Secure messaging
JavaCryptoMasters,
I am something of a neophyte who would like to send secure e-mail messages from a java program. The messages will be sent and received by instances of the same program, ie there doesn't have to be any interoperability with ordinary UA's.
Ideally I'd like to use free tools. It seems that S/MIME and PGP could be considered. I haven't found any free S/MIME implementations, and one commercial library I investigated costs $10,000 to license. For PGP Cryptix seems to be the choice, but there are two flavors: Cryptix 3.2 with PGP plug-in, and the Cryptix JCE with OpenPGP. The latter is unfinished, with no activity reported for more than a year, and I can't find much documentation on either.
It seems like there is probably some fairly canonical solution to this problem, just wondering what it might be, or at least what others' experiences have been.
Thanks very much for your assistance,
Matthew Fleming
[email protected]
Hi!
Take a look at S/MIME from ISNetworks:
http://www.isnetworks.com
It isn't free but you can download a trial version of it.
Hope this helps.
Similar Messages
-
SSO to ITS through WebSEAL gives secure/non-secure messages
Hi
We running the following setup:
EP6 SP14
Stand-alone ITS 6.20 patch 18
4.7 R/3 Enterprise
TAM/WebSEAL 5.1
We are running SSO through WebSEAL to the portal and everything seems to be working just fine.
But when we try to access a transactional iView or an IAC iView running on the ITS server I get a pop-up message saying "This page contains both secure and nonsecure items."
We are accessing WebSEAL through HTTPS, we are running HTTPS between WebSEAL and the portal and HTTP between WebSEAL and ITS.
I have tried to access the ITS through WebSEAL without using the portal, and I still get the message. So it must be something between the WebSEAL and the ITS server.
Does anybody have any ideas what is causing this?
Cheers,
Jacob VennervaldThe "secure and non-secure" message, displayed when accessing ITS through WebSEAL when using IE and HTTPS, is caused by an empty source reference (<IFRAME ... SRC="" ...>) within the ITS menu page (...d_menu.html).
The integration guide, available on the <a href="http://www-1.ibm.com/support/docview.wss?uid=swg24003605">IBM website</a> and the <a href="http://www.sdn.sap.comhttp://www.sdn.sap.comhttp://www.sdn.sap.com/irj/sdn/developerareas/ibm">SAP SDN</a>, contains the information on how to stop the message from appearing.
The message should not be displayed when accessing ITS through WebSEAL using HTTP.
Regards,
Peter Tuton. -
Hi
Basically I am doing a research on usability of information security. I would like to assess how likely people love or hate the security message that being presented to them. so I would like to present a dialog box asking their satisfaction after they have made decision upon security message they received (from web browser). If you could advise me on this. we can have a further discussion and it might be useful for you as developer in future as well. (collaborate for articles and journals publications) Please advise.This issue can be caused by an extension that isn't working properly.
*https://support.mozilla.org/kb/Troubleshooting+extensions+and+themes
You have quite a few extensions installed, so this may be difficult to track down. -
Hi,
Our client currently looking for securing message in XI.As client concern other than developer no one can able to see the message payload in sxmb_moni.
Can you tell me what are the possible ways to secure maessages in XI3.0 SP14.
As per our plan ,Our scenario : SAPHR(IDOC)->XI--> Secure FTP(CSV)
We have plan to extract Employee records from SAPHR through IDOC and sending as CSV format to SFTP. For this, how do we secure or encrypt data from SAPHR. As we know we do not use IDOC sender adapter for this sender side. So we do not have chance to use module level security .Please let me know is there any other ways for make secure as payload from SAPHR-IDOC?
Other thing is receiver side, as i know SAP doesn't support SecureFTP , how we will post csv files into SFTP? Does ftp(file) adapter required any additional settings ? also required notes or comments for securing messages at receiver side?
Last but least: For this scenario how do we achieve exceptions for each and every level?
Please do share your experience and get best rewards for that,.
Appreciated your time and thanks in advance.
