Integrity Protection of Mobile Agent Data

2009 ◽  
pp. 2715-2724
Author(s):  
Sheng-Uei Guan
Keyword(s):  
Electronic Commerce ◽  
Mobile Agent ◽  
Current Literature ◽  
Mobile Agents ◽  
Data Integrity ◽  
Data Encryption ◽  
Agent Technology ◽  
Session Key ◽  
The Common ◽  
Malicious Host

One hindrance to the widespread adoption of mobile-agent technology is the lack of security. Security will be the issue that has to be addressed carefully if mobile agents are to be used in the field of electronic commerce. SAFER (secure agent fabrication, evolution and roaming) is a mobile-agent framework that is specially designed for the purpose of electronic commerce (Guan & Hua, 2003; Guan, Zhu, & Maung, 2004; Zhu, Guan, Yang, & Ko, 2000). Security has been a prime concern from the first day of our research (Guan & Yang, 2002; Yang & Guan, 2000). By building strong and efficient security mechanisms, SAFER aims to provide a trustworthy framework for mobile agents to assist users in conducting mobile or electronic-commerce transactions. Agent integrity is one such area crucial to the success of agent technology (Wang, Guan, & Chan, 2002). Despite the various attempts in the literature, there is no satisfactory solution to the problem of data integrity so far. Some of the common weaknesses of the current schemes are vulnerabilities to revisit attacks, when an agent visits two or more collaborating malicious hosts during one roaming session, and illegal modifi- cation (deletion or insertion) of agent data. The agent monitoring protocol (AMP; Chionh, Guan, & Yang, 2001), an earlier proposal under SAFER to address agent data integrity, does address some of the weaknesses in the current literature. Unfortunately, the extensive use of PKI (public-key infrastructure) technology introduces too much overhead to the protocol. Also, AMP requires the agent to deposit its data collected to the agent owner or butler before it roams to another host. While this is a viable and secure approach, the proposed approach, Secure Agent Data Integrity Shield (SADIS), will provide an alternative by allowing the agent to carry the data by itself without depositing them (or the data hash) onto the butler. Besides addressing the common vulnerabilities of current literature (revisit attacks and data-modification attacks), SADIS also strives to achieve maximum efficiency without compromising security. It minimizes the use of PKI technology and relies on symmetric key encryption as much as possible. Moreover, the data encryption key and the communication session key are both derivable from a key seed that is unique to the agent’s roaming session in the current host. As a result, the butler can derive the communication session key and data encryption key directly. Another feature in SADIS is strong security. Most of the existing research works focus on detecting integrity compromise (Esparza, Muñoz, Soriano, & Fomé, 2006) or bypassing integrity attacks by requiring the existence of a cooperating agent that is carried out within a trusted platform (Ouardani, Pierre, & Boucheneb, 2006). However, these works neglect the need to identify the malicious host. With SADIS, the agent butler will not only be able to detect any compromise to data integrity, but will identify the malicious host effectively.

Protection of Mobile Agent Data

2009 ◽  
pp. 305-312
Author(s):  
Sheng-Uei Guan
Keyword(s):  
Electronic Commerce ◽  
Mobile Agent ◽  
Current Literature ◽  
Data Integrity ◽  
Data Encryption ◽  
Agent Technology ◽  
Session Key ◽  
The Common ◽  
Trusted Platform ◽  
Malicious Host

