NIST SPECIAL PUBLICATION 1800-6
Domain Name System- Based
Electronic Mail Security
Includes Executive Summary (A); Approach, Architecture, and Security Characteristics (B);
and How -To Guides (C)
Scott Rose
William Barker
Santos Jha
Chinedum Irrechukwu
Karen Waltermire
This publication and its additional content is available free of charge from:
https://doi.org/10.6028/NIST.SP.1800 -6 NIST SPECIAL PUBLICATION 1800-6
Domain Name System-Based
Electronic Mail Security
Includes Executive Summary (A); Approach, Architecture, and Security Characteristics (B) ;
and How -To Guides (C)
Scott Rose
Information Technology Laboratory
National Institute of Standards and Technology
William Barker
Dakota Consulting
Silver Spring, MD
Santos Jha
Chinedum Irrechukwu
The MITRE Corporation
McLean, VA
Karen Waltermire
National Cybersecurity Center of Excellence
National Institute of Standards and Technology
This publication and its additional content is available free of charge from:
https://doi.org/10.6028/NIST.SP.1800-6
January 2018
U.S. Department of Commerce
Wilbur L. Ross, Jr., Secretary
National Institute of Standards and Technology
Walter Copan, NIST Director and Under Secretary of Commerce for Standards and Technology
NIST SPECIAL PUBLICATION 1800- 6A
Domain Name System -Based
Electronic Mail Security
Volume A :
Executive Summary
Scott Rose
Information Technology Laboratory
National Institute of Standards and Technology
William Barker
Dakota Consulting
Silver Spring, MD
Santos Jha
Chinedum Irrechukwu
The MITRE Corporation
McLean, VA
Karen Waltermire
National Cybersecurity Center of Excellence
National Institute of Standards and Technology
January 2018
This publication and its additional content is available free of charge from:
https:// doi.org/10.6028/NIST.SP.1800 -6
NIST SP 1800 -6A: Domain Name System- Based Electronic Mail Security
This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.1800- 6.
1 Executive Summary
Both public and private -sector business operations are heavily reliant on electronic mail (email)
exchanges , but the integrity of these transactions is often at risk, including financial and other
proprietary information , as well as the privacy of employees and clients.
Tools exist that are capable of providing the needed email security and privacy protection, b ut a number
of factors have impeded the adoption of these existing security and privacy capabilities. These include:
The absence of comprehensive configuration instructions for composed set s of trusted
electronic mail components ,
The absence of easily acce ssible information that points systems administrators to easily
implemented software libraries and software applications , and
A perception that email security measures negatively impact the performance of email systems.
However, o perating an email system without employing the available security and privacy tools invites
attackers to breach sensitive enterprise information by introducing false addresses into mail messages,
disrupting secure communication signaling, and improving the probability of successfu lly inducing
enterprise users to open malicious attachments – still the most common method for introducing
malware and breaching enterprise systems.
The National Cybersecurity Center of Excellence (NCCoE) developed a set of example email security
solutions that can help organizations to more easily implement security and privacy tools and protocols,
thus reducing the likelihood of a data breach . The example security platforms described in this guide are
consistent with the guidance and best practices contai ned in government and industry security
standards . How these platforms address specific security requirements and best practices is addre
NIST.SP.1800-6 Domain Name System-Based Electronic Mail Security
安全标准 >
NIST >
文档预览
中文文档
259 页
50 下载
1000 浏览
0 评论
0 收藏
3.0分
温馨提示:本文档共259页,可预览 3 页,如浏览全部内容或当前文档出现乱码,可开通会员下载原始文档
本文档由 思安 于 2022-12-05 09:11:48上传分享