1 An International Governmental Mailing System: A Requirement To Prevent Web-enhanced Terrorism Sérgio Tenreiro de Magalhães 1 , Henrique M. D. Santos 1 , Paulo Viegas Nunes 2 1 University of Minho Department of Information Systems Campus de Azurém 4800-058 Guimarães, Portugal {psmagalhaes, hsantos} @dsi.uminho.pt 2 Military Academy Research Center (CINAMIL) Military Academy Rua Gomes Freire 1169-203 Lisboa, Portugal pfv@net.sapo.pt Abstract: E-mail systems are essential, but they also provide terrorists with an opportunity to impersonate public officials and, with the legitimacy and authority of the alleged sender, obtain collaborations or spread misinformation in critical situations, where the urgent need to responses relegates identity confirmations to a lower priority. This paper presents an e-mail system architecture that uses Public Key Infrastructures and behavioural biometrics, namely Keystroke Dynamics, to guarantee that only their legitimate users use governmental domains, automatically confirm their identity and encript/decript messages exchanged between public officers. The biometric components of the system can also contribute to a distributed database destined to identify anonymous e-mail senders. Keywords: Security, biometrics, communications, e-mail architecture 1. Introduction The e-mail is now a common and fundamental tool for communication in which we depend on, but the most used protocols used to implement it are unsecured and do not guarantee neither the confidentiality of the message or the identity of the sender. The first can only be achieved by encryption techniques, well known but rarely implemented by common e-mail systems, while the later is not ensured at all. In fact, the normal procedure to identify the sender of the message is to identify the alleged e-mail of the sender, but neither the e-mail server nor the e-mail client verify even if that e-mail address exists. On the other hand, providing more services implies new risks and the webmail services are a good example of that. Computer network attacks can be considered as Electronic Means of Mass Disruption (Bayles: 2001) or even as Weapons of Mass Destruction (case of Russian Government Officials – 1995 - and of the Director of the USA’s National Security Agency - 1998) (Clemmons: 1999) and we know that some terrorist groups have been using the Internet to collect information on targets, to communicate between cells and to plan attacks. They are also using tools available online to disguise their identities and they can use it, for instance, to spread disinformation or to collect money (Thomas: 2003). For the time being we can expect some security only from more complex tools but, even then, we need that both users (sender and receiver) agree on the technology to be used and to do more then install it: to use it. If all this is achieved we still have a problem once those technologies for digital encryption and/or signature require a level of trust in the used certificates, which is often not suitable for use in official matters. While allowing users to send and receive messages on a browser without any previous configuration of an account, we are spreading the use of the e-mail technology but we are also allowing its use in public spaces that provide Internet access to their customers. These vulnerabilities provide terrorists with an opportunity to impersonate public officials and, with the legitimacy and authority of the alleged sender, obtain collaborations or spread misinformation in critical situations, where the urgent need to responses relegates identity confirmations to a lower priority.