Signed and Encrypted Email Over The Internet

Last updated February 22, 2019

The Signed and Encrypted Email Over the Internet (SEEOTI) initiative is an approach to providing small and medium enterprises with the ability to communicate securely with one another, government defence ministries and major aerospace and defence contractors, allowing them to play a full part in the defence supply chain.^[1]

Overview

SEEOTI implements the secure email specifications defined by the Transglobal Secure Collaboration Program (TSCP). These support interoperable signing and encryption of email messages in a federated environment.^[2] In addition, the security labelling of email messages is supported with a network border guard being able to check labels even though messages are encrypted. This meets the goal of protecting Intellectual Property in the global business environment,^[3] which is of particular importance to the UK Cyber Security Strategy as intellectual property is seen as key to the growth of the economy.^[4]

In information security, a guard is a device or system for allowing computers on otherwise separate networks to communicate, subject to configured constraints. In many respects a guard is like a firewall and guards may have similar functionality to a gateway.

Deep-Secure organised a trial of SEEOTI for UK MOD and the UK Council for Electronic Business. This integrated Commercial Off The Shelf (COTS) products from TITUS, Boldon James and Deep-Secure to provide the system's email security functionality. Deep-Secure were selected as the overall winner of the UKCeB Excellence Awards 2011 for their work on SEEOTI in February 2012.^[5] Deep-Secure and its partners Adept4, Intercede and Trustis are providing a SEEOTI solution as a service.^[6] Nexor provide compatible products.

Deep-Secure Limited is a British company based in Malvern, Worcestershire. It provides network security guard products for assured secure information sharing.

Commercial off-the-shelf or commercially available off-the-shelf (COTS) products are packaged solutions which are then adapted to satisfy the needs of the purchasing organization, rather than the commissioning of custom-made, or bespoke, solutions. A related term, Mil-COTS, refers to COTS products for use by the U.S. military.

Boldon James is a UK-based software company incorporated in February 1985, and specialising in data classification and secure messaging solutions aimed primarily at the commercial, defence, intelligence and government marketplaces. Since October 2007, Boldon James has been an autonomous subsidiary of Qinetiq, who took over the company from previous owners, a management buy out led by Martin Sugden and backed by Livingbridge. The company is named after its founders Peter Boldon and Roger James.

Related Research Articles

Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. Phil Zimmermann developed PGP in 1991.

Email client computer software that allows sending and receiving emails

An email client, email reader or more formally mail user agent (MUA) is a computer program used to access and manage a user's email.

S/MIME is a standard for public key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly RFC 3369, 3370, 3850 and 3851. It was originally developed by RSA Data Security Inc. and the original specification used the IETF MIME specification with the de facto industry standard PKCS#7 secure message format. Change control to S/MIME has since been vested in the IETF and the specification is now layered on Cryptographic Message Syntax, an IETF specification that is identical in most respects with PKCS #7. S/MIME functionality is built into the majority of modern email software and interoperates between them. Since it is build on CMS, MIME can also hold an advanced electronic signature.

The Transglobal Secure Collaboration Participation, Inc. (TSCP), which sponsors the Transglobal Secure Collaboration Program, was established in 2002 as a collaborative forum of organizations in the defense industry to address security issues with collaboration. TSCP is a government and industry partnership for secure electronic transmission and sharing of sensitive information internationally.

SAP NetWeaver Application Server or SAP Web Application Server is a component of SAP NetWeaver which works as a web application server for SAP products. All ABAP application servers including the message server represent the application layer of the multitier architecture of an ABAP-based SAP system. These application servers execute ABAP applications and communicate with the presentation components, the database, and also with each other, using the message server.

SME Server is a Linux distribution based on CentOS offering an operating system for computers used as web, file, email and database servers. It employs a comprehensive UI for all management-related tasks and is extensible through templates.

Email encryption is encryption of email messages to protect the content from being read by entities other than the intended recipients. Email encryption may also include authentication.

Email archiving is the act of preserving and making searchable all email to/from an individual. Email archiving solutions capture email content either directly from the email application itself or during transport. The messages are typically then stored on magnetic disk storage and indexed to simplify future searches. In addition to simply accumulating email messages, these applications index and provide quick, searchable access to archived messages independent of the users of the system using a couple of different technical methods of implementation. The reasons a company may opt to implement an email archiving solution include protection of mission critical data, to meet retention and supervision requirements of applicable regulations, and for e-discovery purposes. It is predicted that the email archiving market will grow from nearly $2.1 billion in 2009 to over $5.1 billion in 2013.

Adar, Inc. is an Information Technology (IT) company headquartered in Chicago, United States. The company provides streaming IT and IT-as-a-service to small and medium-sized enterprises (SMEs). Adar, Inc. is known for its comprehensive cloud IT brand of platform, Nerdio. It currently offers two products-Nerdio Private Cloud and Nerdio for Azure.

Echoworx, an email encryption software company, is based in Toronto, Ontario, Canada, with offices in Hermosa Beach, California and London, UK. As a certificate authority, Echoworx is a member of both the Microsoft Root Certificate Program and Apple Root Certificate Program. Echoworx operates several data centers, including locations in the United States and Europe.

Mimecast is an international company specializing in cloud-based email management for Microsoft Exchange and Microsoft Office 365, including security, archiving, and continuity services to protect business mail.

Nexor Limited is a privately held company based in Nottingham, providing product and services to safeguard government, defence and critical national infrastructure computer systems. It was originally known as X-Tel Services Limited.

The cyber security community in the United Kingdom is diverse, with many stakeholders groups contributing to support the UK Cyber Security Strategy. The following is a list of some of these stakeholders.

Silent Circle SA is an encrypted communications firm based in Le Grand-Saconnex, Switzerland. Silent Circle provides multi-platform secure communication services for mobile devices and desktop. Launched October 16, 2012, the company operates under a subscription business model. The encryption part of the software used is free software/open source and peer-reviewed. For the remaining parts of Silent Phone and Silent Text, the source code is available on GitHub, but under proprietary software licenses.

Wickr is an American software company based in San Francisco. The company is best known for its instant messenger application of the same name.

Clearswift is an information security company based in the UK. It offers cyber-security services to protect business's data from internal and external threats.

Mailfence is an encrypted email service that offers OpenPGP based end-to-end encryption and digital signatures. It was launched in November 2013 by ContactOffice Group, which operates an online collaboration suite for universities and other organizations since 1999.

Wire is an encrypted communications program created by Wire Swiss. It works on iOS, Android, Linux, Windows, macOS and web browsers such as Firefox. Wire transmits text messages and files; can make voice calls and be used for video conferences.

References

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] Billson, Carl. "Signed, sealed and delivered: making email secure".

[2] "TSCP description".

[3] "Email in security hot seat with rise of cloud, BYOD".

[4] Griffiths, Jacqui. "Doing More for Less".

[5] "The 3rd UKCeB Good Practice Marketplace & Excellence Awards & Special HFI Award - 2012".

[6] "Intercede, Deep-Secure and adept4 partner to launch secure email service".