Abstract
Web based e-mail (Webmail) service is a popular mode of e-mail communication and is being widely used for personal and business purposes. Security of webmails carrying sensitive commercial or corporate information is an important requirement today. A comprehensive solution is expected to cover confidentiality and integrity requirements during transit as well as authentication of the origin of webmails. Although some e-mail security solutions such as PGP, S/MIME, SMS and solution from Freenigma are currently available, most of them are tailored for handling e-mail sent or received by mail clients such as the Outlook Express or Eudora and they cannot handle webmails sent or received by browsers. The Freenigma solution handles a few specific webmail services but does not provide a generic solution. The main challenge in developing a security solution for webmails lies in building a parser to extract e-mail header details and mail body from a HTTP message, that can work with all webmail services. To address this challenge, we propose SecWEM, a desktop level end-to-end security solution. The problems involved in development and how they have been solved are presented in this paper.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bishop, M., Cheung, S., Wee, C.: The Threat from the Net. IEEE SPECTRUM 34, 56–63 (1997)
Mathew, A.R., Al Hajj, A., Al Ruqeishi, K.: Cyber crimes: Threats and Protection. In: International Conference on Networking and Information Technology, pp. 16–18 (2010)
Foster, I., Kesselman, C.: Simple Mail Transfer Protocol (SMTP).: RFC 5321 (2008)
Myers, J., Rose, M.: Post Office Protocol Version -3 (POP3).: RFC 1939 (1996)
Crispin, M.: Internet Message Access Protocol (IMAP),version 4rev1.: RFC 3501 (2003)
Fielding, R., Gettys, J., Mogul, J., Frystylc H., Masinter, L., Leach P., Berners-Lee T.: Hypertext Transfer Protocol -HTTP/1.1. : RFC 2616 (1999)
Entrust Secure Messaging Service, http://www.entrust.com
Freenigma, http://www.freenigma.com
Pretty Good Privacy (PGP), http://www.pgp.com
Ransdell, B., Turner, S.: Secure/Multipurpose Internet Mail Extensions (S/MIME) version 3.2.: RFC 5751 (2010)
Open PGP, http://www.openpgp.org
Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2.: RFC 5246 (2008)
Stallings, W.: Network Security Essentials: Applications and Standards. Prentice Hall (2000)
Mohsen, T.: SMEmail - A New Protocol for the Secure e-mail in Mobile Environments. In: Australian Telecommunications Networks and Applications Conference, Adelaide, Australia, pp. 39–44 (2008)
Lux, K.D., May, M.J., Bhattad, N.L., Gunter, C.A.: WSEmail: Secure Internet Messaging Based on Web Services. In: IEEE International Conference on Web Services, Orlando Florida USA, pp. 75–82 (2005)
Jang, J., Nepal, S., Zic, J.: Trusted e-mail Protocol: Dealing with Privacy Concerns from Malicious e-mail Intermediaries. In: IEEE International Conference on Computer and Information Technology, Sydney NSW, pp. 402–407 (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yadav, R.S., Likhar, P., Rao, M.K. (2011). SecWEM: A Security Solution for Web Based E-mail. In: Jajodia, S., Mazumdar, C. (eds) Information Systems Security. ICISS 2011. Lecture Notes in Computer Science, vol 7093. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25560-1_21
Download citation
DOI: https://doi.org/10.1007/978-3-642-25560-1_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25559-5
Online ISBN: 978-3-642-25560-1
eBook Packages: Computer ScienceComputer Science (R0)