Attribute Based Security and Messaging
Messaging systems are a critical application for the Internet, but systems like Internet email based on SMTP are beset by many problems such as abuse of access control for email in-bins (SPAM), authentication (phishing and other types of fraud), confidentiality (where end-to-end encryption is still a challenge), and reliability. For these reasons, important application areas such as the medical and financial sectors have turned to other mechanisms. For example, the Centers for Disease Control and Prevention (CDC) standards for messaging envision a WSEmail architecture in which communications are based on web services, an emerging XML-based foundation for distributed computing. Financial entities like banks and mutual funds have developed techniques where back-end server systems implement their own secure messaging while users are notified of messages by SMTP and use browsers to access messages. This architecture has emerged as a wide-spread ad hoc work-around to achieve a practical solution. As such, it has not received the research consideration that it deserves, especially to provide deeper security analysis and explore novel opportunities that a fresh design could incorporate.
 
Project Leads
Carl Gunter, CS Dept, University of Illinois
Himanshu Khurana, University of Illinois

Return to Projects list


The National Center for Advanced Secure Systems Research NCASSR) at the University of Illinois at Urbana-Champaign (UIUC) is a multi-institutional cybersecurity research team. NCASSR focuses basic and applied research necessary to develop next generation information security technologies that address national cybersecurity needs. NCASSR is led by the National Center for Supercomputing Applications (NCSA) and supported by funding from the Office of Naval Research (ONR).


SELS 0.7 released
Secure Email List Services (SELS) is an open source software for creating and developing secure email list services among user communities.
 
Strong community engagement strengthens cybersecurity research and development
NCASSR-supported exploratory research at NCSA and elsewhere has sparked additional external funding and development opportunities as well as successful deployment and adoption by users ranging from the defense sector to state law enforcement to the utilities industry.
 
NCASSR Collaborator Goes To Washington
Carl Gunter, a professor in the University of Illinois Department of Computer Science and a project lead on NCASSR-supported work involving adaptive, secure messaging, recently spoke to an audience of congressional staffers and lobbyists on Capitol Hill regarding ways to address a variety of critical cybersecurity issues in areas such as healthcare and energy distribution.