ERCIM News No.30 - July 1997

MMMSec - Security in Multimedia Mail

by Ronald Fromm, Rafal Kowalski, Jürgen Sander, Roland Schwarz, Burkhard Wiegel and Andreas Zisowsky

MMMSec is a German research project performed by the Open Distributed Multimedia Applications Group at GMD Institute for Open Communication Systems in Berlin. It is funded by DeTeBerkom, Ltd. - 100% subsidiary of Deutsche Telekom AG. The main goal of the project is the development of a Security platform tailored to Multimedia-Messaging and the integration of this platform within a multi Messaging-System enabled Multimedia-Mail User Agent in a homogeneous and user friendly fashion. This Security-Demonstrator-UA is called 'S-Mail' and supports Internet Electronic Mail and X.400(88).

The main threads of the project are:

X.420-Security Bodypart

With the introduction of multicontent/multimedia messages, the separate protection of individual bodyparts is necessary if users are to be able to retrieve single bodyparts from a remote message store. There might also be different security requirements for different bodyparts of one message.

Bodypart security within MIME is provided by RFC1847/48. Nothing appropriate was available for X.420. Hence, the concept of the X.420-Security-Bodypart was developed within MMMSec. It provides for Integrity, Confidentiality and Digital Signatures by encapsulating arbitrary ASN.1-encoded X.420-bodypart within a Security-Bodypart.

Security Platform

The main task of protecting and unprotecting messaging content is to process bodyparts, which are data objects. In general there are security tools for different bodypart (object) types. Such tools can be integrated into the Security Platform. Then they are controllable through the uniform platform interface. In addition there is a Security Policy component, which automatically generates Security Processing Information (SPI) for a given bodypart type. The SPI then controls the appropriate Security Services. Key-Management, cryptographic mechanisms and some other useful functions are also provided.

Secure External References

The concept of External References was developed to address messaging problems introduced by the high volume of multimedia content and to provide efficient messaging-based data distribution for high volume content providers. Instead of bulky data, only a pointer to the data is transferred within the message. A security concept for External References was developed within MMMSec, whereby the sender protects the data to be referenced, transfers it to a publicly accessible Global Store, inserts the External Reference and additional Security Parameters into a bodypart, and submits the message.

The receiver retrieves the referenced data from the store and unprotects it using the security parameters from the External Reference. The concept was specified for MIME and X.420. sxRef" (Secure External Reference Manager) is the implementation of the concept for X.420. It is also based upon the Security Platform and can be controlled by Security Policies. The graphical user interface also lets the user recognize known Security Elements.

More Information about this project is available on the World Wide Web at:

Please contact:
Burkhard Wiegel - GMD
Tel: +49 30 25499 373

Michael Gehrke - DeTeBerkom GmbH
Tel: +49 30 46701 122

return to the contents page