Research And Implementation Of Secure E-Mail Agent System Based On SSL VPN

Currently, China's government information in the process of building an important content of the Chief Information Network. Combination of internal e-government management and the external services of specific business processes design and development of personalized, professional and secure e-mail system can perform all types of government institutions the sustainable development of interactive information application requirements.In this paper, the face of the government organs and institutions are required to establish more effective and safe remote access to e-mail system. SSL VPN is the use of Secure Socket Layer protocol , do not need to install client software, authorized users can WEB from any standard browser and Internet connection through a proprietary VPN tunnels to securely access network resources, so safe and reliable access to information. Government agency staff in remote access, as long as there is support for SSL browser on the line, and naturally the client does not need special maintenance.The technical route of this paper: Application SSL VPN in e-mail agent system. Client use the browser's built-in Secure Socket Layer packet processing functions, browser connected to intranet SSL VPN server, and by the way the network packet steering, allowing the client to the remote computer execute applications, to read data within the intranet server. Implementation through the SSL VPN remote access to internal network architecture.In this paper, SSL VPN gateways and SSL-based security e-mail system combining the proposed adoption of SSL VPN remote access to internal network architecture, implementation of SSL VPN-based secure e-mail agent system. The system is fully taken into account the encryption and decryption, secure authentication, the gateway control and management of all aspects of design implementation based on the SSL VPN gateway. Its main modules from the following: application protocol conversion module, port forward module, agent module, handshake information package / analysis module, recording layer processing module, data encryption / decryption processing module, authentication module, a certificate database, gateway control module ,control modules and management modules such as configuration.SSL-based security mechanism, to enforce SMTP authentication, implementation SSL POP and SSL SMTP to enable e-mail communication channel encryption. SSL handshake protocol after the transmission of all messages are encrypted, so the set up SSL security on transmission channel running SMTP and POP protocol, and both the protocol must be extended to achieve the security of e-mail transmission.In addition,because SSL itself is a kind of security technology. Therefore SSL VPN on to prevent information leakage, unauthorized access to refuse, to protect the integrity of information, prevent users from counterfeiting, to ensure system availability features,be able to further protect access security, thus expanding the security features facilities. First of all SSL VPN can achieve 128-bit data encryption to ensure the data during transmission is not stolen, to ensure that the ERP data transmission security. Secondly, a variety of authentication and authorization of the use of methods can only "correct" users access internal network, thereby protecting the internal network security.In short, from the SSL protocol to the VPN devices, Then such a combination of SSL VPN, Its network protocol security, physical link security, network security applications to meet the intergovernmental telematics requirements.