CN101043512A - Electronic mail system - Google Patents

Electronic mail system Download PDF

Info

Publication number
CN101043512A
CN101043512A CN 200610024908 CN200610024908A CN101043512A CN 101043512 A CN101043512 A CN 101043512A CN 200610024908 CN200610024908 CN 200610024908 CN 200610024908 A CN200610024908 A CN 200610024908A CN 101043512 A CN101043512 A CN 101043512A
Authority
CN
China
Prior art keywords
mail
soap
client
web service
submodule
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN 200610024908
Other languages
Chinese (zh)
Inventor
曾慧鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huanda Computer Shanghai Co Ltd
Mitac International Corp
Original Assignee
Mitac International Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mitac International Corp filed Critical Mitac International Corp
Priority to CN 200610024908 priority Critical patent/CN101043512A/en
Publication of CN101043512A publication Critical patent/CN101043512A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The disclosed E-mail system comprises: a server, including a user proxy module with a Web Service container, a mail transmission proxy module, and a mail distribution proxy module; and a client. Wherein, the Web Service container comprises a main package sub-module, a mail transmission sub-module, a mail receiving sub-module, a mail decomposition sub-module, a user key management sub-module, an enciphering/deciphering sub-module, and some corresponding calling interfaces. This invention avoids repeated development, and has wide application, such as PC, palm PC, and mobile phone.

