Evolving Messaging Systems for Secure Role Based Messaging

This paper articulates a system design for the secure role based messaging model built based on existing messaging systems, public key infrastructures, and a privilege management infrastructure, which enables role-oriented secure communication. Users can send and access messages on behalf of a role. Access to the messages is authorised dynamically according to the authorisation policies conveyed by X.509 Attribute Certificates. The architecture design extends the current messaging systems without invalidating the system's compliance with existing standards, and enables easy integration with existing messaging systems. This paper also contributes to providing security features based on architecture design, and demonstrates the deliberative architecture design for information confidentiality and privacy.