Download:
by Gansen Zhao, Canterbury Ct Nf
http://www.cs.kent.ac.uk/pubs/2005/2233/content.pdf
Add To MetaCart
Abstract:
Policy-based messaging (PBM) aims at carrying security policies with messages, which will be enforced at recipient systems to provide security features. PBM promotes a distributed mechanism for secure messaging. The openness of computing environments challenges the PBM model due to the varying trust relations between the different systems and their different behaviours. This paper present a design of a trust infrastructure which is developed based on a Public Key Infrastructure. The trust infrastructure publishes policy enforcement information about the messaging systems, and engenders trust through consistent and mandatory policy enforcement by the systems. It incorporates policy-based management mechanisms to provide flexible and customised messaging services. Secure messaging is achieved by defining security related policies and confining messaging systems ’ behaviours to defined security constraints. The process of PBM is also described, including publishing certificates, sending messages, accessing messages, and enforcing policies. 1.
Citations
|
811
|
Proof-Carrying Code
– Necula
- 1997
|
|
276
|
Enforceable Security Policies
– Schneider
- 2000
|
|
201
|
The ponder policy specification language
– Damianou, Dulay, et al.
- 1995
|
|
38
|
A Security Model for Military Message Systems
– Landwehr, Heitmeyer, et al.
- 1984
|
|
16
|
RFC 2045: Multipurpose Internet Mail Extensions (MIME) part one: Format of Internet message bodies
– Freed, Borenstein
- 1996
|
|
12
|
RFC2821: Simple mail transfer protocol. [Online]. Available: http://www.ietf.org/rfc/rfc2821.txt. Last accessed
– Klensin
- 2001
|
|
9
|
Policy Based Electronic Transmission of Prescriptions
– Chadwick, Mundy
- 2003
|
|
9
|
A Flexible Rolebased Secure Messaging Service: Exploiting IBE Technology for Privacy in Health Care
– Mont, Bramhall, et al.
- 2003
|
|
4
|
Technical Overview of Windows Rights Management Services for Windows Server 2003
– Corporation
- 2003
|
|
4
|
A Distributed Multipurpose Mail Guard
– Wolthusen
- 2003
|
|
3
|
Secure Role based Messaging
– Chadwick, Lunt, et al.
- 2004
|
|
3
|
MailRecall: Secure E-mail for the Enterprise
– DeMarines
- 2004
|
|
3
|
A Policy Driven Approach to Email Services
– Kaushik, Ammann, et al.
- 2004
|
|
2
|
A Practice-Oriented Approach to Security Enhanced Mailing Lists
– Hasselbach
- 2003
|
|
1
|
RFC 3771 - The Lightweight Directory Access Protocol (LDAP) - Intermediate Response Message. Request For Comment, Network Working Group
– Harrison, Zeilenga
- 2004
|
|
1
|
An XML alternative for performance and security: ASN.1
– Mundy, Chadwick
- 2004
|