One hindrance to the widespread adoption of mobile agent technology is the lack of security. Security will be the issue that has to be addressed carefully if a mobile agent is to be used in the field of electronic commerce. SAFER?or Secure Agent Fabrication, Evolution, and Roaming?is a mobile agent framework that is specially designed for the purpose of electronic commerce (Zhu, Guan, Yang, & Ko, 2000; Guan & Hua, 2003; Guan, Zhu, & Maung, 2004). Security has been a prime concern from the first day of our research (Guan & Yang, 1999, 2002; Yang & Guan, 2000). By building strong and efficient security mechanisms, SAFER aims to provide a trustworthy framework for mobile agents, increasing trust factors to end users by providing the ability to trust, predictable performance, and a communication channel (Patrick, 2002). Agent integrity is one such area crucial to the success of agent technology (Wang, Guan, & Chan, 2002). Despite the various attempts in the literature, there is no satisfactory solution to the problem of data integrity so far. Some of the common weaknesses of the current schemes are vulnerabilities to revisit attack when an agent visits two or more collaborating malicious hosts during one roaming session and illegal modifi- cation (deletion/insertion) of agent data. Agent Monitoring Protocol (AMP) (Chionh, Guan, & Yang, 2001), an earlier proposal under SAFER to address agent data integrity, does address some of the weaknesses in the current literature. Unfortunately, the extensive use of PKI technology introduces too much overhead to the protocol. Also, AMP requires the agent to deposit its data collected to the agent owner/butler before it roams to another host. While this is a viable and secure approach, the proposed approach?Secure Agent Data Integrity Shield (SADIS)?will provide an alternative by allowing the agent to carry the data by itself without depositing it (or the data hash) onto the butler. Besides addressing the common vulnerabilities of current literature (revisit attack and data modification attack), SADIS also strives to achieve maximum efficiency without compromising security. It minimizes the use of PKI technology and relies on symmetric key encryption as much as possible. Moreover, the data encryption key and the communication session key are both derivable from a key seed that is unique to the agent’s roaming session in the current host. As a result, the butler can derive the communication session key and data encryption key directly. Another feature in SADIS is strong security. Most of the existing research focuses on detecting integrity compromise (Esparza, Muñoz, Soriano, & Forné, 2006) or on bypassing integrity attacks by requiring the existence of a cooperating agent that is carried out within a trusted platform (Ouardani, Pierre, & Boucheneb, 2006), but which neglected the need to identify the malicious host. With SADIS, the agent butler will not only be able to detect any compromise to data integrity, but to identify the malicious host effectively.

Secure Agent for E-Commerce Applications

2011 ◽  
pp. 439-447
Author(s):  
Sheng-Uei Guan
Keyword(s):  
Electronic Commerce ◽  
Mobile Agent ◽  
Mobile Agents ◽  
Agent Technology ◽  
Transport Protocol ◽  
Satisfactory Solution ◽  
On Demand ◽  
Code Integrity ◽  
Integrity Protection ◽  
The Common

One hindrance to the widespread adoption of mobile agent technology (Johansen et al., 2002) is the lack of security. SAFER, or Secure Agent Fabrication, Evolution and Roaming, is a mobile agent framework that is specially designed for the purpose of electronic commerce (Guan & Yang, 2002, 2004; Yang & Guan, 2000; Zhu, Guan, Yang, & Ko, 2000). By building strong and efficient security mechanisms, SAFER aims to provide a trustworthy framework for mobile agents. Although such an agent transport protocol provides for the secure roaming of agents, there are other areas related to security to be addressed. Agent integrity is one such area crucial to the success of agent technology. The integrity protection for agent code is relatively straightforward. A more complex code integrity scheme to handle code-on-demand is also proposed in Wang, Guan, and Chan (2002). Agent data, however, is dynamic in nature and will change as the agent roams from host to host. Despite the various attempts in the literature (Chionh, Guan, & Yang, 2001), there is no satisfactory solution to the problem so far. Some of the common weaknesses of the current schemes are vulnerabilities to revisit attack and illegal modification (deletion/insertion) of agent data.

Secure Agent for E-Commerce Applications

2008 ◽  
pp. 2278-2285
Author(s):  
Sheng-Uei Guan
Keyword(s):  
Electronic Commerce ◽  
Mobile Agent ◽  
Mobile Agents ◽  
Agent Technology ◽  
Transport Protocol ◽  
Satisfactory Solution ◽  
On Demand ◽  
Code Integrity ◽  
Integrity Protection ◽  
The Common

One hindrance to the widespread adoption of mobile agent technology (Johansen et al., 2002) is the lack of security. SAFER, or Secure Agent Fabrication, Evolution and Roaming, is a mobile agent framework that is specially designed for the purpose of electronic commerce (Guan & Yang, 2002, 2004; Yang & Guan, 2000; Zhu, Guan, Yang, & Ko, 2000). By building strong and efficient security mechanisms, SAFER aims to provide a trustworthy framework for mobile agents. Although such an agent transport protocol provides for the secure roaming of agents, there are other areas related to security to be addressed. Agent integrity is one such area crucial to the success of agent technology. The integrity protection for agent code is relatively straightforward. A more complex code integrity scheme to handle code-on-demand is also proposed in Wang, Guan, and Chan (2002). Agent data, however, is dynamic in nature and will change as the agent roams from host to host. Despite the various attempts in the literature (Chionh, Guan, & Yang, 2001), there is no satisfactory solution to the problem so far. Some of the common weaknesses of the current schemes are vulnerabilities to revisit attack and illegal modification (deletion/insertion) of agent data.

