WSEmail Email Based on Web Services Kevin Lux, Michael May, Nayan Bhattad University of Pennsylvania Carl A. Gunter University of Illinois Urbana-Champaign.

Slides:



Advertisements
Similar presentations
Illinois Security Lab Using Attribute-Based Access Control to Enable Attribute- Based Messaging Rakesh Bobba, Omid Fatemieh, Fariba Khan, Carl A. Gunter.
Advertisements

How Clients and Servers Work Together. Objectives Web Server Protocols Examine how server and client software work Use FTP to transfer files Initiate.
The Internet Useful Definitions and Concepts About the Internet.
Introduction to Web Database Processing
Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?
Exchange server Mail system Four components Mail user agent (MUA) to read and compose mail Mail transport agent (MTA) route messages Delivery agent.
Business Data Communications & Networking
ASP.NET Programming with C# and SQL Server First Edition Chapter 8 Manipulating SQL Server Databases with ASP.NET.
PAWN: A Novel Ingestion Workflow Technology for Digital Preservation Mike Smorul, Joseph JaJa, Yang Wang, and Fritz McCall.
Prepared By E.Musa Alyaman1 Networking Theory Chapter 1.
Technion – Israel Institute of Technology Department of Electrical Engineering Software Lab Remote Mailbox based on.NET technology Michael and Eugene Shamis.
1 Protocol Interaction (ISO’s Open Systems Interconnection (OSI model)) the 7 layers.
Electronic Mail (SMTP, POP, IMAP, MIME)
INTRODUCTION TO WEB DATABASE PROGRAMMING
Computer Concepts 2014 Chapter 7 The Web and .
SMTP, POP3, IMAP.
1 Application Layer Lecture 5 Imran Ahmed University of Management & Technology.
Chapter 17 Networking Dave Bremer Otago Polytechnic, N.Z. ©2008, Prentice Hall Operating Systems: Internals and Design Principles, 6/E William Stallings.
Data Communications and Computer Networks Chapter 2 CS 3830 Lecture 9
Application Layer Protocols Simple Mail Transfer Protocol.
SMTP PROTOCOL CONFIGURATION AND MANAGEMENT Chapter 8.
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 12 Electronic Mail.
 TCP/IP is the communication protocol for the Internet  TCP/IP defines how electronic devices should be connected to the Internet, and how data should.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 3: TCP/IP Architecture.
Webmail. Agenda Why use webmail? Why use webmail? What is webmail What is webmail – basic » system MDA MDA MTA MTA MUA MUA »Protocol SMTP SMTP.
What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.
AMPol: Adaptive Messaging Policy Raja N. Afandi, Jianqing Zhang, Munawar Hafiz, Carl A. Gunter Computer Science Department, University of Illinois Urbana-Champaign.
The Windows NT ® 5.0 Public Key Infrastructure Charlie Chase Program Manager Windows NT Security Microsoft Corporation.
LOGO Server. Contents Introduction 1 Problem Definition 2 Proposed Solution 3 Architecture Diagram 4 Server Technology 5 Hardware and Software.
9 Chapter Nine Compiled Web Server Programs. 9 Chapter Objectives Learn about Common Gateway Interface (CGI) Create CGI programs that generate dynamic.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.
Forensic and Investigative Accounting Chapter 14 Internet Forensics Analysis: Profiling the Cybercriminal © 2005, CCH INCORPORATED 4025 W. Peterson Ave.
What is and How Does it Work?  Electronic mail ( ) is the most popular use of the Internet. It is a fast and inexpensive way of sending messages.
AMPol-Q: Adaptive Middleware Policy to support QoS Raja Afandi, Jianqing Zhang, Carl A. Gunter Computer Science Department, University of Illinois Urbana-Champaign.
TCP/IP Transport and Application (Topic 6)
1 The Internet and Networked Multimedia. 2 Layering  Internet protocols are designed to work in layers, with each layer building on the facilities provided.
1 Electronic Messaging Module - Electronic Messaging ♦ Overview Electronic messaging helps you exchange messages with other computer users anywhere in.
OS Services And Networking Support Juan Wang Qi Pan Department of Computer Science Southeastern University August 1999.
563.4 Web Services Presented by: Carl A. Gunter University of Illinois Spring 2006.
WWW: an Internet application Bill Chu. © Bei-Tseng Chu Aug 2000 WWW Web and HTTP WWW web is an interconnected information servers each server maintains.
CS 3830 Day 9 Introduction 1-1. Announcements r Quiz #2 this Friday r Demo prog1 and prog2 together starting this Wednesday 2: Application Layer 2.
TCP/IP (Transmission Control Protocol / Internet Protocol)
1 Chapter Overview Network Communications The OSI Reference Model.
1 Chapter Overview Network Communications The OSI Reference Model.
INTERNET PROTOCOLS. Microsoft’s Internet Information Server Home Page Figure IT2031 UNIT-3.
Secure Web Services Arvind Easwaran CIS/TCOM 551 Spring 2004 Slide Set 7.
8 Chapter Eight Server-side Scripts. 8 Chapter Objectives Create dynamic Web pages that retrieve and display database data using Active Server Pages Process.
A Quick Look At How Works Understanding the basics of how works can make life a lot easier for any user. Especially those who are interested.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter One Introduction to Exchange Server 2003.
1 Kyung Hee University Chapter 22 Simple Mail Transfer Protocol (SMTP)
1 Architecture 2 User Agent 3 Message Transfer Agent 4 Message Access Agent 5 MIME 6 Web-Based Mail 7 Electronic Mail Security.
Discussion of OCP/SMTP profile and some Use cases Presented by Abbie Barbir
VIRTUAL SERVERS Chapter 7. 2 OVERVIEW Exchange Server 2003 virtual servers Virtual servers in a clustering environment Creating additional virtual servers.
CIW LESSON 7 PART A. INTRODUCTION TO BUSINESS ELECTRONIC MAIL The use of has given rise to the term ______________________, which is a slang term.
IST 201 Chapter 11 Lecture 2. Ports Used by TCP & UDP Keep track of different types of transmissions crossing the network simultaneously. Combination.
1 Chapter 1 INTRODUCTION TO WEB. 2 Objectives In this chapter, you will: Become familiar with the architecture of the World Wide Web Learn about communication.
Networking Applications
Remote Logging, Electronic Mail, and File Transfer
Application layer tcp/ip
Data Communications and Computer Networks Chapter 2 CS 3830 Lecture 9
Working at a Small-to-Medium Business or ISP – Chapter 7
CIW Lesson 7 Part A Name: _______________________________________
Chapter 10: Application Layer
Working at a Small-to-Medium Business or ISP – Chapter 7
Working at a Small-to-Medium Business or ISP – Chapter 7
Network Architecture Models
Protocol Application TCP/IP Layer Model
Chapter 7 Network Applications
MESSAGE ACCESS AGENT: POP AND IMAP
Presentation transcript:

WS Based on Web Services Kevin Lux, Michael May, Nayan Bhattad University of Pennsylvania Carl A. Gunter University of Illinois Urbana-Champaign

2 Internet Based on a collection of protocols SMTP, POP, IMAP, S/MIME Evolved over a vast installed base Shortcomings Flexibility Security Integration

3 Approaches to Improvement Make incremental changes and overlays for the existing protocols Redesign the system from a low level –Example: instant messaging Create a design from another high-level foundation –Example: use HTTP and SSL

4 WS Project Began at Penn with support from Microsoft Aim: use web services as a new foundation for as a way to improve security, flexibility, and integration Ongoing project at both UIUC and Penn Expanding to the AMPol Project

5 Basic Operation Distributed Components and Messages SD: Sender Domain SC: Sender Client SS: Sender Server RD: Receiver Domain RS: Receiver Server RC: Receiver Client Sample Messages

6 Applications Integrated instant messaging Workflow based on routed forms On-demand attachments Policy negotiation

7 Instant Messaging

8 Workflow Systems

9 On-Demand Attachments

10 Architecture Server Mail Transfer Agent (MTA) –Core –Plugin Client Mail User Agent (MUA) Overall aim: support for secure dynamic extensions Compare: active networks concept

11 MTA Core

12 MTA Plugins Server UML Server Plugins UML

13 Client MUA

14 Implementation WS implemented over.NET framework with Web Services Enhancement (WSE) Messages stored on SQL Server 2000 Version 1.0 has –68 interfaces –343 classes –30 projects –C#.NET-managed code created with MS Visual Studio DNS SRV records used for routing.