Description

A kind of e-mail system
Technical field
The present invention relates to Email (Email) system, especially mail user agent system.
Background technology
Along with the activity of people on network increases day by day, E-mail service is more and more important in daily life, a large amount of sensitive informations will be propagated on network, people are more and more higher to the facility and the safe requirement of E-mail service, mobile terminal device such as mobile phone that meanwhile intelligent degree is more and more higher, PDA(Personal Digital Assistant), palmtop PC (Pocket PC) etc. also incorporates people's life gradually, therefore people are also slowly presenting the demand of finishing E-mail service by these mobile devices, and it is significant how to allow Email User send and receive e-mail under various fixing or mobile environment.
E-mail system is mainly by mail user agent (MUA, Mail User Agent) module, mail transport agent (MTA, Mail Transportation Agent) module and mail distribution are acted on behalf of three main modular compositions such as (MDA, Mail Deliver Agent) module.Say simply, the mail user agent module directly with the final mailer user interactions, be responsible for mainly providing that mail is write, the mail transmission/reception interface, and finish that mail encapsulates, disintegration.The mail transport agent module is responsible for E-mail conveyance to destination host.The mail distribution proxy module is responsible for Email is saved in user's the mailbox, is directly and one of the subscriber mailbox part of coming into contacts with.
The way of realization of above-mentioned mail user agent module has determined directly which kind of form the end user can use E-mail service with.For example the Foxmail system of the Outlook Express system of Microsoft's exploitation and Mr.'s Zhang Xiaolong exploitation is exactly two kinds of mail user agent systems commonly used under form (Windows) operating system, and then there are the Thunderbird of Mozine company exploitation and the Eudora systems such as (OS X) of Qualcomm company exploitation in the representative mail user agent system under other operating systems such as Linux, Unix, Mac OS.
Therefore, by the practical E-mail service of different carriers, just need different mail user agent modules.For example, if send and receive e-mail by mobile phone, the mail user agent module that so must exploitation can on mobile phone, move, equally, send and receive e-mail by personal digital assistant, palmtop PC if wish, also will exploitation and the mail user agent module that adapts of personal digital assistant, palmtop PC, even on different personal computers, send and receive e-mail, the mail user agent module that adapts with the employed operating system of this personal computer also will be developed.Under these circumstances, on the one hand E-mail server is in order to provide E-mail service and to have at specific carrier and the different mail user agent module of operating system exploitation to the user under different environment, on the other hand, the end user also may be faced with to change and change the problem that the mail user agent module also has to have the knack of again, adapt to new operation interface after carrier and the operating system, and this brings some inconvenience all for E-mail server and Email end user.
The mail user agent module of conditional electronic mailing system mainly contains two kinds of mode of operations, i.e. application program (Application) pattern (hereinafter to be referred as the APP pattern) and webpage (WebMail) pattern.
The mail user agent module of APP pattern provides a client application, for example FoxMail, OutLook Express, this client application generally operates on the carrier of a platform independent, carrier such as personal computer, notebook for example, this personal computer communicates by network and e-mail server, by client and cooperating of e-mail server finishing E-mail service.Such client all need have complete function, respond advantage timely, energy off-line receiving and dispatching mail based on specific platform operation.For can with the mail transport agent module communication, the client of APP pattern must possess the function of the form that sender's mail is packaged into the standard mail message format according to the grammer of RFC (Request for Comments) 822 agreement defineds or the email message deblocking received can be discerned for the employed system of addressee, thereby makes that the e-mail messages of being received is finally shown with the form that the addressee can read.In addition, the client of APP pattern also must be observed SMTP (Simple Mail Transfer Protocol)/POP3 (Post Office ProtocolVersion 3)/IMAP4 (Internet Message Access Protocol Version 4) agreement, can normally carry out communication with the mail transport agent module by these protocol client application programs.
The webpage pattern does not then provide above-mentioned client application, but is directly signed in on the corresponding web page that E-mail server provides by web browser and and then used the E-mail service that e-mail server provided by the Email end user.The advantage of this pattern is that extensibility is good, E-mail server can upgrade above-mentioned various module easily, mail user agent module for example, do not need the participation of client, to the interference of client seldom, and to client computer, promptly the resource occupation of carriers such as the employed personal computer of end user, notebook is less.Its shortcoming is online (Online) to operate, and promptly the end user must be able to sign in on the e-mail server by the Internet, otherwise can't use above-mentioned E-mail service.Webpage pattern and above-mentioned APP pattern difference are that the webpage pattern separates presentation layer (Presentation Layer) and applied logic layer (Application Layer), as shown in Figure 1.Wherein, web browser and web page server have been formed presentation layer jointly, provide mail transmission/reception and reading interface to the user.With reference to the solid line part among the figure 1, it has described the flow process that sends an envelope Email under the webpage pattern, and dotted portion has then been described the flow process that receives an envelope Email under this pattern.Under the webpage pattern, the function of applied logic layer is to realize encapsulation, the decomposition of mail equally, and use agreement and mail transport agent module interactions such as SMTP, POP3, IMAP4, it is generally by the exploitation of dynamic web page development language, for example JSP (JavaServer Pages), PHP (Hypertext Preprocessor), ASP (ActivateService Page), CGI (Common Gateway Interface), CF common development language or implementation patterns such as (ColdFusion).
From the characteristics of the mail user agent module of above two kinds of patterns as can be seen, the mail user agent module of these two kinds of patterns is client/server structure (C/S in fact, Client/Server) and browser/server structure (B/S, Browser/Server) fusion of two kinds of technology, these two kinds of patterns are complementary on efficient and convenience, so traditional mail provider is all supported the mail user agent module of these two kinds of patterns simultaneously.
With reference to figure 2, traditional E-mail service, the client of existing application program type (C/S) has the client based on Web browser (B/S) again, Fig. 2 has shown that traditional mode merges the scheme of C/S and B/S, but this scheme only with data Layer part as sharing module, the applied logic layer has been selected independent realization, and this will bring following problem: reusability is poor: shared data layer only, and logical layer all needs design iterations; Poor reliability: the module design iterations easily causes the service logic disunity; Poor expandability: can't offer the interface that the third party develops client.
Simultaneously, we also can see, will realize the mail user agent module respectively under above-mentioned APP pattern and above-mentioned webpage pattern, in fact need to repeat to realize logic application layer, have caused the waste of code overlapping development and calculation resources.
The mode that the scheme that also has adopts DCOM or CORBA protocol access to constitute the middleware of business logic modules realizes the fusion of multi-client pattern, though these schemes have fully realized the thought of modular design, remedied the defective of simple superposition type scheme reusability difference, but DCOM only can be used for windows platform, CORBA then is not suitable for being used in the environment of loose coupling, and its binary-coded distributed system autgmentability is poor, the configuration difficulty.
Also having a kind of method is that self defined interface type scheme realizes merging, the agreement that principle is to use the XML language to define a kind of special use is consulted the communication of client and server, though this method has very strong flexibility,, realize very difficulty owing to too lack codes and standards.
Generally speaking, above-mentioned all implementations and method exist above-mentioned needs and repeat to realize logic application layer, are difficult to minimize the shortcomings such as workload of mail provider.Such implementation pattern can not adapt to the many application demands of the operating platform of the carrier of present numerous types, numerous types to E-mail service, therefore, is necessary to propose a solution the problems referred to above are solved.
Summary of the invention
Based on above-mentioned analysis to traditional mail user agent module, the invention provides a kind of mail user agent scheme based on Web Service (Web service), the defective that exists in its mail user agent module, the contradiction between the multi-platformization application demand at present conventional mail, mail user agent module to traditional E-mail service is improved, and strengthens its expandability and variation realization function.
A kind of e-mail system, comprise service end and client, described service end comprises the mail user agent module, mail transport agent module and mail distribution proxy module, all run on one or more e-mail servers, it is characterized in that, described mail user agent module is made up of a WebService container (Container), described Web Service container comprises mail encapsulation submodule, mail sends submodule, mail reception submodule and mail decompose submodule, described Web Service container also has some and above-mentioned mail and sends the calling interface that submodule and mail reception submodule are complementary, the request of using these interfaces Web Service container the email client that receives can be sent is transferred to corresponding module, the data of using these interfaces Web Service container also corresponding module can be sent simultaneously feed back to corresponding email client, and described mail sends submodule and communicates by these interfaces and in accordance with email protocol and described mail transport agent module.
Above-mentioned email client comprises App pattern and webpage pattern at least.
Above-mentioned mail encapsulation submodule, mail send submodule, mail reception submodule and mail and decompose the fundamental norms that submodule is all followed mail service, RFC821 agreement for example, it has defined the smtp protocol standard, and the RFC822 agreement, and it has defined the reference format of email message.Above-mentioned mail encapsulation submodule is responsible for encapsulating according to the requirement of the E-mail service standard content to the email message body, makes these contents meet the E-mail service standard and can further be transmitted.Above-mentioned mail decomposes submodule to be responsible for according to the requirement of E-mail service standard the content of email message body being resolved, and makes the content of Email to be discerned and further to be shown to Email User by the employed operating system of above-mentioned email client or other application program.Above-mentioned mail sends submodule and is responsible for sending agreement according to the Email of E-mail service normalized definition, for example smtp protocol and above-mentioned mail transport agent module interaction and finish the transmission of Email, above-mentioned mail reception submodule is responsible for receiving agreement according to the Email of E-mail service normalized definition, for example POP3 agreement and above-mentioned mail transport agent module interaction and finish the reception of Email.
The major function of above-mentioned Web Service container is as follows: management function, promptly Web Service assembly is registered, dispose, revise, nullify management, be Web Service assembly, for example above-mentioned mail encapsulation submodule, mail sends submodule, mail reception submodule or mail decompose submodule, interface is visited in generation outward, it is WSDL (WSDL, Web ServicesDescription Language) file, this document has been described effective method title and the parameter type that need use in these assemblies, number and order or the like, and wsdl document offered client downloads; The contact function, promptly provide HTTP to monitor at particular port, client only need be known its URL (unified resource location, Uniform Resource Locator) back just can connect with it and transmits SOAP (simple object access protocol by http protocol, Simple Object Access Protocol) package, this package are E-mail service standard packets defined and that be used in transmission, reception email process; Activate binding function, promptly after Web Service container receives the message of a certain functional unit of client call, can be responsible for activating corresponding assembly and bind it to client.
