Mason Archival Repository Service

Policy-Controlled Email Services

Show simple item record Kaushik, Saket
dc.creator Kaushik, Saket 2007-12-18T16:44:27Z 2007-12-18T16:44:27Z 2007-12-18T16:44:27Z
dc.description.abstract The context for this research proposal is an area of work that seeks to replace the current state of access-control for email, in which an arbitrary message sender enjoys unregulated \append" access to message recipient's email mailbox, with a pol- icy framework, in which each principal involved in a message exchange - namely the sender, the sender's service provider, the recipient's service provider, and the recipient, can articulate its interests for regulating access to resources under its control. Though there exist a vast number of automatic control techniques to limit transmission of email messages, specifically, to stop unwanted messages reaching a recipient, they are still prone to dropping some desirable messages. This often prompts recipients and other principals to relax the message acceptance requirements. This in turn makes them easy targets for sending commercial or fraudulent mail. We propose a novel scheme to overcome this handicap. Our scheme makes the transmission mechanism aware of the documentation required with a message to make it acceptable downstream. For instance, if a recipient wishes to receive only those messages that have a monetary guarantee, also known as a bond, then the transmission system must be made aware of this fact so that desirable messages can satisfy this requirement. Consequently, recipients and other principals can express and enforce precise acceptance requirements, through explicit policies, and gain control over their resources. In addition to the problem of enforcing precise acceptance requirements in the transmission process, there exists no means of flexibly combining available email- control techniques tailored to the needs of a particular recipient or its service provider. This is the primary reason for the inability to express requirements suited to a particular individual. For instance, currently it is not possible to state a requirement like `allow messages, initiated by a human sender affiliated with George Mason University, even though the spam filter ranks them as possible spam'. In our view a policy-based approach is well-suited to attain this objective. The use of these control-techniques leads to significant deviation of behavior from what is prescribed in the current email delivery protocol. In other words, the protocol lacks significantly in representing the current delivery requirements. Clearly, it requires an overhaul to correspond to current requirements and reduce ambiguities during protocol play; a goal that we propose to research in this study. We propose using constraint logic programming (CLP) to articulate and evaluate different types of policies. This is because the way messages are constructed and acceptance conditions are evaluated, a CLP approach seems a natural way to model these operations. In addition, CLP approach promises to simplify the task of providing feedback for rejected messages, so that they can be revised and retransmitted. Since declarative policies can describe control on a very high-level, we also propose to study refinements of these high-level directives to protocol level actions.
dc.language.iso en_US en
dc.subject spam control en_US
dc.subject Network Security en_US
dc.subject privacy en_US
dc.subject policy evaluation en_US
dc.title Policy-Controlled Email Services en
dc.type Dissertation en Doctor of Philosophy in Information Technology en Doctoral en Information Technology en George Mason University en

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search MARS

Advanced Search


My Account