Technologies

Blockchain for e-Mail and Document Security


Abstract/Technology Overview

In most organizations, the e-mail represents on the one hand one of the most difficult to track attack vectors, and on the other hand both attachments and e-mail headers represent an invaluable source of proprietary information for both the traceability of mails, and company sensitive information in case of attachments. Those e-mails shouldn't get neither lost nor altered in any way.

E-mail systems are also being widely used for collection of IoT messages generated by devices, as well as for transactional e-mails sent or triggered by databases, e-commerce and CRMs. These e-mail flows are also subject to bounces, loss of information, alteration of timestamps, deletion or even mis-interpretation as attacks due to misconfigurations.

A legacy central storage for mail archiving represents a further source of attacks, forging, alteration and deletion of sensitive files, which in turn could become a violation of Data-Loss-Prevention policies.

Recently spreading malwares like Wannacry or Petya hit the e-mails after infecting users` workstations, and the losses caused by malicious encryption or deletion can be critical.

There is a need for irrefutable proof of existence of e-mail traffic and a need for immutability of content of e-mails and their attachments, before they get in contact with users' workstations, keeping them safe from social engineering attacks, spear-phishing, malware and ransomware.

This blockchain based concept is built on top of a Secure Email Gateway, by storing e-mails as transactions in a distributed ledger. So, the information is stored in different nodes at the same time and remains cryptographically immutable.


Technology Features, Specifications and Advantages

The product consists of an outer ring in the typical e-mail workflow architecture, of immutable archiving by feeding the blockchain with unaltered incoming and outgoing e-mails before they are being analyzed by our filtering software or other providers' software such as Office365, Proofpoint or Symantec.

We provide the source code for the blockchain nodes to the customer companies to add their own nodes to the private blockchain to increase trust among parties and service providers, hosted in whichever cloud they prefer,  be it private, hybrid or public.

The archiving User interface permits to view complete e-mails or only headers depending on granular permissions.

This way, we integrate a disruptive, innovative technology such as a private blockchain to enhance security and trust, avoid data loss, and address Data Loss Prevention (DLP) policies through the use of a distributed ledger of content hashes that make original e-mails and their sequence of arrival immutable. Storing the same data in different participating computing nodes, and being the same data accepted by all the nodes through a consensus algorithm, is key to reduce the attack surface.


Potential Applications

As e-mail loss, rejection and alteration represent huge annual losses in both tampering of information and brand reputation, we expect this innovative solution backed by the Disitributed Ledger Technology and strong cryptography to be widely accepted by corporations. We expect also wide acceptance in the Industry 4.0 field covering IoT, as this same solution applies for device messaging in industrial environments, with or without message-to-mail gateways. In the area of transactional e-mails this is also an ideal solution for traceability and fraud prevention, as e-mails are being generated for transactions that need to be traced and signed digitally with strong cryptography. This means that the solution can be also applied to Supply Chain and Logistics operations, as many transactions in this field are also being supported by transactional e-mails or attached documents.


Customer Benefit

Recently spreading malwares like Wannacry or Petya hit the e-mails and attached documents after infecting users` workstations, and the losses caused by malicious encryption or deletion are hard to measure. Our solution saves incoming documents into a private Blockchain and makes them immutable by cryptographyc signatures, before they hit customers' workstations, thus keeping them safe from workstations' malware. In the IoT field, trusted timestamping and transactional messaging perservation is a fundamental process for checking and auditing industrial processes. In the Supply Chain, transactional e-mails and documents representing transactions are being kept safe from tampering, modification of loss.

There is a general need for irrefutable proof of existence of e-mail traffic and a need for immutability of e-mails, that traditional e-mail systems cannot provide , and thus the need for innovative technology.

There is a direct benefit in the area of corporate Data Loss Prevention, as all documents are being intercepted by our solution are being kept safe from malware encryption or deletion, without changing internal IT policies and procedures.

OVERVIEW
Contact Person

Carlos Alberto Horowicz

Organisation

Catalonia Trade and Investment

Technology Category
  • Enterprise & Productivity
  • Security & Privacy
Technology Readiness Level
  • TRL 4
Keywords

blockchain, secure e-mail gateway, distributed ledger technology, data-loss prevention, iot, trusted timestamping, transactional e-mail