Thanks,
PILearn.Hi,
You can control SXMB_MONI transaction using User profiles & Roles or dont give the authorisations of this transactions to users. you can also use SU53 to determine the values of authorisation objects & thus you can control SXMB_MONI.
On receiver side you can try with FTPS as XI supports to it.
You can configure Alert Management for handling exceptions or erros in XI.
Regards
Sushil -
WPF WebBrowser Control Security Message After Loading Local XML File
When I use the .Source property of the WebBrowser control, it displays the XML file I pointed to, but then puts a security banner at the top, stating that some content has been disabled. I can't figure out how to stop that warning from appearing.
I've played with IE security settings, to no avail.
I've found some articles about putting a "mark of the web" tag inside the XML file, but I can't do that because the files are created by a 3rd-party application, and I can't edit all of them.
Isn't there a simple way to just turn off the feature for the WebBrowser control without messing with my IE security settings?
Thanks...
Ron MittelmanOk, I did exactly what you suggested. Brand new project. Instead of using the file dialog, I just hard-coded the path to my xml-type file directly, as your prior suggestion stated. The actual statement was:
string myFile = @"file://127.0.0.1/c$/data/local/JMPS/data/CRD CWD Routes/myFile.crd";
Then I used the proper code to set the Source property of the WebBrowser. The file is really, really there, I promise. Upon running, I get a dialog box saying that it "cannot find 'file://127.0.0.1/c$/data......."
So there is some reason this will not work. I am working in a high security area, so perhaps the machines are locked down to the extent that the method won't work?
Can you explain why this method *should* work? Why does using the IP address format defeat the security message?
Is there perhaps some other method? Some of the articles I read talked about putting a "mark of the web" tag inside the xml file. Is this a possible option? I can't really modify the files, but if I could get NavigateToStream
or NavigateToString methods to work, I could insert that tag inside the xml file contents. Unfortunately, as my other post states, I'm having a lot of challenges getting that to work also.
I think that too is possibly caused by how locked down our development PC's are.
Thanks...
Ron Mittelman -
Different Types of Secure Messaging
There are different variants of Secure Messaging for smart cards. I know there are SM by Global Platforms, ISO 7816 and ICAO. Is the implementation by ISO 7816 same as ICAO SM?
Not a question. Locking. Will remove tomorrow. If you have a question, ask it, but don't post drivel thanks.
-
Security message when playing a SWF file
After publishing a Captivate project as SWF, saving it to my
local hard drive, and double-clicking the resulting HTM file to
view it in the browser, I get a security message:
"Adobe Flash Player has stopped a potentially unsafe
operation.
The following local application on your computer or network:
[the path of the SWF file is displayed]
To let this application communicate with the Internet, click
Settings.
You must restart the application after changing your
settings."
An OK button and a Settings button are at the bottom of the
message. Whether I click on OK or click on the Settings button, the
SWF proceeds to play in the browser.
My main concern is -- if the SWF is posted to a web page, is
this message going to appear when a learner clicks on the SWF to
play it?Hi there,
Just to add to KCWebPlaza's excellent suggestion, to
permanently change these settings in the Flash Player Settings
Manager Carry out these steps:
1. Click Settings.
2. Select Edit Locations.
3. Select Add location.
4. Under Trust This Location, enter the location of the
folder that contains your published project.
5. Click Confirm.
Best - Mark -
Internet Explorer security message blocks my vrml from playing
I created a simple flash interactive saved as an exe file. I
created a button with a “get url” script to launch a
quicktime vrml, it launches internet explorer and a security
message about active content appears, which blocks the vrml from
playing. Is there anyway the vrml can open without getting the
internet explorer security message?Hi,
My immediate reaction is don't panic! If you are testing your
own page from your own local server then there is nothing to worry
about. The whole issue of Active X controls is another sore point
when having to deal with Microsoft's handling of interactive
content.
