Abstract
Computational electronic mail (ce-mail) is an electronic mail that contains an embedded program or interpretable script. Unlike conventional mails, ce-mails are active mails that execute on the recipients' machines. Ce-mails find applications in a wide range of areas including electronic forms, interactive informational mails and intelligent autonomous agents. Potentially powerful, ce-mails nonetheless carry high security risks as a result of malicious attacks that can arise from executing them. Security attacks can take the form of integrity, privacy and denial-of-service attacks on the systems. Such attacks may cause irreparable damages or unquantifiable costs to recipients.
This work proposes a number of techniques to provide protection without compromising too much of the power of ce-mails. In particular, the concept of safe virtual environments for the execution of ce-mails and the utilisation of safe ce-mail languages are highlighted. Safe virtual environments may be attained through the execution of ce-mails at a lower priority, or the creation of a separate disk partition or virtual machine for the execution of ce-mails. Two ce-mail languages, Safe-Tcl and Java, are evaluated and contrasted against the four main features of a safe ce-mail language that include security, power, extensibility and standardisation.