AMPol: Adaptive Messaging Policy
Messaging is a critical application that is challenged by limits in flexibility, integration, and security. In prior work, we have explored addressing some of these limits by developing a messaging system as a family of web services, an approach we call WSEmail. This project aims to build on this experience by developing adaptive policy management techniques and exploring requirements for the new approach in several potential application areas. We plan investigations regarding architecture, theory, interoperability, prototyping, experimentation, and the development of application requirements. Our interoperability work will enable us to derive solutions that can work with the existing base and our application studies will help us determine the features that offer the most likely practical benefits.

Virtually every enterprise has begun to make use of Internet messaging for critical functions. Typical applications include the use of email to support workflow (such as setting appointments and gaining approvals), the transfer of information (via attachments on documents), notifications (of events), passing pointers (especially phone numbers and URLs), and many other functions. There is rapid growth of other types of messaging, such as instant messaging, and related communication techniques like IP telephony and video conferencing.

Despite its critical importance and ubiquity, and in part because of these features, a number of shortcomings in the software and architectures that support messaging have become apparent. For instance, continued use of clear text email messages has led parties with security concerns to use web browsers to communicate sensitive information. But poor integration of messaging and web browsing have opened “phishing” threats in which spoofed URLs are used to trick message recipients into releasing sensitive information to untrustworthy sites. As a second example, the convenience of email as a way to deal with inter-domain information routing (that is sending information between employees at different companies) helps compensate for poor inter-domain authentication systems. However, this useful business function makes it difficult to address the large volume of unwanted email correspondence, “spam,” since it is difficult to distinguish this kind of traffic in a mail bin of unauthenticated messages.

Problems with messaging can be addressed in a number of ways, each of which has its own advantages. An incremental approach to improving email security might involve adding spam filters to email programs. The problem could also be addressed by deploying entirely new software or technology: for instance, instant messaging differs from Internet email in its architecture, security, and software. Or messaging could simply be added to other platforms: healthcare providers, for example, exchange messages with customers though secured web sites.

A particularly appealing solution is to base messaging on a new platform, which would allow the messaging system to assume the virtues and leverage the deployment of the new platform. Implemented over the .NET framework, WSEmail 1.0 appears to users to be very similar to desktop email programs, but all processes such as SMTP, IMAP, POP, and S/MIME are implemented as web services using the W3C and Oasis standards such as XML, SOAP, XMLDSIG, together with extensions like tokens for federated identities, which support inter-domain authentication and thus provide richer security.

One of the greatest challenges facing the WSEmail system is how to deal with all of the flexibility that it aims to support. For instance, if a potential recipient does not support the semantics of a type of message, how will the sender know and what will the recipient do with the message? This problem is not alien to existing Internet email. For instance, it is commonplace to find out the policy of a mail relay by sending messages and seeing if they are relayed. Relays use complex spam filters and often block messages that are too large or have attachments deemed to be risky. It would be highly desirable if recipients could safely announce their policies in advance so that senders could adjust to these policies. The idea is akin to setting up an access control system for your email in-box in a way that can be understood and respected by others. The lack of a standardized system of this kind has widespread consequences, such as an inability to impose more substantial policies in many instances.

The basic situation can be seen in the figure on the right. Here a sender uses his Sender Mail User Agent (SMUA) to send a message to a recipient RMUA via a Sender Mail Transfer Agent (SMTA). This message passes through a relay RMTA of the recipient. The recipient has a policy PRMUA for what mail he is willing to receive. There are also policies associated with the relays: an egress policy PSMTA for outbound messages and an ingress policy PRMTA for inbound messages. To address policies there is a Repository, which holds processing code that can be retrieved by user agents or transfer agents if they trust the source.



The AMPol Project explores the idea of providing a way for potential respondents to advertise policies and for would-be initiators to adapt to these policies to enable communication. We are designing such a system for electronic mail to allow potential correspondents to agree on policy for exchanging messages in a flexible, predictable, and efficient manner. Our approach bases email on emerging foundations for web-based distributed computing, namely web services, and exploits the virtues of this platform to provide improved flexibility, security, and integration.
 
Project Leads
Carl Gunter, UIUC/Computer Science Department
Himanshu Khurana, NCSA

Return to Projects list


The National Center for Advanced Secure Systems Research NCASSR) at the University of Illinois at Urbana-Champaign (UIUC) is a multi-institutional cybersecurity research team. NCASSR focuses basic and applied research necessary to develop next generation information security technologies that address national cybersecurity needs. NCASSR is led by the National Center for Supercomputing Applications (NCSA) and supported by funding from the Office of Naval Research (ONR).


SELS 0.7 released
Secure Email List Services (SELS) is an open source software for creating and developing secure email list services among user communities.
 
Strong community engagement strengthens cybersecurity research and development
NCASSR-supported exploratory research at NCSA and elsewhere has sparked additional external funding and development opportunities as well as successful deployment and adoption by users ranging from the defense sector to state law enforcement to the utilities industry.
 
NCASSR Collaborator Goes To Washington
Carl Gunter, a professor in the University of Illinois Department of Computer Science and a project lead on NCASSR-supported work involving adaptive, secure messaging, recently spoke to an audience of congressional staffers and lobbyists on Capitol Hill regarding ways to address a variety of critical cybersecurity issues in areas such as healthcare and energy distribution.