Governmentwide
Electronic Messaging Solutions
(Originally published in Messaging Magazine,
January/February 1999)
By Jack L. Finley, General Services
Administration
and Ghezal Mayel, Booz*Allen & Hamilton, Inc.
The exchange of electronic messages over the Internet has become an integral part of government communications with the public and internally. E-mail enables government users to rapidly communicate information worldwide.
E-mail is widely accepted as a reliable method for internal and external communications. Although e-mail is viewed overall as reliable, users continue to struggle with some common issues that at times prevent them from fully exploiting the capabilities of their various messaging systems. Currently, government e-mail systems are managed separately with individual agencies setting up their own systems and relying on the Internet for external interoperability. As government users become more dependent on e-mail to carry out official business, interoperability and performance issues are becoming increasingly important. Users want to take their messaging system to the next higher level—"business quality"—with enhanced security services and integrated message management.
Several persistent e-mail interoperability issues must be resolved before government e-mail users can fully rely upon their systems for official business transactions. E-mail users experience problems related to attachments, error messages, authentication, message disposition, e-mail overflow, directories, and gateways. The issues can be categorized as either external or internal. External issues relate to technical standards and how products perform. Resolution of these types of problems depend on solutions provided by the vendor community and their current e-mail products.
Internal interoperability addresses the internal architecture and configurations of agency e-mail systems. Resolution of issues arising from internal factors will require changes in the way e-mail systems are used and how users are trained.
Resolving E-Mail Issues
This article recommends potential strategies for resolving high priority e-mail interoperability issues, as identified by the governmentwide Chief Information Officer (CIO) Council. Internet e-mail use is still growing at a rapid pace. These are important issues requiring resolution to fully satisfy e-mail user requirements. The federal government requires a messaging system that is fast, reliable, secure, and flexible. Through a cooperative effort between e-mail system providers and staff responsible for managing the use of these systems many of these issues can be resolved.
Attachments
E-mail users continue to experience difficulty when sending and receiving files attached to e-mail messages. Some problems stem from limited user understanding of the e-mail system capabilities and interoperability with the application used to create the files. However, system level issues continue to plague users. For example, attachments are sometimes corrupted during transmission.
Interoperability and processing of files attached to e-mail messages are primarily internal issues. Resolution requires more aggressive training and education of users. Senders should be aware that there is a risk of unsuccessful attachment retrieval when sending an attachment that is greater than 2 Megabytes. The system should be configured to display a user friendly error message that alerts users who try to send file attachments greater than 2 MB. Users should be encouraged to send large attachment files in other ways, such as file transfer protocol. The 2 MB constraint has been examined by the CIO Council interoperability committee. As technology evolves, this threshold could be extended.
Ensuring recipients have the applications necessary to read attached files can also be solved through user education. Awareness of the need to verify the recipient's capabilities prior to transmission can be done out-of-band. Alternatively, conversion of file attachment formats could be solved through automated conversion programs based upon an indication of preferred data formats in a widely accessible directory.
Systems that have file attachment transfer interoperability issues should implement the Multipurpose Internet Mail Extension (MIME) standard. Wider use of the MIME standard formats will ensure more successful transmission of attachments as well as e-mail messages with embedded enhanced graphics, text, and audio. Using MIME lowers the risk that attachments will be corrupted.
Error Messages
The generally poor wording of error messages is one of the most frustrating e-mail system problems. Error messages often consist of codes and technically specific text that is very difficult for the average user to understand. More clearly informative error messages should be created. These messages should explain the problem and suggest solutions to help solve the problem. Users often are unable to translate error messages into straightforward directions for carrying out the necessary corrective action.
The error messages issue falls within the external and internal categories. Externally, the vendor community needs to work closely with users to define and implement better error messages that are easier to understand. Where possible, government organizations should be able to configure error messages to provide more meaningful information directly related to their implementation.
Internally, agencies throughout the government need to provide more information to users on what actions to take when presented with error messages. Help desks accessible to all federal government employees should be available 24 hours a day, 7 days a week to assist users in translating and responding to error messages. Through guidelines and easily accessible help, users would be better able to deal with error messages.
Authentication
It is vital for the government to meet its security requirements through reliable authentication mechanisms that control access to automated information systems. The government cannot tolerate unauthorized access or intrusions within its messaging system. To meet the government's goal of using e-mail for official business, e-mail users must be able to verify and validate the sources of their messages. Authentication mechanisms are the first step in controlling access to messaging systems and verifying the authenticity of the originator of a message. Authentication mechanisms that deny unauthorized users access to the system are required. A variety of authentication techniques are available. These methods can be the basis for access control systems.
Authentication is an external issue. Users rely on the vendor community to provide products that support authentication and digital signatures on messages. Currently, the preferred approach for ensuring authentication and access control is to use public key certificates and keys. Application of these technologies in the federal government is currently being defined through initiatives such as the Federal Public Key Infrastructure (FPKI) forum. This forum relies on implementation of approved procedures, including issuing software or hardware based tokens to users validated by a Certificate Authority (CA). Under this procedure, identities of these e-mail users are stored in a digital format and exchanged in a way that unambiguously identifies users. This process provides proof of the user's name and unique identification number, specifies the valid period of the user's security information, and the specifies how their security capabilities can be used. This information is validated through the signature of a trustworthy CA.