Secure Agent for E-Commerce Applications

2011 ◽  
pp. 962-967
Author(s):  
Sheng-Uei Guan
Keyword(s):  
Electronic Commerce ◽  
Mobile Agent ◽  
Mobile Agents ◽  
Agent Technology ◽  
Transport Protocol ◽  
Satisfactory Solution ◽  
On Demand ◽  
Code Integrity ◽  
Integrity Protection ◽  
The Common

One hindrance to the widespread adoption of mobile agent technology (Johansen et al., 2002) is the lack of security. SAFER, or Secure Agent Fabrication, Evolution and Roaming, is a mobile agent framework that is specially designed for the purpose of electronic commerce (Guan & Yang, 2002, 2004; Yang & Guan, 2000; Zhu, Guan, Yang, & Ko, 2000). By building strong and efficient security mechanisms, SAFER aims to provide a trustworthy framework for mobile agents. Although such an agent transport protocol provides for the secure roaming of agents, there are other areas related to security to be addressed. Agent integrity is one such area crucial to the success of agent technology. The integrity protection for agent code is relatively straightforward. A more complex code integrity scheme to handle code-on-demand is also proposed in Wang, Guan, and Chan (2002). Agent data, however, is dynamic in nature and will change as the agent roams from host to host. Despite the various attempts in the literature (Chionh, Guan, & Yang, 2001), there is no satisfactory solution to the problem so far. Some of the common weaknesses of the current schemes are vulnerabilities to revisit attack and illegal modification (deletion/insertion) of agent data.

Protection of Mobile Agent Data

2011 ◽  
pp. 556-562
Author(s):  
Sheng-Uei Guan
Keyword(s):  
Electronic Commerce ◽  
Mobile Agent ◽  
Mobile Agents ◽  
Communication Channel ◽  
End Users ◽  
Agent Technology ◽  
Widespread Adoption ◽  
Prime Concern ◽  
Trust Factors

One hindrance to the widespread adoption of mobile agent technology is the lack of security. Security will be the issue that has to be addressed carefully if a mobile agent is to be used in the field of electronic commerce. SAFER or Secure Agent Fabrication, Evolution, and Roaming is a mobile agent framework that is specially designed for the purpose of electronic commerce (Zhu, Guan, Yang, & Ko, 2000; Guan & Hua, 2003; Guan, Zhu, & Maung, 2004). Security has been a prime concern from the first day of our research (Guan & Yang, 1999, 2002; Yang & Guan, 2000). By building strong and efficient security mechanisms, SAFER aims to provide a trustworthy framework for mobile agents, increasing trust factors to end users by providing the ability to trust, predictable performance, and a communication channel (Patrick, 2002).

RELIABILITY CONCEPTS FOR MOBILE AGENTS

1998 ◽  
Vol 07 (04) ◽  
pp. 355-382 ◽  
Author(s):  
MARKUS STRASSER ◽  
KURT ROTHERMEL
Keyword(s):  
Fault Tolerance ◽  
Electronic Commerce ◽  
Mobile Agent ◽  
Mobile Agents ◽  
Fault Tolerant ◽  
Agent Technology ◽  
System Management ◽  
Agent System ◽  
Travel Plan ◽  
Node Failures

The use of mobile agent technology has been proposed for various fault-sensitive application areas, including electronic commerce and system management. A prerequisite for the use of mobile agents in these environments is that agents have to be executed reliably, independent of communication and node failures. In this article, we present two approaches improving the level of fault-tolerance in agent execution. The introduction of an itinerary concept allows to specify an agent's travel plan flexibly and provides the agent system with the possibility to postpone the visit of currently unavailable nodes or to choose alternative nodes in case of node failures. The second approach is a recently proposed fault-tolerant protocol to ensure the exactly-once execution of an agent. With this protocol, agents are preformed in stages. Each stage consists of a number of nodes. One of these nodes executes the agent while the others monitor the execution. After a summary of this protocol, we focus on the construction of stages. In particular, we investigate how the number of nodes per stage influences the probability of an agent to be blocked due to failures and which nodes should be selected when forming a stage to minimize the protocol overhead.

