Email feedback: a policy-based approach to overcoming false positives

Authors:
Saket Kaushik;William Winsborough;Duminda Wijesekera;Paul Ammann
Affiliations:
George Mason University, Fairfax, VA;George Mason University, Fairfax, VA;George Mason University, Fairfax, VA;George Mason University, Fairfax, VA
Venue:
Proceedings of the 2005 ACM workshop on Formal methods in security engineering
Year:
2005

Citing 9
Cited 3

Reputation systems

Communications of the ACM
DATALOG with Constraints: A Foundation for Trust Management Languages

PADL '03 Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages
Pricing via Processing or Combatting Junk Mail

CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Detecting deception in reputation management

AAMAS '03 Proceedings of the second international joint conference on Autonomous agents and multiagent systems
The Economics of Spam

Queue - Distributed Development
An economic answer to unsolicited communication

EC '04 Proceedings of the 5th ACM conference on Electronic commerce
A Policy Driven Approach to Email Services

POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Spam Filtering using a Markov Random Field Model with Variable Weighting Schemas

ICDM '04 Proceedings of the Fourth IEEE International Conference on Data Mining
Slamming Spam: A Guide for System Administrators

Slamming Spam: A Guide for System Administrators

BPEL orchestration of secure webmail

Proceedings of the 3rd ACM workshop on Secure web services
Email licensing

Journal of Network and Computer Applications
Policy transformations for preventing leakage of sensitive information in email systems

DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Current email-control mechanisms, though highly effective, are pro-ne to dropping desirable messages. This can be attributed to their coarseness in filtering out undesirable messages from desirable ones. As a result policies to control undesirable messages are often overly permissive. To allow policies to be more restrictive, the transmission mechanism must be made aware of the ways to document a message so that it is acceptable downstream, thus giving the senders a chance of meeting those requirements. In this work, we design a scheme to enable rejected, but desirable messages to be upgraded in a way that they meet downstream requirements. We call this process 'message refinement'. This in turn allows downstream principals to express and enforce precise requirements as the risk of losing desirable messages is minimized. To apply this scheme uniformly to any email-control mechanism, we provide a flexible and extensible policy language to express message acceptance preferences. We use a constraint logic programming approach to specifying and evaluating these policies and show that their evaluation can be accomplished in PTIME. This supports our belief that this technique can be practically applied.