Characteristic based on above-mentioned Web Service itself, can generate corresponding WSDL language file at above-mentioned calling interface, the client developer of e-mail system can develop the client application that can adapt with e-mail system provided by the invention with comparalive ease with reference to above-mentioned language file, these client applications will be used for various carriers, equipment such as personal computer, mobile phone, palmtop PC for example, thereby the transmitting-receiving work that matches and finish Email with e-mail system provided by the invention.Equally, also can develop the serving web page that can adapt with e-mail system provided by the invention with comparalive ease, provide the E-mail service that adapts with e-mail system provided by the invention to the user by these with reference to above-mentioned language file.
After using above-mentioned e-mail system provided by the invention, edit the user and to finish a Email, press " transmission " button, then be sent to the service end of e-mail system provided by the invention at a SOAP package of this Email, the service end of described e-mail system is finished the process that sends a Email according to following steps:
Step 1, mail decomposition submodule is resolved above-mentioned SOAP package, extracts the relevant information of mail therewith, and these information is packaged into the mail body of standard by mail encapsulation submodule according to standard email;
Step 2, mail sends submodule above-mentioned Email is sent the mail transport agent module, and by the mail transport agent module this Email is sent by e-mail server.
In said process, Email User is by a carrier that is mounted with according to the client application of e-mail system provided by the invention exploitation, perhaps by according to the E-mail service webpage of e-mail system exploitation provided by the invention the SOAP package of described Email being sent to described e-mail system.These carriers comprise personal computer, notebook at least, can use the mobile phone of infinite network, and equipment such as personal digital assistant, palmtop PC.
Correspondingly, state e-mail system in the use after, arrive addressee's mailbox when an envelope Email after, the service end of e-mail system provided by the invention is handled according to following steps:
Step 1, the mail reception submodule receives Email;
Step 2, mail decomposition submodule is resolved above-mentioned Email, and obtains the pairing SOAP package of this Email.
After obtaining described SOAP package, then the user of Email just can read this e-mail messages by its employed carrier, clearly, the client application that these carriers also are mounted with according to e-mail system exploitation provided by the invention reads the SOAP package, and then Email content is shown to the user; Perhaps these carriers are to read Email by the E-mail service webpage of developing according to e-mail system provided by the invention, and at this moment, described serving web page is correspondingly finished aforesaid operations.
A kind of e-mail system, comprise service end and client, this service end comprises the mail user agent module, mail transport agent module and mail distribution proxy module, all run on one or more e-mail servers, it is characterized in that, described mail user agent module is made up of a Web Service container (Container), described Web Service container comprises mail encapsulation submodule, mail sends submodule, the mail reception submodule, mail decomposes submodule, and user key management submodule, the ciphering signature submodule, the decryption verification submodule, described Web Service container also has some and above-mentioned mail and sends the calling interface that submodule and mail reception submodule are complementary, and described mail sends submodule and communicates by these interfaces and described mail transport agent module.
Above-mentioned user key management submodule is responsible for the user's who uses cryptographic services identification code (ID) and public and private key are managed, and provides that the user registers, cancellation, private key is uploaded and the downloading public key service.Above-mentioned ciphering signature submodule is responsible for the data of sensitivity are encrypted and the signed processing of identification code (ID) according to transmitting-receiving side, and the decryption verification submodule is responsible for decrypt ciphertext and is obtained signer's information.
Under these circumstances, to call functions such as corresponding user key management submodule on the e-mail server, ciphering signature submodule, decryption verification submodule according to the client of above-mentioned e-mail system exploitation and finish encryption, decryption work, so that the transmission, the reception work that match and finish Email with e-mail system Email and user profile.
Above-mentioned e-mail system, it is characterized in that, described Web Service container also comprises ciphering signature message handling device and decryption verification message handling device, the ciphering signature message handling device is used for original SOAP information is encrypted, and the decryption verification message handling device is used for the SOAP information after encrypting is deciphered.
Because above-mentioned ciphering signature message handling device passes through public network at Email Information, for example the Internet is encrypted Email Information before transmitting, therefore, by the cooperation of ciphering signature message handling device and decryption verification message handling device, can ensure that Email content is not monitored and altered when communication link transmits.
Under these circumstances, client according to above-mentioned e-mail system exploitation also will possess the message handling device that is complementary with above-mentioned ciphering signature message handling device and decryption verification message handling device, so that the transmission, the reception work that match and finish Email with e-mail system.
After using above-mentioned e-mail system, edit the user and to finish a Email, press " transmission " button, then finish the process that sends a Email according to following steps jointly with the E-mail service end of the e-mail system exploitation of passing through according to the present invention according to the client of e-mail system exploitation provided by the invention:
Step 1, client is packaged into described Email content the raw requests soap message (SOAP package) that calls the ciphering signature Web service, send the ciphering signature message handling device of client terminal local to, this message handling device is encrypted and signature back generation ciphertext SOAP package with the mail body of this SOAP package;
Step 2, the ciphering signature message handling device of above-mentioned client sends to the described Web Service container that operates in the e-mail server with ciphertext SOAP package, received ciphertext SOAP package is by service end, the decryption verification message handling device that is Web Service container is done deciphering and checking processing, output raw requests SOAP package;
Step 3, the mail body portion of the Web service URL in the above-mentioned raw requests SOAP package, NameSpace and above-mentioned encrypted raw requests soap message is packaged into the result ciphering signature message handling device that response soap message returns to described Web Service container then by the ciphering signature Web service and with recipient's public key encryption;
Step 4, the ciphering signature message handling device of Web Service container carries out SOAP encryption and signature to above-mentioned response soap message, forms the cyphertext responses soap message, and this cyphertext responses soap message is sent to above-mentioned client;
Step 5, the decryption verification message handling device of client is resolved above-mentioned cyphertext responses soap message, obtains the encrypted Mail Contents that is included in response soap message;
Step 6, client are packaged into contents such as above-mentioned encrypted Mail Contents and article receiving and sending people address and send mail SOAP package, and the ciphering signature message handling device by client carries out ciphering signature again, form ciphertext and send mail SOAP package;
Step 7, the ciphering signature message handling device of above-mentioned client sends mail SOAP package with ciphertext and sends to described Web Service container, received ciphertext sends mail SOAP package and does deciphering and checking processing by the decryption verification message handling device of Web Service container, and output sends mail SOAP package;
Step 8, the transmission mail Web service that above-mentioned transmission mail SOAP package provides by service end is resolved this SOAP package and relevant information is packaged into the standard mail body according to standard email, and by e-mail server this mail body is sent.
The content of the SOAP package in above-mentioned steps one is expressly.
Ciphertext SOAP in above-mentioned steps one is that the POST request that is encapsulated as HTTP sends to described Web Service container again; Correspondingly, at Web Service container one end, from above-mentioned HTTP POST request, extract described ciphertext SOAP package again and continue processing.
In above-mentioned steps three, use recipient's public key encryption to carry out cryptographic operation and be based on that rivest, shamir, adelman finishes.These rivest, shamir, adelmans are PGP cryptographic algorithm.
Above-mentioned ciphering signature Web service, the Web service of transmission mail are by service end, be that the interior Web Service container of e-mail server provides, its request to every send Email generates a ciphering signature Web service accordingly, sends the mail Web service.
After according to said process Email being sent, the mail of Web Service container sends result that submodule will send mail and is packaged into soap message and returns to described client.
Above-mentioned client, perhaps the carrier of client application more precisely comprises mobile phone, palmtop PC, the personal digital assistant that can use wireless network, and personal computer, notebook computer etc.Operation is according to the client application or the assembly of e-mail system exploitation provided by the invention in these carriers.And these carriers also can be by the serving web page of visit according to e-mail system exploitation provided by the invention, and specifically finish aforesaid operations by these webpages, at this moment, these serving web pages that move and be presented on the described carrier serve as the role of the client of e-mail system provided by the invention.
After using above-mentioned e-mail system, after pressing " collecting mail " button the user or carrying out similar operations, finish the process that receives a Email according to following steps jointly according to the e-mail server and the client of e-mail system exploitation provided by the invention:
Step 1, client will be asked the relevant information of the mailbox of connection, IP address, user name password and the addresses of items of mail etc. that comprise mail server are packaged into the original request SOAP package that mails that is used to call the long-range Web service that mails, send the ciphering signature message handling device of client to, this message handling device carries out ciphering signature to this SOAP package and handles and generate the original request SOAP package that mails of ciphertext;
Step 2, the ciphering signature message handling device of above-mentioned client sends to the described Web Service container that operates in the e-mail server with the original request SOAP package that mails of ciphertext, the original request SOAP package that mails of received ciphertext does deciphering by the decryption verification message handling device of Web Service container and checking is handled, and exports the original request SOAP package that mails;
Step 3, the Web service that mails downloads to service end according to the information that the above-mentioned original request SOAP package that mails comprises with the associated mail body;
Step 4, mail Web service with the mail body message parse of downloading, form independently field, for example mail sender address, mail matter topics and content etc., and analysis result is packaged into the answer soap message, and the ciphering signature message handling device that this message returns to Web Service container carried out ciphering signature handle;
Step 5, the ciphering signature message handling device of Web Service container are encrypted above-mentioned answer soap message and are signed and handle the ciphertext answer soap message that the back generates, and this ciphertext answer soap message is returned to client;
Step 6, the decryption verification message handling device of client obtains replying soap message after above-mentioned ciphertext is replied soap message deciphering and checking, and it is resolved to independently e-mail information field, if these e-mail information field and unencryption, then can directly be shown to the user by client, this process finishes; Otherwise, change next step;
The password that step 7, above-mentioned e-mail information field and being used to obtain private key for user is packaged into the plaintext challenge soap message, and carries out ciphering signature by the ciphering signature Message Processing of client and form ciphertext plaintext challenge soap message;
Step 8, the ciphering signature message handling device of above-mentioned client sends to the described Web Service container that operates in the e-mail server with ciphertext plaintext challenge soap message, received ciphertext plaintext challenge SOAP package does deciphering by the decryption verification message handling device of Web Service container and checking is handled, and exports above-mentioned plaintext challenge soap message;
Step 9, decryption verification service that Web Service container provides use private key for user that the described e-mail information field in the above-mentioned plaintext challenge soap message is decrypted and verifies sender's signature, if checking do not pass through, and this procedure failure then; Otherwise commentaries on classics next step;