Integrity Protection of Mobile Agent Data

2008 ◽  
pp. 423-462
Author(s):  
Sheng-Uei Guan
Keyword(s):  
Electronic Commerce ◽  
Mobile Agent ◽  
Mobile Agents ◽  
Agent Technology ◽  
Widespread Adoption ◽  
Prime Concern ◽  
Integrity Protection

One hindrance to the widespread adoption of mobile-agent technology is the lack of security. Security will be the issue that has to be addressed carefully if mobile agents are to be used in the field of electronic commerce. SAFER (secure agent fabrication, evolution and roaming) is a mobile-agent framework that is specially designed for the purpose of electronic commerce (Guan & Hua, 2003; Guan, Zhu, & Maung, 2004; Zhu, Guan, Yang, & Ko, 2000). Security has been a prime concern from the first day of our research (Guan & Yang, 2002; Yang & Guan, 2000). By building strong and efficient security mechanisms, SAFER aims to provide a trustworthy framework for mobile agents to assist users in conducting mobile or electronic-commerce transactions.

scholarly journals Distributed Data Processing in Vehicular Networks using Mobile Agents

1970 ◽  
Vol 2 ◽  
pp. 61-62
Author(s):  
Óscar Urra ◽  
Sergio Ilarri
Keyword(s):  
Wireless Communications ◽  
Mobile Agent ◽  
Open Problem ◽  
Mobile Agents ◽  
Short Range ◽  
Vehicular Networks ◽  
Vehicular Network ◽  
Agent Technology ◽  
Distributed Data ◽  
Distributed Data Processing

In a vehicular network, vehicles can exchange interesting information (e.g., about accidents, traffic status, etc.) using short-range wireless communications. Besides, the vehicles can be equipped with additional sensors that can directly obtain data from the environment. How to efficiently process and collect these data is an open problem. We argue that mobile agent technology could be helpful.

scholarly journals Security for Mobile Agents: Trust Estimate for Platforms

2015 ◽  
Vol 15 (2) ◽  
pp. 381
Author(s):  
Razouki Hassan ◽  
Hair Abdellatif
Keyword(s):  
Distributed Computing ◽  
Mobile Agent ◽  
Mobile Agents ◽  
Security Threats ◽  
Computing Technology ◽  
Open Network ◽  
Degree Of Confidence ◽  
Mobile Agent Security ◽  
Malicious Host

The mobile agent has been seen as a promising distributed computing technology. The mobility characteristic of mobile agent makes it to travel often in open network. In this scenario, it is obvious that the mobile agents are vulnerable to various security threats. Protecting free-roaming mobile agents from malicious host and from other mobile agents has drawn much attention in recent years. The protection of mobile agents is considered as one of the greatest challenges of security, because the platform of execution has access to all the components of the mobile agent. In this paper, we present a new architecture paradigm of mobile agents, which allows the separation of the implementation tasks of the agent and its security mechanisms. Our approach is based on using two strategies of adaptation to adapt the mobile agent security at runtime, depending on the sensitivity of the services required to perform the duties of the agent and the degree of confidence of the visited platforms.

A Mobile Agent Computation Model for Best Buy Searching

2011 ◽  
pp. 303-320
Author(s):  
Timothy K. Shih
Keyword(s):  
Information Retrieval ◽  
Electronic Commerce ◽  
Mobile Agent ◽  
Mobile Agents ◽  
Niche Overlap ◽  
Network Communication ◽  
The Internet ◽  
Simulation Design ◽  
Distributed Information ◽  
Control Programs

The Internet changes our shopping style. With the growing popularity of Web browsers, electronic commerce (EC) has become a trend of next-generation shopping style. EC software applications are written as Web document control programs, which run on service providers. The techniques used including information retrieval, network communication, database management, communication security and others. Due to the huge volume of data transmitted on the Internet, and the number of electronic commerce shoppers, currently the Internet is overloaded on its limited communication bandwidth. Research contributions are proposed to overcome this problem. Mobile agents are computer programs that can be distributed across networks to run on a remote computer station. The technique can be used in distributed information retrieval which allows the computation load to be added to servers, but significantly reduces the traffic of network communication. Many articles indicate that this approach is a new direction to software engineering. However, it is hard to find a theoretical base of mobile agent computing and interaction over the Internet. We propose a graph-based model, with a simulation design, for the mobile agents, which evolve over the Internet. Based on the concepts of food web (or food chain), one of the natural laws that we may use besides neural networks and genetic algorithms, we define agent niche overlap graph and agent evolution states for the distributed computation of mobile agent evolution. The proposed model can be used to build an environment for many electronic commerce applications, such as advertisement agent or survey questionnaire agent.

Sign in / Sign up

Export Citation Format

Share Document