A distributed multipurpose mail guard

IEEE Systems, Man and Cybernetics Society Information Assurance Workshop

Volumn , Issue , 2003, Pages 268-275

  Wolthusen, S D ^a  

^a FRAUNHOFER IGD   (Germany)

Author keywords

Automata; Communication system traffic control; Cryptography; Digital signatures; Electronic mail; Network servers; Operating systems; Postal services; Security; Telecommunication traffic

Indexed keywords

AUTHENTICATION; AUTOMATA THEORY; COMPUTER OPERATING SYSTEMS; CRYPTOGRAPHY; CYBERNETICS; ELECTRONIC DOCUMENT IDENTIFICATION SYSTEMS; ELECTRONIC MAIL; NETWORK SECURITY; POSTAL SERVICES; TELECOMMUNICATION SERVICES; TELECOMMUNICATION TRAFFIC; TRAFFIC CONTROL;

AUTOMATA; COMMUNICATION SYSTEM TRAFFIC; INDIVIDUAL NETWORK; MICROSOFT WINDOWS; MODULAR MODIFICATION; NETWORK SERVER; SECURITY; TRANSPARENT DIGITAL SIGNATURES;

TRANSPORTATION;

EID: 84946405420     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SMCSIA.2003.1232432     Document Type: Conference Paper

References (45)