Step 10, above-mentioned e-mail information field are packaged into expressly soap message and carry out ciphering signature by the ciphering signature message handling device of WebService container and generate expressly soap message of ciphertext mail of mail;
Step 11, above-mentioned ciphertext mail expressly soap message are returned to client, and the decrypted signature message handling device of client is decrypted this soap message and obtains mail expressly soap message and the final mail original text that obtains.
Behind above-mentioned steps acquisition mail original text, this mail original text is shown to the user by client.
Service such as the long-range Web service that mails, decryption verification service is by service end, be that the interior Web Service container of e-mail server provides, its request to every receiving E-mail generates a long-range Web service that mails, decryption verification service etc. accordingly.
In above-mentioned steps five, the POST request that described ciphertext answer soap message is encapsulated as HTTP sends to described client again; Correspondingly, client is extracted described ciphertext answer soap message and is continued to handle from above-mentioned HTTP POST request.
Above-mentioned client comprises mobile phone, palmtop PC, the personal digital assistant that can use wireless network, and personal computer, notebook computer etc.Operation is according to the application program or the assembly of e-mail system exploitation provided by the invention in the client.And these clients also can be passed through the serving web page of visit according to e-mail system exploitation provided by the invention, and specifically finish aforesaid operations by these webpages.
Use the present invention, Email provider need not to change in original e-mail system other nucleus module, for example mail transport agent module and mail distribution proxy module, can avoid developing simultaneously the mail user agent module of above-mentioned two kinds of traditional modes, the present invention becomes Web Service assembly with the mail user agent module package, make that the client of e-mail system can be with variation, thin customization and extendible mode realize, can the service of two kinds of traditional modes even more other patterns be provided for the end user of mail with the cost of minimum, as its E-Mail service extension is arrived mobile phone, personal digital assistant, on the mobile wireless devices such as palmtop PC, and convenient upgrading in the future.
Finish on the basis of above-mentioned basic function, the present invention has also considered safety factor, simultaneously the email encryption module also is packaged into Web Service assembly, use encryption technology that e-mail system is upgraded, as use PGP (Pretty Good Privacy), S/MIME (multifunctional safety Email Extended Protocol, Secure Multipurpose Internet Mail Extensions) Email content is encrypted or signed, also can use up-to-date WSSE (Web service safety, WebService Security) technology, ensure that mail is not monitored and fabricated etc. in the link transmission process, thereby ensure the fail safe of some sensitive datas in the transmission way of calling in the Web process.
Simultaneously, the present invention has utilized the heterogeneous platform integration capability of Web Service fully, loose couplings, the standard agreement standardization, intact encapsulation and numerous enterprise technologys support, can guarantee that E-mail service is extended to various forms of user terminals according to client's demand more easily, make things convenient for client's use, and the while provides perfect guarantee in each link of safety, these ensure do not relate to safe intensity and and the safety-compliant of existing systems, be convenient to the cost of minimum existing mail server be carried out upgrading in actual applications.
Specifically, use e-mail system provided by the present invention, the beneficial effect that can produce is following at least listed:
The first, the communication capacity of striding fire compartment wall is outstanding, is convenient to issue.If application program has thousands of user, and be distributed in all over the world, the communication between the client and server will be a stubborn problem so, because have fire compartment wall or acting server between the client and server usually.In this case, use DCOM just very complicated, also be not easy to usually client-side program is published in each so huge user's hand of quantity.Traditional way is that selection as client, is write a lot of dynamic WEB pages with browser, and the intermediate layer of application program is exposed to the end user.The result who does like this is that the development amount is big, and program is difficult to safeguard.And by content of the present invention, then solve these problems effectively.
The second, to share by applied logic layer that will be the most complicated, presentation layer is only handled simple user interactive operation, and code is write workload and is therefore reduced in a large number and be convenient to and upgrade in the future.
The applied logic layer is mainly used in and carries out business data processing in enormous quantities, affairs support, large-scale configuration, information transmission and network service between presentation layer and data Layer.As shown in Figure 3, implementation based on WebService becomes independent sharable WebService by the function package with the applied logic layer, client is as long as realize the presentation layer function, the effective like this code repeatability that solved is developed, shortened the construction cycle, reduced the code complexity, can provide interface for third party's client developer by the mode that WSDL is provided, be easy to expansion, and can strengthen the maintainability of application program and the ability of the expansion of in the future upgrading, and a lot of large software manufacturers such as Microsoft, SUN, Borland etc. provide basic-level support for Web Service, and development can easily be finished in a looser environment.
From experience, have in the more mutual application program in a user interface and intermediate layer, use this structure of Web Service, can save flower development time of 20% in the user interface programming.By Web service the logic of application program and data " exposure " are come out, can also allow the client on other platform reuse these application programs.
The 3rd, based on the application client of Web service have good cross-platform, stride the development language characteristic.When the application program of exploitation enterprise-level, often all to integrate the various programs of being write as with different language, on different platform, move, and this integrated exploitation strength that will cost a lot of money.Application program often need for example be obtained data in the program on the IBM server from operating in main frame, perhaps data is sent in main frame or the unix application and goes.Even on same platform, the various softwares of different software manufacturers produce also usually need to integrate.By WebService, no longer difficult on the various platforms with the communication between the application of various language developments.
As seen from Figure 4, is profuse based on the application of Web service to the selection of presentation layer, this brings the benefit of two aspects for the exploitation of using, the variation of first client realizes, the operation platform of client computer can be any operating system on Unix or Linux or the Windows scheduling theory, and development language can be as any computer language on GNU C or JAVA or C++ or Pascal or the Perl scheduling theory; It two is the data interactions that can help heterogeneous platform to use, can be as the client with the JAVA exploitation under the Unix by Web service as Agent with in the client exchange data of windows platform, so various portable terminal and intelligent appliance also can will be joined to one another by Web service with the Delphi exploitation.
Description of drawings
Fig. 1 is the schematic diagram of the e-mail system of available technology adopting webpage pattern.
Fig. 2 is with the schematic diagram of the e-mail system solution after C/S and the B/S technological incorporation in the prior art.
Fig. 3 is the schematic diagram of e-mail system provided by the invention.
Fig. 4 is the system schematic of the first embodiment of the present invention.
Fig. 5 is the fundamental diagram of the ciphering signature message handling device in the second embodiment of the present invention.
Fig. 6 is the fundamental diagram of the decryption verification message handling device in the second embodiment of the present invention.
Fig. 7 is the system schematic of the third embodiment of the present invention.
Fig. 8 is the sequential chart that sends mail in the third embodiment of the present invention.
Fig. 9 is the sequential chart that receives mail in the third embodiment of the present invention.
Figure 10 is the system schematic of the fourth embodiment of the present invention.
Label declaration
1, e-mail system service end
11, mail user agent module
110 Web Service containers, 111 mails encapsulation submodule
112 mails send submodule 113 mail reception submodules
114 mails decompose submodule 115 ciphering signature message handling devices
116 decryption verification message handling devices
1101 WEB service 1111 sends service
1121 receive the service of service 1181PGP decryption verification
The service of 1191PGP ciphering signature
12, mail transport agent module 13, mail distribution proxy module
14, mailbox
2, remote mail server
3, carrier
315 ciphering signature message handling devices
316 decryption verification message handling devices
41, original soap message
411SOAP envelope 412SOAP mail body
41 ' ciphertext soap message
412 ' mail body ciphertext, 413 ' message header
42, cipher key store
Embodiment
With reference to figure 4, it has described the system schematic of the first embodiment of the present invention.In the present embodiment, the service end of e-mail system provided by the invention comprises mail user agent module 11, mail transport agent module 12 and mail distribution proxy module 13, mail transport agent module 12 and mail distribution proxy module 13 are by internet and the 4 mutual communications of remote mail server, mail user agent module 11 is made up of a Web Service container 110, container 110 also comprises mail encapsulation submodule 111, mail sends submodule 112, mail reception submodule 113 and mail decompose submodule 114, and mail sends submodule 112 by communicating with described mail transport agent module 12, and the E-mail address 14 on described mail reception submodule 113 and the mail server communicates.
With reference to figure 4, its solid line has partly been described the flow process that sends an envelope Email in of the present invention first implements.The end user is by carrier 3, mobile phone for example, notebook, personal digital assistant, carriers such as personal computer are by being installed in the client-side editing Email on these carriers and with the form of SOAP packets of information these Emails being sent to Web Service container 110, WebService container 110 encapsulates by 111 pairs of Emails of described mail encapsulation submodule after receiving these SOAP packets of information, sends submodule 112 by described mail again after the encapsulation this Email is sent to described mail transport agent module 12 and by it this Email is sent to remote mail server 2.
In above-mentioned encapsulation process, described mail encapsulation submodule 111 is followed existing Email standard, for example RFC822 agreement.In other similar embodiment, described mail encapsulation submodule 111 also can be followed self-defining Email standard, at this moment, relevant participant, for example FTP client FTP all will be followed described self-defining Email standard adaptably.
In above-mentioned process of transmitting, described mail transport agent module 12 is followed existing Email standard, for example the smtp protocol of working out in the RFC821 agreement.In other similar embodiment, described mail encapsulation submodule 111 also can be followed self-defining Email standard, at this moment, relevant participant, for example remote mail server 2 all will be followed described self-defining Email standard adaptably.
With reference to figure 4, dotted portion has been described the process that receives an envelope Email in the first embodiment of the present invention again.Email is also passed through the mailbox server 14 that mail transport agent module 12 and mail distribution proxy module 13 are sent to place, target email address by the described content of above-mentioned solid line part by remote email server 2.The end user is by carrier 3, for example carriers such as mobile phone, notebook, personal digital assistant, personal computer send the request that receives Email by the client that is installed on these carriers, corresponding request by described mail reception submodule 113 after treatment in the described mailbox server 14 with corresponding email download in above-mentioned carrier 3, decompose submodule 114 by described mail then Email shown.
With identical shown in the solid line of Fig. 4 part, in above-mentioned receiving course, described mail decomposes submodule 114 and follows existing Email standard, for example RFC822 agreement equally.In other similar embodiment, described mail decomposes submodule also can follow self-defining Email standard.