Triggering of the warning can be caused by various things
other than the obvious contact with dynamic content. Here is an old
thread from a discussion on why Active X warning appear on your own
pages.
http://www.dreamincode.net/forums/showtopic16624.htm
Googling will find more evidence for you to trace. Your code
looks fine to me and is not a threat to your system if it came off
of your own local server.
Active X is a pain in the butt.
regards
Nick Barling
www.barkingweb.com -
Hi All,
I want to develop secure messaging services using j2me. Basically the messages will be sent via sms but there will be a crypto process...I plan to use the public key....but im confused in choosing the right one for j2me considering that our handphone couldn't do the complex calculation...anyone can give me a gud idea?& why did u choose that?
Thx b4 in advance...Hi All,
I want to develop secure messaging services using
j2me. Basically the messages will be sent via sms but
there will be a crypto process...I plan to use the
public key....but im confused in choosing the right
one for j2me considering that our handphone couldn't
do the complex calculation...anyone can give me a gud
idea?& why did u choose that?
Thx b4 in advance...You should try the J2ME forums. Try spelling your words properly also and people may take you a little more seriously.
http://forum.java.sun.com/category.jspa?categoryID=23 -
Downloaded "flashplayer 13x32". A security message appeared from Microsoft "This is an executable file and may contain viruses or codes that will harm your computer". Question: If its corrupted, why did Adobe Website download it.??
"This is an executable file and may contain viruses or codes that will harm your computer".
The keyword is "MAY"...
NOWHERE in that does it say "This is a virus."
What you're seeing is a standard Windows warning about ANY executable file you can download.
Adobe isn't, and never has been, in the business of making malware. That said, there are literally millions of fake downloads of things like Reader, Shockwave and Flash Player.
Bottom line: If you don't trust the download... DON'T USE the download.
There are two sources to trust for Adobe freeware:
For Flash Player - Adobe Flash Player Distribution | Adobe
For Reader - Adobe - Adobe Reader Distribution
You can bookmark those links and use them ANY time you get an update notification, to know you're getting the download directly from the source. -
I'm unable to open Safari. I keep getting a alert security message Suspicious Activity Might Have been Detected. How can I fix this problem?
You may have installed the "VSearch" trojan. Remove it as follows.
Malware is always changing to get around the defenses against it. These instructions are valid as of now, as far as I know. They won't necessarily be valid in the future. Anyone finding this comment a few days or more after it was posted should look for more recent discussions or start a new one.
Back up all data before proceeding.
Step 1
From the Safari menu bar, select
Safari ▹ Preferences... ▹ Extensions
Uninstall any extensions you don't know you need, including any that have the word "Spigot," "Trovi," or "Conduit" in the description. If in doubt, uninstall all extensions. Do the equivalent for the Firefox and Chrome browsers, if you use either of those.
Reset the home page and default search engine in all the browsers, if it was changed.
Step 2
Triple-click anywhere in the line below on this page to select it:
/Library/LaunchAgents/com.vsearch.agent.plist
Right-click or control-click the line and select
Services ▹ Reveal in Finder (or just Reveal)
from the contextual menu.* A folder should open with an item named "com.vsearch.agent.plist" selected. Drag the selected item to the Trash. You may be prompted for your administrator login password.
Repeat with each of these lines:
/Library/LaunchDaemons/com.vsearch.daemon.plist
/Library/LaunchDaemons/com.vsearch.helper.plist
Restart the computer and empty the Trash. Then delete the following items in the same way:
/Library/Application Support/VSearch
/System/Library/Frameworks/VSearch.framework
~/Library/Internet Plug-Ins/ConduitNPAPIPlugin.plugin
Some of these items may be absent, in which case you'll get a message that the file can't be found. Skip that item and go on to the next one.
The problem may have started when you downloaded and ran an application called "MPlayerX." That's the name of a legitimate free movie player, but the name is also used fraudulently to distribute VSearch. If there is an item with that name in the Applications folder, delete it, and if you wish, replace it with the genuine article from mplayerx.org.
This trojan is often found on illegal websites that traffic in pirated content such as movies. If you, or anyone else who uses the computer, visit such sites and follow prompts to install software, you can expect more of the same, and worse, to follow.
