电子邮件系统安全分析

2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud) Pub Date : 2017-06-01 DOI:10.1109/CSCloud.2017.20

Tianlin Li, Amish Mehta, Ping Yang

{"title":"电子邮件系统安全分析","authors":"Tianlin Li, Amish Mehta, Ping Yang","doi":"10.1109/CSCloud.2017.20","DOIUrl":null,"url":null,"abstract":"Electronic mail (email) is universally used by businesses, government agencies, and individual users. Out of necessity, users trust their email systems to keep their emails safe and secure. However, email systems are often complex and exhaustive testing is almost impossible for such systems. As a result, email systems often contain bugs and security vulnerabilities. In this paper, we analyze the security and usability of five popular public email systems. Our analysis shows that there are several security vulnerabilities in multiple sign-in and password composition and recovery policy of some of the email systems.","PeriodicalId":436299,"journal":{"name":"2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud)","volume":"37 ","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Security Analysis of Email Systems\",\"authors\":\"Tianlin Li, Amish Mehta, Ping Yang\",\"doi\":\"10.1109/CSCloud.2017.20\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Electronic mail (email) is universally used by businesses, government agencies, and individual users. Out of necessity, users trust their email systems to keep their emails safe and secure. However, email systems are often complex and exhaustive testing is almost impossible for such systems. As a result, email systems often contain bugs and security vulnerabilities. In this paper, we analyze the security and usability of five popular public email systems. Our analysis shows that there are several security vulnerabilities in multiple sign-in and password composition and recovery policy of some of the email systems.\",\"PeriodicalId\":436299,\"journal\":{\"name\":\"2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud)\",\"volume\":\"37 \",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSCloud.2017.20\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSCloud.2017.20","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 9

摘要

电子邮件(email)被企业、政府机构和个人用户普遍使用。出于必要，用户相信他们的电子邮件系统可以保证他们的电子邮件的安全。然而，电子邮件系统通常是复杂的，对这样的系统进行详尽的测试几乎是不可能的。因此，电子邮件系统经常包含错误和安全漏洞。在本文中，我们分析了五种流行的公共邮件系统的安全性和可用性。我们的分析表明，部分电子邮件系统的多重登录和密码组合及恢复策略存在多个安全漏洞。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Security Analysis of Email Systems

Electronic mail (email) is universally used by businesses, government agencies, and individual users. Out of necessity, users trust their email systems to keep their emails safe and secure. However, email systems are often complex and exhaustive testing is almost impossible for such systems. As a result, email systems often contain bugs and security vulnerabilities. In this paper, we analyze the security and usability of five popular public email systems. Our analysis shows that there are several security vulnerabilities in multiple sign-in and password composition and recovery policy of some of the email systems.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud)

自引率

0.00%

发文量