In second embodiment of the present invention, except the assembly described in above-mentioned first embodiment, also comprise user key management submodule, ciphering signature submodule, decryption verification submodule and (SOAP) ciphering signature message handling device 115 and (SOAP) decryption verification message handling device 116.In the present embodiment, described ciphering signature submodule and decryption verification submodule are followed the PGP cryptographic protocol.And in other embodiments, described ciphering signature submodule and decryption verification submodule also can be followed other cryptographic protocol.Described ciphering signature submodule is responsible for the data of sensitivity are encrypted and the signed processing of identification code (ID) according to transmitting-receiving side, and the decryption verification submodule is responsible for decrypt ciphertext and is obtained signer's information.Known data with reference to relevant PGP cryptographic protocol can be understood the operation logic of described user key management submodule, ciphering signature submodule, decryption verification submodule, for example can be with reference to " the OpenPGP Message Format.RFC2440 " of Callas J., L.Donnerhacker, H.Finney and R.Thayer collaboration, so do not repeat them here.
With reference to figure 5, it has described the fundamental diagram of ciphering signature message handling device 115 in the second embodiment of the present invention.With reference to figure 5, its described an original soap message 41 through be converted to behind the described ciphering signature message handling device 115 new, an encrypted ciphertext soap message 41 ' process.Carrier 3 use on it client according to above-mentioned process editor finish Email and send after, then client sends to described mail user agent module 11 with an original soap message 41, and 115 pairs of these the original soap messages 41 of described ciphering signature message handling device in the mail user agent module 11 are handled.In the present embodiment, described original soap message 41 comprises SOAP envelope 411 and SOAP mail body (Body) 412, there is no soap message head (Header) element.Described ciphering signature message handling device 115 uses the Hash function that the mail body 412 of original soap message 41 is made a summary, the private key that takes out the sender from cipher key store 42 is encrypted the generation signed data to described mail body 412 then, again with symmetric key (being generally AES128) ciphering signature data that generate at random and mail body 412 just generated mail body ciphertext 412 '.Next symmetric key has generated the key ciphertext with the certificate of server end after encrypted, at last data such as signing messages, cryptographic algorithm, client certificate are encrypted according to XML and the standard packaging of signature become ciphertext soap message 41 ' message header 413 '.At this moment, again with in the described original soap message 41 will envelope 411 and described mail body ciphertext 412 ' and above-mentioned message header 413 ' encapsulation back formation ciphertext soap message 41 '.
And be among other similar embodiment of present embodiment, described original soap message 41 also comprises soap message head (also not shown among the figure), at this moment, then described ciphering signature message handling device 115 still according to said process with this soap message head be converted to new soap message head 413 '.
In the present embodiment, the core of described ciphering signature message handling device 115 is that XML encrypts and the XML signature standard PKI mechanism that is based on the PKI certificate of use.Ciphering signature message handling device 115 is equivalent to a passage between email client and web service server, be used for encrypting with other processor coupling and to SOAP information, its integrality to the PGP ciphering signature has been done important leverage, has avoided in intermediate links the appearance with the relevant cleartext information of key.
With reference to figure 6, it has described the operation principle of decryption verification message handling device among second embodiment of the present invention.With reference to figure 5, Fig. 6, content shown in Figure 6 is opposite with content shown in Figure 5, and described decryption verification message handling device 116 is original soap message 41 with ciphertext soap message 41 ' decipher.Described decryption verification message handling device 116 from ciphertext soap message 41 ' message header 413 ' extraction symmetric key ciphertext, private key deciphering with one's own side obtains the employed symmetric key of original encryption, again with this secret key decryption ciphertext soap message 41 ' the mail body in mail body ciphertext 412 ' the obtain mail body 412 of original soap message 41, with the mail body 412 of resulting original soap message 41 and be included in ciphertext soap message 41 ' in and the envelope 411 of the original soap message 41 of unencrypted merge and form original soap message 41, at last with the PKI of the client of above-mentioned carrier 3 to ciphertext soap message 41 ' in signature verify, if be proved to be successful then the mail body 412 of the original soap message 41 that decryption verification message handling device 116 just will obtain is used for calling the relevant Web service.
With reference to figure 7, it has described the system schematic of the third embodiment of the present invention.Mail transport agent module 12 and mail distribution proxy module 13 and mailbox 14 have been formed mail server jointly, the E-mail service that mail server 14 and described mail user agent module 11 provide the 3rd embodiment of e-mail system provided by the invention to be provided again jointly, it cooperates with mail transport agent module 12, mail distribution proxy module 13 and remote mail server 2 finishes the E-mail receiver/send function.The end user is by carrier 3, for example equipment such as mobile phone, personal computer, notebook, personal digital assistant, palmtop PC are brought in use e-mail system provided by the invention as the client of electronic mail service system, client applications of the with good grounds e-mail system exploitation provided by the invention of operation in these carriers 3.And in similar embodiment, above-mentioned carrier 3 also can be finished aforesaid operations according to the E-mail service webpage of e-mail system exploitation provided by the invention by visit.
In the present embodiment, described remote mail server 2 also is the e-mail server according to e-mail system exploitation provided by the invention, configuration.And with present embodiment similarly among other embodiment, described remote mail server 2 also can be the e-mail server of other form of providing according to prior art, this does not influence flesh and blood of the present invention.
With reference to figure 7, in the present embodiment, described mail user agent module 11 comprises SOAP ciphering signature message handling device 115, SOAP decryption verification message handling device 116, mail user agent module 11 can provide services such as WEB service 1101, PGP ciphering signature service 1191, transmission service 1111 to the request of each send Email simultaneously, and provides services such as WEB service 1101, PGP decryption verification service 1181, reception service 1121 to each request that receives Email.
With reference to figure 7, in the present embodiment, it comprises SOAP ciphering signature message handling device 315 and SOAP decryption verification message handling device 316 to described carrier 3 as client, wherein, SOAP ciphering signature message handling device 315 is similar with the SOAP ciphering signature message handling device 115 in the described mail user agent module 11, and described SOAP decryption verification message handling device 316 is similar with the SOAP decryption verification message handling device 116 in the described mail user agent module 11.
With reference to figure 7, solid arrow has wherein also been described the flow sequence that each part is handled Email, and dotted arrow has also been described the logic call relation to user transparent.
Compare with the first embodiment of the present invention that Fig. 4 describes, the described third embodiment of the present invention of Fig. 7 has increased following modules newly and strengthened safety in the invention scheme: (1) Mail Clients has increased SOAP ciphering signature message handling device 315 and SOAP decryption verification message handling device 316, is respectively applied for the ciphering signature and the decryption verification of SOAP processing; (2) Web service end, promptly described mail user agent module 11 1 ends have correspondingly increased SOAP decryption verification message handling device 116 and SOAP ciphering signature message handling device 115, respectively the decryption verification and the ciphering signature of SOAP processing; (3) Web service end, promptly described mail user agent module 11 1 ends have increased ciphering signature and the decryption verification that two Web services realize PGP newly, are used for the safety of certified mail content.
With reference to figure 7, in the present embodiment, logically, the mail user agent module 11 that is packaged into Web service mainly provides four services: Email sends service 1111, Email receives service 1121, the service 1191 of PGP ciphering signature and PGP decryption verification service 1181, and email client can call these four services separately and send, receives, signs and decipher Mail Contents.
With reference to figure 8, the Email process of transmitting that it has described a complete realization in third embodiment of the present invention SOAP safety and PGP encrypts.With reference to figure 7, Fig. 8, it has also described the complete procedure that sends an envelope Email jointly:
(1) end user's fill data, be that the user passes through carrier, for example equipment such as mobile phone, personal digital assistant, notebook or personal computer are in user interface, can be Web interface or Application Program Interface, fill in mail and send relevant data, comprise sender address, address of the addressee, mail matter topics and Mail Contents.
(2) send mail, be that Mail Contents that the Web interface that provides of E-mail server or the application program on the employed carrier of end user provide the user is packaged into and calls the soap message that the PGP cryptographic protocol is encrypted, at this moment SOAP package content is expressly, the destination of its transmission is the message handling device of client terminal local, and the mail body of SOAP package is encrypted in message handling device generates the new SOAP package that comprises ciphertext then with signature.
(3) send ciphertext SOAP package, promptly, application program on Web interface that E-mail server provided or the employed carrier of end user sends the POST request that ciphertext SOAP package is packaged into HTTP again by the HTTP transport module, and the destination is Web service container, i.e. server end.Described Web service container receives after the HTTP POST request that the message handling device that will ciphertext SOAP package wherein extracts and transfer to service end is done deciphering and checking is handled, output raw requests SOAP package.
(4) call the PGP cryptographic protocol and carry out ciphering signature, be described Web service container can obtain the Web service of original SOAP request by the envelope information of resolving encryption SOAP package URL and NameSpace, the mail body that adds the original soap message that encrypts just can call that PGP encrypts and the Web service of signature function, and the work of this Web service is exactly original SOAP to be wrapped interior Mail Contents then the result is packaged into response soap message with debit's PGP public key encryption and beams back.
(5) send the Mail Contents that PGP encrypts, that is, encapsulated SOAP through the Mail Contents of PGP ciphering signature service processing and replied message handling device that message is sent to service end and carry out that SOAP encrypts and signature, the same step of process (2).
(6) send ciphertext SOAP package, that is, described Web service container sends the POST request that ciphertext SOAP package is packaged into HTTP again, and the destination is a client.Described client receives after the HTTP POST request that the message handling device that will ciphertext SOAP package wherein extracts and transfer to client is done deciphering and checking is handled, the output response soap message.
(7) obtain mail PGP ciphertext, that is, client is resolved the response soap message of the Mail Contents that is packaged with the PGP encryption that export from the message manager of client, process PGP ciphering signature service generation, obtains the PGP ciphertext of mail.
(8) send mail, to be client with the PGP ciphertext of the theme of article receiving and sending people address, mail server IP, user cipher and mail and the Mail Contents just received be packaged into sends mail SOAP bag, and the message handling device of transferring to client then carries out ciphering signature.
(9) send the SOAP ciphertext, promptly client sends the ciphertext SOAP package of crossing through the client message processor processing, and 2. this process carries out according to above-mentioned steps.
(10) call the transmission mail service, that is, above-mentioned ciphertext SOAP package obtains original e-mail transmission soap message through the message handling device decryption verification of described service end, and uses the transmission mail Web service of this message call service end.
(11) send mail to mail server, promptly, the Web service of above-mentioned transmission mail is resolved mail automatically and is sent soap message, therefrom extract all information relevant with mail, then these information are become the mail body of standard according to the standard packaging of RFC822, last and mail server is communicated by letter with smtp protocol and also the mail body is sent.
(12) notice sends the mail result, and the result that the Web service of promptly above-mentioned transmission mail will send mail is packaged into soap message and directly returns to client.
In above-mentioned steps (1), if connect for the first time, the user also will provide the mail server address and be used for doing the user and the password of ESMTP checking.Certainly, in other embodiments, also the mail server address can be made as a mail server of acquiescence.
