QinetiQ

---

Developing a Secure Message Filter Module for QinetiQ

The Challenge

QinetiQ (formerly the Defence Evaluation and Research Agency) is Europe's leading science and technology organisation.

Research being undertaken by QinetiQ concerning the use of secure messaging in a military context identified a need for a reusable module to act as a Secure Message Filter Module (SMFM) within a mail guard solution.

The Solution

Fujitsu was awarded the initial contract to build the SMFM solution, using Public Key Infrastructure (PKI) techniques. Fujitsu was then awarded a further contract to develop a series of enhancements to the original system, to create an Enhanced Message Filter Module (EMFM), together with supporting functionality. The system, now known as PKCommunicate, provides the following security services:

• Filter a message component by whether it has been acceptably digitally signed or not
• Filter a message component by whether it has an acceptable protective label or not
• Return the protected (ie. digitally signed) content of the message component
• Digitally sign and label a message component
• Auditing of security-relevant events
• Encrypt and Decrypt messages.

These services are provided in the form of libraries to be used by messaging solutions, such as mail guards, or as source code for reuse.

The Benefits

The development of the PKCommunicate solution has enabled QinetiQ to achieve two important objectives:

• Encourage the construction of PKI products that have application in both defence and the commercial market place.
• Provide a comprehensive toolkit for QinetiQ to utilise as part of its Domain Security Research Program.

As a result, electronic messaging specialists NEXOR Ltd and NET-TEL Computer Systems Ltd are now incorporating PKCommunicate into mail guard demonstrators. In addition, Fujitsu has embedded the system within its Defence's Secure Domain Controller, to provide a demonstration of handling PCT messages within an X.400 secure messaging system, and QinetiQ is using the technology in a NATO demonstrator named MSDP (Messaging Security Demonstrator Programme).

The Implementation

Initially, the Fujitsu team produced the high-level and low-level system designs, which were agreed with QinetiQ, and then developed, implemented and tested the solutions against stringent acceptance criteria. To ensure portability the software is written using C and C++ programming languages, based on Internet standards and available for Windows NT and Sun Solaris operating systems. It requires no change to a company's email clients and works with existing email hosts such as Microsoft Exchange Server and UNIX Sendmail.

The PKCommunicate solution also follows public standards for PKI techniques and formats, in particular those of S/MIME v3.0, and also supports a military messaging standard, Protecting Content Type (PCT).

The Expertise

Fujitsu provided skilled staff who were able to work not only with the extremely complex standards and technologies that were inherent in the project, but also within the constraints of the project timescales set by QinetiQ. Fujitsu's close working relationship with QinetiQ and its highly skilled staff also helped to ensure that the solution was developed in line with QinetiQ's evolving requirements.