of which has been maintained . That sounds like a mouthful, but if we pick it apart it gives us a convenient conceptual framework:

• Authorized users means that administrators specify which users can take which actions with which data. The corollary of this statement, of course, is that unauthorized users don t get to do anything. This property of secure systems is pretty familiar to most people, because it s visible every time you log on to a Microsoft Windows server. Without the right logon credentials, which allow the system to decide whether you re authorized or not, a properly implemented authorization system ensures that you get nowhere.

• Timely access means that a secure system includes provisions to prevent, or at least reduce the risk of, data loss. Most of the time, we think of this property as having something to do with availability, reliability, or redundancy; these are certainly desirable properties. The reason that this is a security issue is that if you can t access data when you need to, the cause (which could be anything from a virus infection to a failed power supply to flash flooding) really doesn t matter as much as the effect. There are some other subtleties, too ”for example, consider the case of a law firm that is suddenly served with a subpoena that compels it to produce a certain set of data. In that case, providing timely access might prevent the administrators and managing partners of the firm from going to jail.

• Data, the integrity of which has been maintained covers a multitude of sins. As we ll see shortly, data integrity is a highly sought-after property, because we all depend on data that we hope has not been corrupted or altered , either accidentally or maliciously. Of course, data integrity covers intentional tampering, but it also covers data lost because of virus attacks, natural disasters, and storage failures.

There are some other more subtle properties that we might like our secure system to have, too, including auditing (so we know when someone tries to change something, successfully or not), confidentiality (so that sensitive data is not visible to anyone other than the intended recipient), and forward secrecy (so that data you protect today stays protected into the future). We examine these properties, and others, as we go along.