In above steps, described cryptographic protocol also can be other cryptographic protocol beyond the PGP cryptographic protocol, S the MIME agreement.
In above-mentioned steps (12), described transmission results messages is owing to not necessarily needing encryption, so this step is not carried out ciphering signature by message handling device.For the fail safe of higher level, this step is still carried out ciphering signature by message handling device and is handled but in certain embodiments.
With reference to figure 9, it has been described, and the user collects a process through the Email of SOAP safety and PGP encryption in the third embodiment of the present invention.With reference to figure 7, Fig. 9, it has also described the complete procedure that receives an envelope Email jointly, and its step is as follows:
(1) request mails, be that the user passes through carrier, for example equipment such as mobile phone, personal digital assistant, notebook or personal computer are in user interface, can be Web interface or Application Program Interface, the mailbox message that the input request connects, comprise IP address, user name password and the addresses of items of mail of mail server, these information are packaged into the SOAP package that calls long-range reception Web service then, and next this package is sent to the local message processor and does ciphering signature and handle.
(2) send ciphertext SOAP package, be that Web interface or the application program on the employed carrier of end user that E-mail server provides asked interior the transmission by the HTTP transport module with the POST that ciphertext SOAP package is encapsulated in a HTTP, the destination is Web service container (server end).Described Web service container receives after the HTTP POST request that the message handling device that will ciphertext SOAP package wherein extracts and transfer to service end is done deciphering and checking is handled, the soap message that the output raw requests mails.
(3) call the service of mailing, promptly above-mentioned original soap message can call the service of mailing after being resolved by Web service, and the information in the soap message is called corresponding method as real ginseng.
(4) obtain mail from mail server, the promptly above-mentioned service of mailing connects the respective mail server according to the parameter that provides in the soap message, use email protocol, i.e. POP3 agreement downloads to service end with the email message that encapsulates according to RFC822 of standard.
(5) send the soap message comprise e-mail messages, the promptly above-mentioned Web service that mails is field independently with the mail body message parse downloaded, as mail sender address, mail matter topics and content etc.Then these fields are packaged into the answer soap message, at last it are given service end message handling device ciphering signature.
(6) send the SOAP ciphertext, that is, the message handling device of service end is encrypted the soap message in the step (5) and is signed and newly-generated SOAP ciphertext package then returned to client by the TCP/IP network by the HTTP encapsulation after handling.
(7) resolve the SOAP ciphertext, the remailer that is client obtains the middle SOAP bag of constructing of step (5) to SOAP decrypt ciphertext and the verification operation that sends in the step (6), then it is resolved to independently e-mail information field, if mail is not encrypted and signature through PGP, the user just can directly see the content of mail from user interface so, if encrypted through PGP, the user only can see the BASE64 character of PGP ciphertext, and next the user just also needs to call the original text that the PGP decryption services obtains mail.
(8) SOAP that sends request deciphering PGP ciphertext asks, and promptly above-mentioned PGP ciphertext is packaged into the SOAP request message separately, and this message comprises the protection password of obtaining user PGP private key simultaneously.
(9) to the soap message ciphering signature, the same step of its process (2).
(10) call the service of PGP decryption verification, to the same step of decryption verification process (3) of above-mentioned SOAP ciphertext, the PGP decryption services is decrypted and verifies sender's signature with user's private key to the PGP ciphertext in the soap message after resolving.
(11) send mail original text soap message: the mail original text is packaged into soap message transfers to the message handling device of service end and carry out ciphering signature and handle.
(12) send SOAP ciphertext, the same step of process (2).
(13) deciphering obtains mail original text soap message, and the same step of this decrypting process (7) obtains the mail original text, at last it is transferred to the UI module and is shown to the user.
Email protocol in the above steps also can be other agreement except that POP3, and different email protocols does not influence flesh and blood of the present invention.
With reference to Figure 10 the fourth embodiment of the present invention has been described.With reference to Figure 10, in the present embodiment, e-mail system provided by the invention is by mail server side, and mail user agent (MUA) Web service end and client three parts are formed.Described client comprises user interface and soap message processor (ciphering signature message handling device and decryption verification message handling device); Described mail user agent Web service end comprises package assembly, sending assembly, receiving unit, separates pack assembly, PGP ciphering signature submodule, PGP decryption verification submodule and soap message processor (ciphering signature message handling device and decryption verification message handling device); Described mail server side S MIME agreement comprises mail transport agent module, mail distribution proxy module (not shown) and mailbox.
In the present embodiment, above-mentioned mail server side runs in the mail server, the server produced of Cisco company for example, and above-mentioned mail user agent (MUA) Web service end runs in the station server.And in other embodiments, above-mentioned mail server side also can run in many mail servers, and in fact, this distributed server farm is embodiment more common in the practical operation.Similarly, mail user agent (MUA) Web service end also can run in the multiple servers.Simultaneously, those skilled in the art also is appreciated that, above-mentioned mail server side and above-mentioned mail user agent (MUA) Web service end also can run in same the mail server, this does not influence flesh and blood of the present invention, and those skilled in the art can be understood this and realizes according to prior art and known data.
With reference to Figure 10, described client communicates by ICP/IP protocol and described mail user agent Web service end; Described mail user agent Web service end communicates by ICP/IP protocol and described mail server side.
In the present embodiment, described ciphering signature submodule is followed the PGP agreement and is encrypted standard.The core that PGP encrypts is the asymmetric encryption system, and concrete data can be with reference to " the OpenPGP Message Format.RFC2440 " of Callas J., L.Donnerhacker, H.Finney and R.Thayer collaboration.
In other embodiments, described ciphering signature submodule also can be followed other agreements, for example as S the MIME agreement.
In the present embodiment, described client can be accomplished in several ways.With reference to Figure 10, the end user can be Web user, promptly the Web interface that provides by login mail service merchant edit, send Email or receive Email, in the present embodiment, the mail service merchant provides described Web the interface by tomcat.With reference to Figure 10, the end user also can be a personal computer user, it is edited by being installed in the application program according to e-mail system provided by the invention exploitation on the personal computer, send Email or receive Email, in the present embodiment, described application program is to use the exploitation of Delphi developing instrument.With reference to Figure 10, the end user also can be the cellphone subscriber, it is edited by being installed in the application program according to e-mail system provided by the invention exploitation on the mobile phone, send Email or receive Email, in the present embodiment, described application program is to use the J2ME too development.
And with present embodiment similarly among other embodiment, described end user also can pass through other carrier, for example equipment such as palmtop PC, personal digital assistant uses e-mail system provided by the invention, correspondingly, described user interface can also be the various types of interfaces by other too development.
The mode of the user-interface design of above-mentioned client is relevant with the form of specific client end, in main popular Windows in PC platform field and Linux two big operating systems, the exploitation that Delphi, VS.Net can the auxiliary routine interface is arranged under the windows platform, can use QT to carry out patterned software development under the Linux; User terminal J2ME at other embedded type is a good platform, and SUN company has issued up-to-date WTK2..2 software kit autumn in 2004 at present, for J2ME provides needed support facility more newly developed.
Those skilled in the art will appreciate that and use which kind of development platform or developing instrument not to influence flesh and blood of the present invention.In fact, according to summary of the invention provided by the invention, those skilled in the art can freely select development platform and developing instrument, and can make suitable variation on basis of the present invention.
By in the present embodiment as can be seen, owing to used e-mail system provided by the invention, the choice of client is very big, and E-mail server no longer needs overlapping development mail user agent module, thereby improved development efficiency widely, and improved service quality.
With reference to Figure 10, in the present embodiment, described mail user agent Web service end adopts Weblogic Server to serve as the backstage.And in other embodiments, mail user agent Web service end also can adopt other backstage service.
Exploitation at the Web service calling module of described mail user agent Web service end need be used the wsdl document that generates previously, the present function that has had a lot of IDE SDK (Software Development Kit) to have automatic parsing WSDL and generated the stub code of called Web service, stub code is one section can realize automatically that the presentation layer of client only needs to call these stub codes just can be realized the transparent of Web service called to the encapsulation of soap message and the program of parsing http protocol.
In the present embodiment, soap message and WSDL interface all are based on the XML language compilation, and this makes the exploitation of client of e-mail system provided by the invention become very flexible.With reference to Figure 10, client can be based on the software of any hardware platform, any operating system, any development language, and described mail user agent Web service end can not made any change because of the variation of client way of realization, comprises that realization is no exception on the wireless devices such as mobile phone and personal digital assistant.Above-mentioned characteristic also makes e-mail system provided by the invention directly to be used when application vector that in the future occurs upgrading or email protocol.
Equally, those skilled in the art also is appreciated that above-mentioned, and soap message and WSDL interface also can adopt other development language to be developed, and this does not influence flesh and blood of the present invention.In fact, along with the renewal of the transformation of development idea and developing instrument, development language, more and even more effective, more general development language all can be used in the embodiments of the invention.
Although foregoing invention content and embodiment all launch around e-mail system, but it will be appreciated by those skilled in the art that, technical scheme provided by the invention not only goes for e-mail system, but also go for the E-business applications of B2C type, network 114 inquiry services for example, the service of Help by Phone promptly is provided by network, and Network such as hotel reservation service, reservation service.
For example, in a reservation network service system, described by the foregoing invention content, the service that realizes the database of storage reservation related data is read and write according to Web Service standard exploitation at server end, the service that the ticket booking user is authenticated, to the service that predetermined air ticket request is handled, these serviced components are put into Web Service container and external service are provided.Then, described according to the foregoing invention content, corresponding WSDL interface is provided, and allow all sales of ticket to negotiate to borrow to help the WSDL interface to develop the reservation client-side program of oneself, like this, after client-side program exploitation is finished, the above-mentioned plane ticket booking service that the client who wishes predetermined air ticket just can provide by these client program calls server ends.With content class of the present invention seemingly because main function all provides at server end, so each sale of ticket merchant can finish the exploitation to customized customer end service routine like a cork, thereby improves development efficiency effectively.
Although the present invention is illustrated with aforesaid preferred embodiment, but the foregoing description is not to be used for limiting the present invention, any technical staff that this field is familiar with, enlightenment according to design philosophy of the present invention, concrete summary of the invention and embodiment, should various changes and adjustment, and by these changes with adjust resulting new content and should be contained by content of the present invention.