You may be wondering why you didn't get a warning from Gatekeeper about installing software from an unknown developer, as you should have. The reason is that the Internet criminal behind VSearch has a codesigning certificate issued by Apple, which causes Gatekeeper to give the installer a pass. Apple could revoke the certificate, but as of this writing has not done so, even though it's aware of the problem. This failure of oversight has compromised both Gatekeeper and the Developer ID program. You can't rely on Gatekeeper alone to protect you from harmful software.
*If you don't see the contextual menu item, copy the selected text to the Clipboard by pressing the key combination command-C. In the Finder, select
Go ▹ Go to Folder...
from the menu bar and paste into the box that opens by pressing command-V. You won't see what you pasted because a line break is included. Press return. -
How can I change my phone number for the security message
i cant send to my new phone numbte the security message, what can i do
Welcome to the Apple Community Paulette.
If you are referring to the keychain phone number...
Go to System Preferences > iCloud > Account Details, you can change your verification number in the options provided there.
Go to Settings > iCloud > Account > Keychain, you can change your verification number in the options provided there. -
Personalizing Security message in NAS server
Hi, my questions:
Can we change the security message text in NAS server? the file name showing the message is "cca_block".
This message appears when a wireless client tries to access a not permited ip address or network.
The message text is "Security message - Access Blocked"
"You don't have access to this URL from your current location. If you fell that you have received this message in error, please contact your network administrator."
many thanks
marcello sozzoYou can't change the security message text in NAS server By default it as it is.
-
The Airport Express I purchased in 2008 worked fine this morning, but when I tried to use Wi-Fi with my cell phone and iMac the light was green on the AE but no signal. I unplugged AE and unplugged my modem, plugged in my modem, plugged in my AE, it turned green but no signal - that is, the name I had given it did not appear on either my iMac of cell phone. Then, out of the blue, the original ID for my AE shows up on the iMac and phone and when I selected it my Wi-Fi worked, and is working. The problem is there now is no security. I got a message that Airport Utility did not support or something like that. So then I took the old CD that came with AE (in 2008) and loaded that on my iMac so I could re-establish WPA security. It seemed to load okay but then the following message popped up, "AirPort can't be installed on this disk [my Macintosh HD]. The version of Mac OS X on this volume is not supported." Well, yes, since I'd purchased my AE I'd gone through all the cats and recently had upgraded to Mountain Lion, 10.8.5, several weeks ago. But since this morning I had done nothing new.
So, it's 12:30am, Apple Care is not open - I'm not even sure I'm still covered - so maybe some night owl out there can tell me what I need to do. I'm beginning to suspect it might have to do with my operating system upgrade, but don't understand why this problem should suddenly crop up after several weeks. Any ideas out there? Oh, and incidentally, my AE was cutting off a lot about a year ago and I took it into an Apple Store and they did something with the software in the device and the cutting off improved but still would occur at least twice a week - something I just lived with.Then, out of the blue, the original ID for my AE shows up on the iMac and phone and when I selected it my Wi-Fi worked, and is working.
My first thought is that the AirPort Express is normally good for 4-5 years on average, so you may be getting some signals in that regard.
The AirPort Express reset itself back to factory default settings. The big question now is if you re-configure it again whether it will hold those settings. Not likely....my opinion.
The other problem that you have is that Mountain Lion operating system no longer supports the older version of the AirPort Express that you have.
Oh, and incidentally, my AE was cutting off a lot about a year ago and I took it into an Apple Store and they did something with the software in the device and the cutting off improved but still would occur at least twice a week
It's really time for a new AirPort Express, which will offer much faster reliable performance....and it will be compatible with AirPort Utility on the Mountain Lion operating system. -
Mediator not detecting faults when WS-Security Message Encryption enabled
We are using a SOA 11g composite to call a set of OSB proxy/business pairs which in turn call further web services and return the responses. The OSB proxy services are trivial: they each expose the WSDL of the downstream web service and route all messages without any transformation to a business service that also uses the downstream WSDL.
