The Open Group : Making Standards Work
About The Open Group The Open Group Forums Certification Consortia Services
HOME   |   SITE MAP   |   SEARCH  
Sponsor an Event Become a Member of The Open Group The Open Group Member Area
Government Programs Events Bookstore & Downloads Newsroom Contact The Open Group
You are here: Home > Forums > Messaging > SSM Certification > Syllabus
Document Index

S/MIME Secure Messaging Architecture

Core Syllabus

Fee Schedule

SSM SERVICES Product Standard

SSM TRAINING Product Standard

SSM CERTIFIED Product Standard

SSM SERVICES CSQ

SSM TRAINING CSQ


The Open Group's Platinum Members

Capgemini

Fujitsu

HP

Hitachi

IBM

NEC

Sun Microsystems

 
Messaging Forum
 

 S/MIME Secure Messaging Certification - Core Syllabus Definition

Introduction

S/MIME Secure Messaging Certification

The S/MIME Secure Messaging certification program identifies organizations and individuals who are able to support the deployment of secure e-mail systems in accordance with The Open Group S/MIME Secure Messaging Architecture, together with appropriate training course and materials.

This Document

The S/MIME Secure Messaging Certification Core Syllabus Definition defines the core code of knowledge required by secure messaging professionals, to be able to install and configure secure e-mail systems that conform to The Open Group S/MIME Secure Messaging Architecture.

Training courses that are certified against the S/MIME Secure Messaging TRAINING product standard must cover all of the mandatory elements of this syllabus, and may include any or all of the optional elements.

The examination upon which certification against the S/MIME Secure Messaging CERTIFIED product standard may include questions related to any of the mandatory elements of this syllabus, but will not include questions on any of the optional elements.

The unique numbering in the following sections is used for reference in certification materials.

Core Syallabus

Mandatory Elements

1. Rationale for Secure E-Mail
1.1 Requirements
1.2 Use cases
 
2. Basic Internet E-Mail Architecture
2.1 Components
2.2 Standards
 
3. Information Security Principles
3.1 Scope of Security
3.2 Trust Models
3.3 Cryptography
3.3.1 Symmetric key
3.3.2 Asymmetric key
 
4. Introduction to E-Mail Security
4.1 Scope of Security
4.2 Crytographyy
4.3 Digital signatures
4.4 Sender authentication overview
4.5 Standards
 
5. Prerequisites for secure E-Mail
5.1 Technical
5.2 Infrastructure
5.3 Organizational
5.4 What can be automated
 
6. Architecture Models for Secure E-Mail
6.1 "To-End" Desktop
6.2 "To-Site" Gateway
 
7. Components of a PKI
7.1 Certificate
7.2 Certification Authority
7.2.1 Self-signed certificates
7.2.2 Self-managed CA service
7.2.3 External CA service
7.3 Registration Authority
7.4 Key Generation
7.5 Key Management
7.6 Directory Service
7.7 Validation/Revocation Service
 
8. Usage of a PKI
8.1 Internal Organization and Infrastructure
8.2 Certificate Policy
8.3 Certification Practice Statement
8.4 PKI Disclosure Statement
8.5 Relying Party Agreements
8.6 CP/CPS audits
 
9. Bridge Infrastructures
9.1 Requirements/challenges
9.2 Out of band delivery
9.3 Approaches
9.3.1 Signed list
9.3.2 Cross certification
9.3.3 Participation requirements
 
10. Implementing a Gateway Encryption System
10.1 Key Generation
10.2 Key Exchange
10.3 Establishing Policy
 

Optional Elements

O1. Architecture Models for Secure E-mail
O1.1 Secure Web mail
O2. E-Mail Sender Authentication
O1.1 Path validation
O1.2 Crypto based approaches
O3. Content Management
O2.1 Virus protection
O2.2 Spam filtering
O4. Configuration of specific E-Mail products for security
 
O5. Hands-on sequence of product configuration
 

 

  
 

 

 

  
   |   Legal Notices & Terms of Use   |   Privacy Statement   |   Top of Page   Return to Top of Page

Copyright © 2005. The Open Group. All Rights Reserved.