Claims (19)

1. e-mail system, comprise service end and client, described client is moved on variety carrier, described service end comprises the mail user agent module, is responsible for providing that mail is write, the mail transmission/reception interface, and finishes mail encapsulation, disintegration, and mail transport agent module and mail distribution proxy module, all run on one or more e-mail servers, it is characterized in that
Described mail user agent module is made up of a Web Service container,
Described Web Service container comprises mail encapsulation submodule, mail sends submodule, mail reception submodule and mail and decomposes submodule, and
Described Web Service container also has some and above-mentioned mail and sends the calling interface that submodule and mail reception submodule are complementary, use these interfaces to make Web Service container to carry out communication, and described mail transmission submodule communicate by these interfaces and in accordance with email protocol and described mail transport agent module with the client of e-mail system.
2. a kind of e-mail system as claimed in claim 1 is characterized in that, described mail encapsulation submodule, mail send submodule, mail reception submodule and mail decomposition submodule and all follow the E-mail service agreement.
3. a kind of e-mail system as claimed in claim 2 is characterized in that, described E-mail service agreement is RFC821 agreement and RFC822 agreement.
4. a kind of e-mail system as claimed in claim 1 is characterized in that, described client comprises programming mode and webpage pattern.
5. a kind of e-mail system as claimed in claim 1 is characterized in that, described WebService container can generate the WSDL file, and this document can be downloaded and be used to develop the client of e-mail system.
6. a kind of e-mail system as claimed in claim 1 is characterized in that, after Email User sent to described service end by carrier with an Email, described service end was finished according to following steps and sent this Email:
Step 1, described mail are decomposed submodule the SOAP package are resolved, and extract the relevant information of mail therewith, and by described mail encapsulation submodule these information are packaged into the mail body of standard according to standard email,
Step 2, affiliated mail sends submodule above-mentioned Email is sent the mail transport agent module, and by the mail transport agent module this Email is sent by e-mail server;
And described service end is handled the Email that receives according to following steps:
Step 1, described mail reception submodule receives Email;
Step 2, described mail decomposition submodule is resolved above-mentioned Email, and obtains the pairing SOAP package of described Email.
7. as claim 1 or 6 described a kind of e-mail systems, it is characterized in that described carrier is a kind of in personal computer, palmtop PC, personal digital assistant, the mobile call equipment.
8. an e-mail system comprises service end and client, and described client is moved on variety carrier, described service end comprises mail user agent module, mail transport agent module and mail distribution proxy module, all run on one or more e-mail servers, it is characterized in that
Described mail user agent module is made up of a Web Service container,
Described Web Service container comprises mail encapsulation submodule, mail sends submodule, mail reception submodule, mail decomposition submodule, and user key management submodule, be responsible for the user's that uses cryptographic services identification code and public and private key are managed, the ciphering signature submodule, be responsible for according to the data of sensitivity are encrypted and the signed processing of the identification code of transmitting-receiving side, the decryption verification submodule is responsible for decrypt ciphertext and is obtained signer's information
Described Web Service container also has some and above-mentioned mail and sends the calling interface that submodule and mail reception submodule are complementary.
9. a kind of e-mail system as claimed in claim 8 is characterized in that, described carrier is a kind of in personal computer, palmtop PC, personal digital assistant, the mobile call equipment.
10. a kind of as claimed in claim 8 or 9 e-mail system, it is characterized in that described Web Service container also comprises the ciphering signature message handling device, be used for original SOAP information is encrypted, and the decryption verification message handling device, be used for the SOAP information after encrypting is deciphered.
11. a kind of e-mail system as claimed in claim 8 is characterized in that, described mail encapsulation submodule, mail send submodule, mail reception submodule and mail decomposition submodule and all follow the E-mail service agreement.
12. a kind of e-mail system as claimed in claim 11 is characterized in that, described E-mail service agreement is RFC821 agreement and RFC822 agreement.
13. a kind of e-mail system as claimed in claim 8 is characterized in that, described client comprises programming mode and webpage pattern.
14. a kind of e-mail system as claimed in claim 8 is characterized in that, described user key management submodule, ciphering signature submodule, decryption verification submodule move according to the PGP cryptographic algorithm.
15. a kind of e-mail system as claimed in claim 10 is characterized in that, described ciphering signature message handling device and decryption verification message handling device are encrypted according to XML and the operation of XML signature standard.
16. a kind of e-mail system as claimed in claim 8 is characterized in that, described Web Service container can generate the WSDL file, and this document can be downloaded and be used to develop the client of e-mail system.
17., it is characterized in that encryption, the decryption work to Email and user profile finished in the ciphering signature service of the described service end of described client call and the deciphering service for checking credentials as claim 8 or 13 described a kind of e-mail systems.
18. a kind of e-mail system as claimed in claim 10 is characterized in that, it sends an Email according to following steps:
Step 1, client is packaged into described Email content the raw requests soap message (SOAP package) that calls the ciphering signature Web service, send the ciphering signature message handling device of client terminal local to, this message handling device is encrypted and signature back generation ciphertext SOAP package with the mail body of this SOAP package
Step 2, the ciphering signature message handling device of above-mentioned client sends to the described Web Service container that operates in the e-mail server with ciphertext SOAP package, received ciphertext SOAP package is by service end, the decryption verification message handling device that is Web Service container is done deciphering and checking processing, output raw requests SOAP package
Step 3, the mail body portion of the Web service URL in the above-mentioned raw requests SOAP package, NameSpace and above-mentioned encrypted raw requests soap message is packaged into the result ciphering signature message handling device that response soap message returns to described Web Service container then by the ciphering signature Web service and with recipient's public key encryption
Step 4, the ciphering signature message handling device of Web Service container carries out SOAP encryption and signature to above-mentioned response soap message, forms the cyphertext responses soap message, and this cyphertext responses soap message is sent to above-mentioned client,
Step 5, the decryption verification message handling device of client is resolved above-mentioned cyphertext responses soap message, obtains the encrypted Mail Contents that is included in response soap message,
Step 6, client are packaged into contents such as above-mentioned encrypted Mail Contents and article receiving and sending people address and send mail SOAP package, and the ciphering signature message handling device by client carries out ciphering signature again, and form ciphertext and send mail SOAP package,
Step 7, the ciphering signature message handling device of above-mentioned client sends mail SOAP package with ciphertext and sends to described Web Service container, received ciphertext sends mail SOAP package and does deciphering and checking processing by the decryption verification message handling device of Web Service container, output sends mail SOAP package
Step 8, the transmission mail Web service that above-mentioned transmission mail SOAP package provides by service end is resolved this SOAP package and relevant information is packaged into the standard mail body according to standard email, and by e-mail server this mail body is sent;
And handle the Email receive according to following steps:
Step 1, client will be asked the relevant information of the mailbox of connection, IP address, user name password and the addresses of items of mail etc. that comprise mail server are packaged into the original request SOAP package that mails that is used to call the long-range Web service that mails, send the ciphering signature message handling device of client to, this message handling device carries out ciphering signature to this SOAP package and handles and generate the original request SOAP package that mails of ciphertext
Step 2, the ciphering signature message handling device of above-mentioned client sends to the described Web Service container that operates in the e-mail server with the original request SOAP package that mails of ciphertext, the original request SOAP package that mails of received ciphertext does deciphering by the decryption verification message handling device of Web Service container and checking is handled, export the original request SOAP package that mails
Step 3, the Web service that mails downloads to service end according to the information that the above-mentioned original request SOAP package that mails comprises with the associated mail body,
Step 4, mail Web service with the mail body message parse of downloading, form independently field, for example mail sender address, mail matter topics and content etc., and analysis result is packaged into the answer soap message, and the ciphering signature message handling device that this message returns to Web Service container is carried out ciphering signature handle
Step 5, the ciphering signature message handling device of Web Service container are encrypted above-mentioned answer soap message and are signed and handle the ciphertext answer soap message that the back generates, and this ciphertext answer soap message is returned to client,
Step 6, the decryption verification message handling device of client obtains replying soap message after above-mentioned ciphertext is replied soap message deciphering and checking, and it is resolved to independently e-mail information field, if these e-mail information field and unencryption, then can directly be shown to the user by client, this process finishes; Otherwise, change next step,
The password that step 7, above-mentioned e-mail information field and being used to obtain private key for user is packaged into the plaintext challenge soap message, and carries out ciphering signature by the ciphering signature Message Processing of client and form ciphertext plaintext challenge soap message,
Step 8, the ciphering signature message handling device of above-mentioned client sends to the described Web Service container that operates in the e-mail server with ciphertext plaintext challenge soap message, received ciphertext plaintext challenge SOAP package does deciphering by the decryption verification message handling device of Web Service container and checking is handled, export above-mentioned plaintext challenge soap message
Step 9, decryption verification service that Web Service container provides use private key for user that the described e-mail information field in the above-mentioned plaintext challenge soap message is decrypted and verifies sender's signature, if checking do not pass through, and this procedure failure then; Otherwise the commentaries on classics next step,
Step 10, above-mentioned e-mail information field are packaged into expressly soap message and carry out ciphering signature by the ciphering signature message handling device of WebService container and generate expressly soap message of ciphertext mail of mail,
Step 11, above-mentioned ciphertext mail expressly soap message are returned to client, and the decrypted signature message handling device of client is decrypted this soap message and obtains mail expressly soap message and the final mail original text that obtains.
19. a kind of e-mail system as claimed in claim 18 is characterized in that, described ciphering signature Web service, the Web service of transmission mail, the long-range Web service that mails, decryption verification service provide by the Web Service container of described service end.
CN 200610024908 2006-03-21 2006-03-21 Electronic mail system Pending CN101043512A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 200610024908 CN101043512A (en) 2006-03-21 2006-03-21 Electronic mail system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 200610024908 CN101043512A (en) 2006-03-21 2006-03-21 Electronic mail system

