ESPACE Memo #1
D. P. Mitchell
ESPACE: Environment for Secure Public Assembly and Commercial Exchange
ESPACE is a project to explore certain advanced concepts in electronic communication service. The intent is to take a large step beyond electronic mail and electronic bulletin boards. We believe that a sort of “virtual space” can be created in which people carry out a variety of associations including mail, elections, signing of documents, contracts, and fund transfers.
Recent work in the area of cryptography has resulted in a number of very interesting algorithms for accomplishing these tasks, but these advanced algorithms have never been integrated into a system, and a model for such a system does not yet exist.
II. Related Work
British Telecom and three British universities are currently working on a project called COSMOS. This is a formal study of group communication. They are interested in issues like planning assistance, multi-media electronic mail, and active messages.
A collection of European universities is working on a project called AMIGO. This is also a formal study of group communications, geared primarily for office automation. They are heavily committed to the massive OSI message-handling and directory systems.
The ESPACE project differs considerably in intent. We are interested in the application of advanced cryptographic protocols, and we want to build a system with more general goals than office automation.
III. Public Assembly
Our model for organizing communication is based on the concept of a Group. A Group is more than a distribution list for mail or a bulletin-board discussion group. A Group can behave like a first-class communicator in ESPACE. It can receive messages, and it can send and sign messages.
The key concept is capability of signing messages, which then convey group authority. The way in which a group signs a message is determined by its Constitution. There may be a group leader who holds the official seal, an election may be required to generate a signature, etc.
A simple example of an application might be an electronic journal. People submit papers to an editor group. The editors vote on papers, and if paper is accepted, the editor’s signature validates it as an entry in the journal. Publication of the journal might be a completely separate process. Perhaps a journal group would exist simply as a publically readable mailbox which only accepts messages signed by the editors.
IV. Commercial Exchange
A number of standards for electronic fund transfers are forming now, mostly based on highly centralized algorithms which model electronic cheques or credit cards. These are important, but in addition there are interesting cryptographic which support the concept of unmarked cash. The service offered in that case is customer privacy. It is interesting that these electronic-cash algorithms offer a number of protections from fraud and black-marketing, while still preventing customers from divulging personal patterns of commerce.
Many distributed system contain the concept of “capability”, getting permission to access an object by showing a certificate. We think this can be extended easily to allow accounting by granting access permission in exchange for “cyberbuck” certificates.
One possible example of use for this would be to control message congestion in large popular bulletin boards. It is possible that user may have to pay to publish a message widely, and that they may (or may not) receive payment in return if the message is deemed useful by its readers. This is an example of a closed cyberbuck economy, where the currency only has meaning and value within ESPACE.
V. Message Handling System
ESPACE rests on a simple and reliable binary message handling system. This system is inspired by X.400 and Grapevine, and the ISO Directory Service, but it is greatly simplified. It provides name service and message routing in a unified manner. It will also allow users to access ESPACE from any location.
VI. User Interface
Some user interface will be required. We would like to support multi-media messages. Recent work on “virtual reality” has suggested that the user interface to a system like ESPACE could be a highly advanced 3D visualization of the objects and processes of the system. We prefer to concentrate on designing those objects and processes before considering any far-out “cyberspace” interfaces.
We have access to new “super smart cards” which may be an interesting part of a user interface, particularly important if users can enter ESPACE from any location.
We hope to build a prototype system and test a user community of reasonable size. One way to do that would be to test the system in the ARPANET environment. This is one of the purposes of the ARPANET, and we should make use of this valuable resource. In particular, we have thought about the possibility of starting a serious electronic journal in the ARPANET.
(note: this short-lived project took place inside AT&T Bell Labs)