JSP Email Watermarking

I need to implement some security mechanism in my JSP project. (a payroll system)

And the email is of sensitivity here. Because it will be used as a main form of communication.

I want it like WATERMARKED, in other words, made into an image form instead of text which someone can change. And I need more information on the interception of emails and stuff. How to prevent it and enhance the security of my web application.

Let me know
1.) How to watermark the email
2.) enhacne security of JSP web applications

Thanks

LVL 1
aarontwcAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

CEHJCommented:
Using images is not such a good idea as it forces you to send them in html format. Some systems, especially Unix-based ones, are not set by default to deal with html mail.

A better way would be to create a message digest of the text. This acts like a checksum - the mail could not be altered without 'spoiling' the checksum and altering the mail so the same checksum produced is effectively impossible.
0
jimmackCommented:
CEHJ is absolutely right with the digest comment.  Note that this will ensure the "integrity" of the e-mail (ie. you will know it hasn't changed), not the security (ie. it doesn't stop other people reading it).

Here's a link to the digest information from Sun's security intro tutorial:

http://java.sun.com/developer/onlineTraining/Security/Fundamentals/Security.html#secDigests
0
jimmackCommented:
If you want to go the extra step and add the security, you'll need to encrypt it too.  It depends how far you want/need to go ;-)
0
aarontwcAuthor Commented:
Ok Maybe I should be more focused on what i really need.

I just need a security mechanism to sort of make the user know that the email is from me. How can I do this? I was thinking of watermarking a picture into the email. So when users receive an email with that watermark picture, they know that the email is from an authentic sender.

Does that make things clearer?

Any suggestions on this authentic sender issue?

Thanks


0
jimmackCommented:
It makes things clearer, but not necessarily easier ;-)

Have a look through the security tutorial on the javasoft site:

http://java.sun.com/developer/onlineTraining/Security/Fundamentals/contents.html

There is a discussion of public key cryptography (which is where you're heading) and signing data:

http://java.sun.com/developer/onlineTraining/Security/Fundamentals/Security.html#secSigningData
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Java

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.