In the federal government, it is anticipated that several CAs will exist to support communities of interest, such as the defense community, the banking community, and the intelligence community. Cross-CA procedures will be developed to define the rules through which these communities will interoperate. The General Services Administration (GSA) is currently piloting a directory service, the U.S. Government Online Directories (USGold), to examine how X.509 digital certificates from multiple government CAs can be stored in a standards-based directory repository.
X.509 certificates contain the following information: owner's public key, owner's name, organization, address, expiration date of the public key, name of the issuer, serial number of the certificate, and a digital signature of the Certificate of Authority.
Message Disposition
The federal government requires proof that official business messages have been delivered. Systems must account for all messages exchanged in the transmission of official business transactions. Message accountability requirements include the ability for users to prove the time and date of message submission and delivery. Additionally, users need to be able to track a message to verify whether it was sent, received, opened, read, and deleted to ensure a transaction was delivered and complete.
The ability to track the disposition of messages is an external issue that is dependent upon the capabilities of the user's messaging system. The message disposition tracking and tracing capability has been addressed in the Department of Defense, Defense Message System (DMS) specifications. This X.400-based system, being provided by vendors such as Microsoft and Lotus, is intended to meet critical command and control messaging requirements. Further work is needed in this area for vendor communities to provide a universal standard approach in managing message disposition.
E-Mail Overflow
Many federal government e-mail users struggle with the volume of e-mail messages
received on a daily basis. "Drowning" in
e-mail is a common complaint. Without wider availability of e-mail management tools,
important messages are lost among junk mail; and in some instances, important messages get
deleted or skipped. The government cannot afford to miss important messages by
accidentally losing or deleting important messages while in the process of deleting the
junk e-mail messages.
E-mail overflow is an internal issue that can be dealt with via a method adopted by some e-mail users: These users should configure their e-mail client software to create and insert an unusable REPLY-TO address in their "sent-by" identity. E-mail users should then insert their correct addresses in the signature line or in the body of the document. When junk mail senders search for a REPLY-TO address, they receive an invalid address. This method stems the flow of junk mail to an e-mail system, thereby helping to resolve the e-mail overflow issue.
Where possible, firewalls and mail servers could also be configured to prohibit the transfer or receipt of messages from known sources of junk mail. Junk mail expends government resources in terms of the system capacity required to transfer and store these messages as well as the time users spend evaluating and deleting unwanted messages.
Eradicating unwanted messages is not the complete solution for users having difficulty in managing large volumes of e-mail messages. Systems with sophisticated filters and mail management tools for the user to configure are becoming increasingly critical. Not only should these tools be made widely available, but also training must be available to support users in maximizing the capabilities of the tools.
Directories
Directories are critical for users to find information necessary to send secure
official messages. The GSA USGold service is
a meta-directory service that is being deployed to satisfy this requirement. Information
about all federal government staff, groups, and organizations can be stored to enable the
exchange of business messages and other types of communications. This type of directory
service enables users to easily find e-mail addresses, telephone numbers, and physical
addresses.
The USGold directory will also be used for security purposes by storing public keys. By synchronizing directories, high levels of performance can be realized by providing a uniform method for the exchange of information between directories. The objective of USGold and other government directories is to provide information in a way that is easy to use, maintainable, accurate, and fast. Federal agencies are encouraged to interconnect their directory systems to USGold to achieve this critical directory capability.
Gateways
The Government has experienced incidents of gateways corrupting or losing attachments and messages during transmission. This problem is intolerable for business transactions. The reasons for these lost or corrupted attachments are varied. One reason is that some e-mail systems use different forms of attachment identifiers. Another reason may be that additional attachment typing information may consist of filenames or other file-heading information that causes the files to be corrupted or lost. Files may be lost or corrupted when two e-mail systems support binary data passage, but do not support the conveyance of Object Linking Embedding (OLE) in the same manner.
Gateway performance is an external issue that must be solved with the help of the vendor community. Many of the gateway interoperability problems have been resolved by integrating the gateway with a server product that fully incorporates the function of a gateway. Careful evaluation of the underlying need for the gateway and ensuring the system is configured to meet interoperability requirements is critical.
Summary
Although the federal government widely uses e-mail to conduct daily business, several issues must be resolved before messaging will support governmentwide business quality communications. This article suggests several areas where improvements are needed. Generally, the issues can be summarized in three categories:
Education—Many of the problems that users experience with e-mail stem from a basic lack of knowledge about how e-mail works. By educating users about how to work with e-mail more effectively, agencies can mitigate issues such as blocked file attachments and incomprehensible error messages. In addition, users would benefit from an agency-wide or government-wide e-mail help desk, to assist users with common problems.
Interoperability—To the industry's credit, basic e-mail interoperability has been achieved. The new challenge to industry is to continue to standardize features that are not currently addressed by standards. Important features such as proof of delivery notification and uniform attachment handling should be standardized to improve end-to-end service in a multi-vendor environment.
Infrastructure—Together, the Internet and internal government networks form the basis for a robust e-mail transport. Now that this part of the messaging system is in place, two additional infrastructure services need to be completed: a governmentwide directory system and the federal PKI.
This article discusses both internal issues, which agencies must resolve individually and collectively, and external issues, which require attention from the vendor community. Through a cooperative effort between e-mail system providers and staff responsible for managing the use of these systems, many of these issues can be resolved. Only by addressing all of these issues can the government realize a system that meets its next generation messaging requirements.