1. A. Adams and M. A. Sasse, "Users Are Not The Enemy," Communications of the Association for Computing Machinery, vol. 42, pp. 40-46, Jan. 1999.
2. A. Whitten and J. D. Tygar, "Why Johnny can't encrypt: A usability evaluation of PGP 5.0," in Proceedings of the 8th USENIX Security Symposium, (Washington D.C., USA), pp. 169-184, USENIX, Aug. 1999.
3. S. Wolthusen, "Layered Multipoint Network Defense and Security Policy Enforcement," in Proceedings from the Second Annual IEEE SMC Information Assurance Workshop, United States Military Academy, (West Point, NY, USA), pp. 100-108, IEEE Press, June 2001.
4. D. Bentley, G. G. Rose, and T. Whalen, "ssmail: Opportunistic Encryption in sendmail," in Proceedings of the 13th Conference on Systems Administration (LISA-99), (Seattle, WA, USA), pp. 1-8, USENIX, Nov. 1999.
5. I. Brown and C. R. Snow, "A Proxy Approach to e-Mail Security," Software - Practice and Experience, vol. 29, pp. 1049-1060, Dec. 1999.
6. J. Postel, "RFC 821: Simple Mail Transfer Protocol," Aug. 1982. Obsoletes RFC 788.
7. J. Klensin, N. Freed, M. Rose, E. Stefferud, and D. Crocker, "RFC 1869: SMTP Service Extensions," Nov. 1995. Obsoletes RFC 1651.
8. G. Vaudreuil, "RFC 3030: SMTP Service Extensions for Transmission of Large and Binary MIME Messages," Dec. 2000. Obsoletes RFC 1830.
9. J. Myers and M. Rose, "RFC 1939: Post Office Protocol - Version 3," May 1996. Obsoletes RFC 1725.
10. M. Crispin, "RFC 2060: Internet Message Access Protocol - Version 4 Rev 1," Dec. 1996. Obsoletes RFC 1730.
11. T. Berners-Lee, R. Fielding, H. Frystyk, J. Gettys, and J. Mogul, "RFC 2068: Hypertext Transfer Protocol - HTTP/1.1," Jan. 1997.
12. D. Crocker, "RFC 822: Standard for the Format of ARPA Internet Text Messages," Aug. 1982. Obsoletes RFC 733.
13. N. Freed and N. Borenstein, "RFC 2045: Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies," Nov. 1996. Obsoletes RFC 1521, RFC 1522, RFC 1590. Updated by RFC 2184, RFC 2231.
14. N. Freed and N. Borenstein, "RFC 2046: Multipurpose Internet Mail Extensions (MIME) Part Two: Media Types," Nov. 1996. Obsoletes RFC 1521, RFC 1522, RFC 1590.
15. K. Moore, "RFC 2047: MIME (Multipurpose Internet Mail Extensions) Part Three: Message Header Extensions for Non-ASCII Text," Nov. 1996. Obsoletes RFC 1521, RFC 1522, RFC 1590. Updated by RFC 2184, RFC 2231.
16. N. Freed and N. Borenstein, "RFC 2049: Multipurpose Internet Mail Extension (MIME) Part Five: Conformance Criteria and Examples," Nov. 1996. Obsoletes RFC 1521, RFC 1522, RFC 1590.
17. Bundesamt für Sicherheit in der Informationstechnik, "Sichere Verwendung von Verschlüsselungs-Plugins in Outlook," Feb. 2002.
18. C. Newman, "RFC 2595: Using TLS with IMAP, POP3 and ACAP," June 1999.
19. D. Solomon and M. Russinovich, Inside Windows 2000. Bellevue, WA, USA: Microsoft Press, 3rd ed., 2000.
20. D. B. Andersen, "Windows Sockets 2 Application Provider Interface," tech. rep., Intel Corp., May 1997. Version 2.2.1.
21. D. B. Andersen, "Windows Sockets 2 Service Provider Interface," tech. rep., Intel Corp., May 1997. Version 2.2.1.
22. W. Thomas, "Automata on Infinite Objects," in Handbook of Theoretical Computer Science (J. van Leeuwen, ed.), vol. B, ch. 4, pp. 133-192, Cambridge, MA, USA: MIT Press, 1990.
23. M. Arnold, M. Schmucker, and S. D. Wolthusen, Techniques and Applications of Digital Watermarking and Content Protection. The Artech House Computer Security Series, Norwood, MA, USA: Artech House, 2003.
24. J. Callas, L. Donnerhacke, H. Finney, and R. Thayer, "RFC 2440: OpenPGP Message Format," Nov. 1998.
25. E. Rademer and S. Wolthusen, "Transparent Access To Encrypted Data Using Operating System Network Stack Extensions," in Communications and Multimedia Security Issues of the New Century: Proceedings of the IFIP TC6/TC11 Fifth Joint Working Conference on Communications and Multimedia Security (CMS'01) (R. Steinmetz, J. Dittman, and M. Steinebach, eds.), (Darmstadt, Germany), pp. 213-226, IFIP, Kluwer Academic Publishers, May 2001.
26. S. R. Ames, Jr. and D. R. Oestreicher, "Design of a Message Processing System for a Multilevel Secure Environment," in Proceedings of the National Computer Conference, vol. 47, (Anaheim, CA, USA), pp. 765-771, AFIPS, AFIPS Press, Nov. 1978.
27. J. P. L. Woodward, "Applications for Multilevel Secure Operating Systems," in Proceedings of the National Computer Conference, vol. 48, (New York, NY, USA), pp. 319-328, AFIPS, AFIPS Press, Nov. 1979.
28. M. A. Padlipsky, K. J. Biba, and R. B. Neely, "KSOS - Computer Network Applications," in Proceedings of the National Computer Conference, vol. 48, (New York, NY, USA), pp. 365-371, AFIPS, AFIPS Press, June 1979.
29. J. Goodwin, G. Mitchell, and P. S. Tasker, "Concept of Operations for Message Handling at CINCPAC," tech. rep., The MITRE Corporation, Bedford, MA, USA, Oct. 1976. Number MTR-3323.
30. J. D. Tangney, S. R. Ames, Jr., and E. L. Burke, "Security Evaluation Criteria for MMP Message Service Selection," tech. rep., The MITRE Corporation, Bedford, MA, USA, June 1977. Number MTR-3433.
31. D. E. Denning, Cryptography and Data Security. Reading, MA, USA: Addison-Wesley, 1983.
32. B. Tretick, "Certification and Accreditation Approach for the WWMCCS Guard," in Proceedings 16th NIST-NCSC National Computer Security Conference, (Baltimore, MD, USA), pp. 245-252, Oct. 1993.
33. B. Tretick, "Operational Requirements for Multilevel Security," in Proceedings 9th Annual Computer Security Applications Conference (ACSAC'93), (Orlando, FL, USA), pp. 30-35, IEEE Press, Dec. 1993.
34. C. E. Landwehr and C. L. Heitmeyer, "Military Message Systems: Requirements and Security Model," tech. rep., Naval Research Laboratory, Washington D.C., USA, Sept. 1982. NRL Memorandum 4925.
35. C. E. Landwehr, C. L. Heitmeyer, and J. McLean, "A Security Model for Military Message System," ACM Transactions on Computer Systems, vol. 2, pp. 198-222, Aug. 1984.
36. C. L. Heitmeyer and C. E. Landwehr, "Designing Secure Message Systems: The Military Message Systems (MMS) Project," in Proceedings of the IFIP TC6.5 Working Conference on Computer-Based Message Services, (Nottingham, UK), pp. 245-255, IFIP, Kluwer Academic Publishers, May 1984.
37. C. L. Heitmeyer and M. Cornwell, "Specifications for Three Members of the Military Message System (MMS) Family," tech. rep., Naval Research Laboratory, Washington D.C., USA, Mar. 1982. NRL Memorandum 5654.
38. M. R. Cornwell and A. P. Moore, "Security Architecture for a Secure Military Message System," tech. rep., Naval Research Laboratory, Washington D.C., USA, Apr. 1989. NRL Memorandum 9187.
39. R. E. Smith, "Constructing a High Assurance Mail Guard," in Proceedings 17th NIST-NCSC National Computer Security Conference, (Gaithersburg, MD, USA), pp. 247-253, Oct. 1994.
40. M. H. Kang and I. S. Moskowitz, "A Pump for Rapid, Reliable, Secure Communications," in Proceedings of the 1st ACM Conference on Computer and Communications Security, (Fairfax, VA, USA), pp. 118-129, ACM Press, Nov. 1993.
41. M. H. Kang, I. S. Moskowitz, and D. C. Lee, "A Network Version of the Pump," in Proceedings of the 1996 IEEE Symposium on Security and Privacy (SOSP '96), (Oakland, CA, USA), pp. 144-154, IEEE Press, May 1996.
42. M. H. Kang, I. S. Moskowitz, and D. C. Lee, "A Network Pump," IEEE Transactions on Software Engineering, vol. 22, pp. 329-338, May 1996. Revised from [41].
43. G. I. Davida, R. A. DeMillo, and R. J. Lipton, "A System Architecture to Support a Verifiable Secure Multilevel Security System," in Proceedings of the 1980 IEEE Symposium on Security and Privacy (SOSP '80), (Oakland, CA, USA), pp. 137-145, IEEE Press, Apr. 1980.
44. J. Epstein, "Architecture and Concepts of the ARGuE Guard," in Proceedings 15th Annual Computer Security Applications Conference (ACSAC'99), (Phoenix, AZ, USA), pp. 45-54, IEEE Press, Dec. 1999.
45. E. Monteith, "Genoa TIE, Advanced Boundary Controller Experiment," in Proceedings 17th Annual Computer Security Applications Conference (ACSAC'01), (New Orleans, LA, USA), pp. 74-82, IEEE Press, Dec. 2001.