15 WS Test-bed Machines: Pentium4 Network: 100Mb switched Ethernet Client Machines: 2.8GHz, 512MB RAM Server (S i ): 2.8GHz, 1GB RAM Database (S db ): 2.4GHz, 1GB RAM Internet Emulator (S e ): 2.8GHz, 512MB RAM

16 Parameters Each client will send 2000 requests to S i Operations: send message, list headers, retrieve message, delete message (each with equal chance) Sent messages include local recipient (a user on S i ) and an external recipient (a user on S e ). Test coordinator holds test parameters that clients receive and parse Message database is pre-populated with a few entries Test coordinator signals test start Clients non- deterministically pick an action to perform, based on upon test parameters

17 Results Average latency:.274 sec / msg Rate of 1786 msg / min Client machines sent 36.4MB and received 369.4MB Test took 1824 sec to execute Benchmark comparison to SMTP on our machines showed.170 sec / msg with messages of similar size Benchmark UW Parkside peak usage figures were 1716 msg / min

18 Theory On Demand Attachments Protocol –Nine messages, four parties –Complex messages –Want to prove that receiving an attachment means it was sent by the sender in the from field

19 Proof Technique Reduce the complex and redundant messages –Eliminated headers, irrelevant to/from fields Choose a verifier that can evaluate protocol security –Used ProVerif by Bruno Blanchet Formalize the messages and parties for the verifier –Used TulaFale by MS Research –Compiled TulaFale scripts into ProVerif syntax Result was a smaller formal version in a machine checkable format –Lost injectiveness in the process of translating down since TulaFale cannot express timed nonces easily

20 Message Example First message is from the Sending Client to the Sending Server – text, attachment, destination address, user name –Everything is signed user name token method Abstractly –SC  SS: SS | (RC | RS) | Msg | Attachment Production and Destruction Rules in TulaFale predicate mkMsg1(SC:item, nonce:bytes, creation:string, attachment:string, string, TOuser:string, TOdom:string, Msg1:item, Msg1Signed:item) :- destUserAtDomain = UName(TOuser, TOdom), isUserTokenKey(TokSC, SC, nonce, creation, KeySC), Msg1 = Message1(TokSC, attachment, , destUserAtDomain), mkSignature(Sig, "hmacsha1", KeySC, Msg1 ), Msg1Signed = Sig Msg1. predicate isMsg1(Msg1Signed:item, SC:item, TOdom:string, TOuser:string, attachment:string, string, destUserAtDomain:item, Msg1:item) :- Msg1Signed = Sig Msg1, Msg1 = Message1(TokSC, attachment, , destUserAtDomain), isUserTokenKey(TokSC, SC, nonce, creation, KeySC), isSignature(Sig, "hmacsha1", KeySC, Msg1 ), destUserAtDomain = UName(TOuser, TOdom).

21 Result First pass at the formalization had errors –We ended up with a trivially true theorem Second pass was more careful –Each messages was checked for correctness and reachability Performance problems –ProVerif couldn’t handle such a large protocol –Blanchet created a version of ProVerif that skipped some extra parsing steps that were performed after the theorem was proved We finished with a theorem shown to be true, but without a derivation tree justifying the theorem –Would have made debugging hard –Future efforts will be made at making the prover more efficient

22 Summary Web service foundation for messaging (WS ) may address issues with flexibility, integration, and security. Designed architecture and built WS system on.NET. Studies show –Interesting applications –Useful theory –Satisfactory performance

23 Future Work AMPol: Adaptive Messaging Policy Effort to create messaging system where elements can adapt to policies with grace and security. Key architectural elements –Policy model –Policy discovery –System extension and policy merging

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.