Publications (1)

Publication Number Publication Date
CN101043512A true CN101043512A (en) 2007-09-26

Family

ID=38808698

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 200610024908 Pending CN101043512A (en) 2006-03-21 2006-03-21 Electronic mail system

Country Status (1)

Country Link
CN (1) CN101043512A (en)

Cited By (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101179532B (en) * 2007-12-13 2011-06-22 腾讯科技(深圳)有限公司 Mail server system and mail distributing method
CN101778057B (en) * 2009-12-30 2012-01-04 东南大学 Method for achieving mail system based on converged communication
CN102333110A (en) * 2010-06-30 2012-01-25 丛林网络公司 Vpn network client for mobile device having fast reconnect
CN102413071A (en) * 2011-11-25 2012-04-11 中兴通讯股份有限公司 Extended mailbox server, system and extended mailbox service realization method
CN101453431B (en) * 2008-12-03 2012-04-18 广州博冠信息科技有限公司 Webpage e-mail sending method and system
CN103124231A (en) * 2013-02-18 2013-05-29 深圳市九洲电器有限公司 Method for forwarding mail and transit server
CN103188246A (en) * 2011-12-31 2013-07-03 上海格尔软件股份有限公司 Safe E-mail system
CN103188129A (en) * 2011-12-29 2013-07-03 盈世信息科技(北京)有限公司 E-mail encryption method, mail server and system
CN103326992A (en) * 2012-03-19 2013-09-25 阿里巴巴集团控股有限公司 Electronic notarization system and method for achieving trusted mailbox
CN103595714A (en) * 2013-11-08 2014-02-19 福建省视通光电网络有限公司 Method using WEB service channel to achieve data transmission
US8949968B2 (en) 2010-06-30 2015-02-03 Pulse Secure, Llc Multi-service VPN network client for mobile device
WO2015081695A1 (en) * 2013-12-03 2015-06-11 中国科学院声学研究所 Method of service synchronization and sharing and multi-device control in digital home
CN104734944A (en) * 2015-03-18 2015-06-24 重庆森格玛科技有限公司 Transmission method and device for electronic mail
CN105323254A (en) * 2015-11-23 2016-02-10 天津光电安辰信息技术有限公司 A mail encryption system based on a domestic commercial cipher code chip and an implementation method thereof
CN105407094A (en) * 2015-11-23 2016-03-16 广东数字证书认证中心有限公司 Method and device for improving safety of e-mail, safe e-mail agent system
US9363235B2 (en) 2010-06-30 2016-06-07 Pulse Secure, Llc Multi-service VPN network client for mobile device having integrated acceleration
CN103188246B (en) * 2011-12-31 2016-12-14 上海格尔软件股份有限公司 Safe e-mail system
CN106339362A (en) * 2016-08-31 2017-01-18 同方鼎欣科技股份有限公司 Large file encapsulation and analytical check method and system for archival information package
CN106502679A (en) * 2016-10-30 2017-03-15 合肥微匠信息科技有限公司 A kind of management system configured based on embedded software developing
CN108134674A (en) * 2017-12-07 2018-06-08 北京科技大学 A kind of E-mail authentication method and system based on group cipher system
CN108432211A (en) * 2015-10-26 2018-08-21 空中食宿公司 Beam device framework
CN108769014A (en) * 2018-05-29 2018-11-06 山东九州信泰信息科技股份有限公司 A method of PGP verifications are carried out to Email based on block chain technology
US10142292B2 (en) 2010-06-30 2018-11-27 Pulse Secure Llc Dual-mode multi-service VPN network client for mobile device
CN110493010A (en) * 2019-09-24 2019-11-22 南京邮电大学 Mailing system and receiving/transmission method based on Quantum Digital Signature Research
CN111541603A (en) * 2020-04-20 2020-08-14 江苏大周基业智能科技有限公司 Independent intelligent safety mail terminal and encryption method
CN112104544A (en) * 2020-09-08 2020-12-18 紫光云(南京)数字技术有限公司 Method and device for sending dynamic mail based on Freemarker
CN113709158A (en) * 2021-08-27 2021-11-26 国网安徽省电力有限公司池州供电公司 Safety e-mail authentication method based on PKI
CN114157629A (en) * 2021-10-29 2022-03-08 中国建设银行股份有限公司 Mail distribution method, device, equipment and medium

Cited By (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101179532B (en) * 2007-12-13 2011-06-22 腾讯科技(深圳)有限公司 Mail server system and mail distributing method
CN101453431B (en) * 2008-12-03 2012-04-18 广州博冠信息科技有限公司 Webpage e-mail sending method and system
CN101778057B (en) * 2009-12-30 2012-01-04 东南大学 Method for achieving mail system based on converged communication
US8949968B2 (en) 2010-06-30 2015-02-03 Pulse Secure, Llc Multi-service VPN network client for mobile device
CN102333110A (en) * 2010-06-30 2012-01-25 丛林网络公司 Vpn network client for mobile device having fast reconnect
US10142292B2 (en) 2010-06-30 2018-11-27 Pulse Secure Llc Dual-mode multi-service VPN network client for mobile device
US9363235B2 (en) 2010-06-30 2016-06-07 Pulse Secure, Llc Multi-service VPN network client for mobile device having integrated acceleration
CN102333110B (en) * 2010-06-30 2014-10-15 丛林网络公司 VPN network client for mobile device having fast reconnect
CN102413071A (en) * 2011-11-25 2012-04-11 中兴通讯股份有限公司 Extended mailbox server, system and extended mailbox service realization method
CN103188129A (en) * 2011-12-29 2013-07-03 盈世信息科技(北京)有限公司 E-mail encryption method, mail server and system
CN103188129B (en) * 2011-12-29 2016-12-14 盈世信息科技(北京)有限公司 A kind of E-mail encryption method, mail server and system
CN103188246A (en) * 2011-12-31 2013-07-03 上海格尔软件股份有限公司 Safe E-mail system
CN103188246B (en) * 2011-12-31 2016-12-14 上海格尔软件股份有限公司 Safe e-mail system
CN103326992B (en) * 2012-03-19 2016-05-11 阿里巴巴集团控股有限公司 A kind of for realizing the electronics notarization system and method for trusted mailbox
CN103326992A (en) * 2012-03-19 2013-09-25 阿里巴巴集团控股有限公司 Electronic notarization system and method for achieving trusted mailbox
CN103124231A (en) * 2013-02-18 2013-05-29 深圳市九洲电器有限公司 Method for forwarding mail and transit server
CN103595714A (en) * 2013-11-08 2014-02-19 福建省视通光电网络有限公司 Method using WEB service channel to achieve data transmission
WO2015081695A1 (en) * 2013-12-03 2015-06-11 中国科学院声学研究所 Method of service synchronization and sharing and multi-device control in digital home
CN104734944A (en) * 2015-03-18 2015-06-24 重庆森格玛科技有限公司 Transmission method and device for electronic mail
CN108432211A (en) * 2015-10-26 2018-08-21 空中食宿公司 Beam device framework
CN105407094A (en) * 2015-11-23 2016-03-16 广东数字证书认证中心有限公司 Method and device for improving safety of e-mail, safe e-mail agent system
CN105323254A (en) * 2015-11-23 2016-02-10 天津光电安辰信息技术有限公司 A mail encryption system based on a domestic commercial cipher code chip and an implementation method thereof
CN106339362B (en) * 2016-08-31 2019-09-24 同方鼎欣科技股份有限公司 A kind of big Document encapsulation method of archive information packet and client
CN106339362A (en) * 2016-08-31 2017-01-18 同方鼎欣科技股份有限公司 Large file encapsulation and analytical check method and system for archival information package
CN106502679A (en) * 2016-10-30 2017-03-15 合肥微匠信息科技有限公司 A kind of management system configured based on embedded software developing
CN108134674A (en) * 2017-12-07 2018-06-08 北京科技大学 A kind of E-mail authentication method and system based on group cipher system
CN108769014A (en) * 2018-05-29 2018-11-06 山东九州信泰信息科技股份有限公司 A method of PGP verifications are carried out to Email based on block chain technology
CN110493010A (en) * 2019-09-24 2019-11-22 南京邮电大学 Mailing system and receiving/transmission method based on Quantum Digital Signature Research
CN110493010B (en) * 2019-09-24 2022-03-15 南京邮电大学 Mail receiving and sending method of mail system based on quantum digital signature
CN111541603A (en) * 2020-04-20 2020-08-14 江苏大周基业智能科技有限公司 Independent intelligent safety mail terminal and encryption method
CN112104544A (en) * 2020-09-08 2020-12-18 紫光云(南京)数字技术有限公司 Method and device for sending dynamic mail based on Freemarker
CN113709158A (en) * 2021-08-27 2021-11-26 国网安徽省电力有限公司池州供电公司 Safety e-mail authentication method based on PKI
CN114157629A (en) * 2021-10-29 2022-03-08 中国建设银行股份有限公司 Mail distribution method, device, equipment and medium

Similar Documents

Publication Publication Date Title
CN101043512A (en) Electronic mail system
CN1672380A (en) System and method for checking digital certificate status
CN1717697A (en) System and method for compressing secure e-mail for exchange with a mobile data communication device
US8447969B2 (en) Transfer device for sensitive material such as a cryptographic key
CN1653764A (en) Method for transmitting and utilizing attachments
CN1855847A (en) Public and private network service management systems and methods
CN1751442A (en) System and method for compression of wireless applications expressed in a structured definition language
CN1685689A (en) Apparatuses, method and computer software products for controlling a home terminal
CN1799240A (en) Certificate information storage system and method
CN1653779A (en) System and method for supporting multiple certificate status providers on a mobile communication device
GB2418112A (en) Device providing encryption services for Internet fax machines
CN1539111A (en) Certificate management and transfer system and method
CN1608367A (en) Multiple-stage system and method for processing encoded messages
CN1565112A (en) System and method for processing encoded messages
CN1575579A (en) Selecting a security format conversion for wired and wireless devices
CN1701573A (en) Remote access vpn mediation method and mediation device
CN1812383A (en) System and method for provisioning component applications
CN101068164A (en) Alarm information noticing method, device and system
JP2009527047A (en) Communication and document management system and method
WO2015035907A1 (en) Databox system for data exchanges and service acquirement and sensing, and operation method thereof
CN1977559A (en) Method and system for protecting information exchanged during communication between users
CN106603388B (en) Mail sending, viewing and viewing control method and equipment thereof
CN1741525A (en) Media issuing system and method
CN113747375A (en) One-key acquisition system and method for third-party application user sensitive information in 5G message
EP1387239A2 (en) Secure messaging

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Open date: 20070926