WSEmail: An architecture and system for secure Internet messaging based on web services

Michael J. May, Kevin D. Lux, Carl A. Gunter

Research output: Contribution to journalArticle

Abstract

Web services offer an opportunity to redesign a variety of older systems to exploit the advantages of a flexible, extensible, secure set of standards. In this work, we revisit WSEmail, a system proposed over 10 years ago to improve email by redesigning it as a family of web services. WSEmail offers an alternative vision of how instant messaging and email services could have evolved, offering security, extensibility, and openness in a distributed environment instead of the hardened walled gardens that today’s rich messaging systems have become. WSEmail’s architecture, especially its automatic plug-in download feature, allows for rich extensions without changing the base protocol or libraries. We demonstrate WSEmail’s flexibility using three business use cases: secure channel instant messaging, business workflows with routed forms, and on-demand attachments. Since increased flexibility often mitigates against security and performance, we designed WSEmail with security in mind and formally proved the security of one of its core protocols (on-demand attachments) using the TulaFale and ProVerif automated proof tools. We provide performance measurements for WSEmail functions in a prototype we implemented using.NET. Our experiments show a latency of about a quarter of a second per transaction under load.

Original languageEnglish (US)
JournalService Oriented Computing and Applications
DOIs
StateAccepted/In press - Jan 1 2020

Keywords

  • Electronic mail
  • Email workflow
  • On-demand attachments
  • Rich messaging
  • Security
  • Web services

ASJC Scopus subject areas

  • Software
  • Management Information Systems
  • Information Systems
  • Hardware and Architecture

Fingerprint Dive into the research topics of 'WSEmail: An architecture and system for secure Internet messaging based on web services'. Together they form a unique fingerprint.

  • Cite this