PosteCS^TM
- About

Glossary

Authentication
Authentication is the process of identifying an individual, usually based on a username and password. Authentication protects information by verifying the identity of parties or destined servers. Passwords known only between sender and receiver serve to authenticate each to the other. Server authentication ensures senders they are communicating directly with the Postal server and not an unauthorized or unknown Internet Service Provider (ISP).

Certificate authentication only verifies the acknowledgment of the public and private keys, not a person's identity.

Server Certificate
A checkpoint that attests to the identity of a server. Browsers use certificates when SSL is engaged to authenticate Internet sites. This is achieved without user intervention. It is near instantaneous, where the browser certificate contacts the site's certificate and verifies the site request.

Digital Certificate
An attachment to an electronic message used for security purposes. The most common use of a digital certificate is to verify that a user sending a message is who he or she claims to be, and to provide the receiver with the means to encode a reply. Also called public-key certificates, personal certificates or digital Ids : files that attest to some person or organization's identity. (See PKI)

Electronic Postmark
An Electronic Postmark™ is a user option which may be selected prior to sending a PosteCS™ package. It is a Canada Post date and time-stamped, cryptographically sealed digital object containing an "electronic footprint" of the original package, among other attributes. The Electronic Postmark record is then, by way of a digital signature, digitally "sealed" to prevent undetected modification of the package.

Encryption
The translation of data into a secret code. Encryption is the most effective way to achieve data security. Unencrypted data is referred to as plain text; encrypted data is referred to as cipher text. In the case of PosteCS, to ensure safe passage over the Internet, SSL protocol is engaged, encrypting the files rendering the data unreadable. Information stored on the server is also encrypted for protection while the data is resident on the PosteCS server.

Firewalls
A firewall is considered a first line of defense in protecting private information. In a networked environment, a firewall acts as a barrier between internal and external computers of the network controlling the flow of data between the two. Should a computer outside the firewall wish to communicate with a computer inside, it must communicate with the firewall, which then passes the data to the internal computer. This 2-step process protects internal networks from unauthorized access, reduces virus contamination and, sometimes, limits e-mail attachments from passing through the firewall (e.g. size restrictions)

HTTPS
HTTPS is a secure HyperText Transport Protocol commonly using SSL technology.

PDF
Short for Portable Document Format, a defacto standard file format developed by Adobe Systems. PDF captures formatting information from a variety of desktop publishing applications, making it possible to send formatted documents and have them appear on the recipient's monitor or printer as they were intended.

PDF is an excellent tool for converting documents prior to sending to recipients who otherwise may not have the proprietary software installed locally in order to view the document in it's native format.

PKI-Public/Private Key Infrastructure
Short for public key infrastructure, a system of digital certificates, Certificate Authorities, and other registration authorities that verify and authenticate the validity of each party involved in an Internet transaction. (see Authentication).

Public key cryptography is the scheme that uses two keys-one public and one private-to encrypt and decode sensitive information.

Information encoded with one key (public) can only be decoded / decrypted using the other key (private). Public keys are distributed widely, often through the use of a "Trusted Third Party", and are open to public use. Private keys are intended for restricted use and are stored securely on the user's computer or a hardware token (i.e. smartcard).

The sender's private key, with the receiver's public key, signs and locks the document. The receiver's private key along with the sender's public key unlocks and verifies the communication. Only the sender and specified receivers have access to the communication.

RSA
A public-key encryption technology developed by RSA Data Security, Inc. The acronym stands for Rivest, Shamir, and Adelman, the inventors of the technique. The RSA algorithm is based on the fact that there is no efficient way to factor very large numbers. Deducing an RSA key, therefore, requires an extraordinary amount of computer processing power and time. The RSA algorithm has become the de facto standard for industrial-strength encryption, especially for data sent over the Internet. It is built into many software products, including Netscape Navigator and Microsoft Internet Explorer. The technology is so powerful that the U.S. government has restricted exporting it to foreign countries.

MIME
Short for Multipurpose Internet Mail Extensions, a specification for formatting non-ASCII messages so that they can be sent over the Internet. Many email clients now support MIME, which enables them to send and receive graphics, audio, and video files via the Internet mail system. There are many predefined MIME types, such as GIF graphics files and PostScript files. It is also possible to define your own MIME types. In addition to e-mail applications, Web browsers also support various MIME types. This enables the browser to display or output files that are not in HTML format.

S/MIME
Short for Secure/MIME, a new version of the MIME protocol that supports encryption of messages. S/MIME is based on RSA's public-key encryption technology.

SMTP
Short for Simple Mail Transfer Protocol, a protocol for sending email messages between servers. Most e-mail systems that send mail over the Internet use SMTP to send messages from one server to another; the messages can then be retrieved with an email client using either POP or IMAP.

SSL (Secure Sockets Layer)
Short for Secure Sockets Layer, an Internet protocol that provides safe passage for the transmission of data and authentication, by encrypting information.

SSL works by using a private key to encrypt data that's transferred over the SSL connection. Both Netscape and Internet Explorer support SSL, and many web sites use the protocol to obtain confidential user information, such as credit card numbers. By convention, web pages that require an SSL connection start with https: instead of http:.

Data cannot be altered or read when SSL protocol is used. SSL can be 40-bit (version 2) or 128-bit (version 3). SSL is engaged by the use of a browser. SSL further safeguards Internet transactions by use of certificates, authenticating the server site to which it connects.

Security
Methods employed to ensure access to intended receiver. They can consist of several layers, and include PKI, SSL, password protection, encryption and firewalls.