The SOA composite is composed largely of a mediator that accepts requests, transforms payloads, routes to the correct OSB service, transforms the response, and replies to the caller.
I have configured my OSB services, in case of a SOAP fault returned from downstream, to simply "Reply with Failure", which causes the body received from the downstream web service (a SOAP fault) to be returned to the SOA composite along with an HTTP 500 error. I have created a Fault processing section in each of my routing rules that maps the downstream fault to a fault that the mediator returns to the caller.
In my local test instance, this works fine; OSB receives a custom SOAP fault from the downstream service, sends it back to SOA where the mediator recognizes the fault and maps it, and throws a SOAP Fault back to the caller.
In our formal testing environment, however, it does not work. I have validated that the response comes back to the Mediator in the same way as it does in my local environment, but the Mediator attempts to use the standard response transformation configured for that routing rule rather than the fault transformation. The fundamental difference between my local environment and the formal test environment is that WS-Security has been enabled between SOA and OSB using the wss10_username_token_with_message_protection via OWSM.
I have a workaround, namely to add a choose clause in my reply transformation XSL file that looks for a SOAP fault and sends it back to the caller if one is found, however this is a nasty hack.
Has anyone had experience with this scenario, where implementing WS-Security causes SOAP Faults to no longer be recognized? My best guess at this point is that when "Reply with Failure" is used, OSB returns the SOAP Fault body in an encrypted form and SOA assumes that the call succeeded (despite the HTTP 500 error). I have not found a way to tell OSB not to encrypt the response message in the case of "Reply with Failur", but it doesn't encrypt responses when it throws its own faults (BEA-380001, for instance).X509V1 is not a valid value for "Valuetype". So I guess this should not be the problem.
-
How to disable security message
We use both JRE 1.6.0_20 and 1.5.0_10, therefore anytime an app is started it displays a "Java Security Warning" message:
Name: WSApplet
From: http://<servername>
"The required version of Java, 1.5.0_10, is not the latest and may not contain the latest security updates."
And then there are two buttons: Run and Cancel
I want to disable this window and automatically select "Run" and distribute this fix across our 1000+ computers.CubanFrapAddict wrote:
... it is not our HTML code to create/changeIf your browser can access the html that launches the applet
whoever is hosting the html have already given you access to it.
If you believe it will not be permissible to download the html to a local cache
be sure to turn caching off in your browser...
Unless you believe the browser cache does not count.
If you believe it will not be permissible to download a local copy of the html
and make the required adaptations,
you can use something like the Firefox GreaseMonkey plugin to
rewrite the html on the fly to make the html fit your needs.
No local copy needed (well, browser cache probably stores the rewritten html).
Maybe you are looking for
-
Error while posting the parked document in ECC 6.0
Hello ABAPers, After upgrade from R/3 4.6c to ECC 6.0, when we try to post the parked documents ,It calls FM :POSTING_INTERFACE_DOCUMENT". Inside it a call transaction is done using FBVB which throws error while posting for more than 4 withholding ta
-
4s with latest software update will not power off, text will only vibrate, iPod only works with earphones. When I sync it with iTunes it works until power save mode starts, then back to not powering down, making text sounds, or playing iPod out loud.
-
How to Determine Safe Max Memory Limit?
From what I understand, the amount of memory available to your AIR game on a device will vary depending on how many other apps the user is running, the type of device, etc. So with this in mind, how does one define a safe max memory limit for a give
-
Airport X N with Linksys WRT54G
Hello, have read/heard in the past that you shouldnt have 2 wifi enabled laptops too close to each other since they say it can damage each other. how about having 2 wifi routers? do they need to be separated? if so, by how much? Thanks
-
My printer wouldn't let me print..... = (
okay so my printer would not let me print i have HP Photosmart c5280 it says, "Print Cartridges" on the top and on the bottom it says, "Refer to printer documentation" what does that mean? what can i do to fix that? thanks.