On the Security Properties and Attacks against Mobile Agent Graph Head Sealing (MAGHS)

Mobile Agents (MAs) are not fully adopted for implementing distributed system especially in e-commerce application. The main reason is the security issues associated with use of MAs. Providing integrity of execution is considered as the most challenging problem in MAs. Mobile agent Graph Head Sealing (MAGHS) is a technique that aims towards providing integrity of execution. This paper discusses the attacks that can be launched against MAGHS technique and how the security properties for MAs data integrity are fulfilled. We try to model the behavior of a malicious host by launching a series of passive attacks against mobile agent and then see to what extent the security properties for mobile agent can be achieved. The experimental results suggest that MAGHS framework can be used to protect the computations results of mobile agents.

[1]  Jan Vitek,et al.  Secure Internet Programming: Security Issues for Mobile and Distributed Objects , 1999 .

[2]  Rolf Oppliger,et al.  Contemporary cryptography , 2005, Artech House computer security series.

[3]  Rolf Oppliger,et al.  Contemporary Cryptography (Artech House Computer Security Library) , 2005 .

[4]  A. Kannammal,et al.  Secure Mobile Agent System for E-Business Applications , 2006, IEEE International Conference on Computer Systems and Applications, 2006..

[5]  Tomas Olovsson,et al.  A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior , 1997, IEEE Trans. Software Eng..

[6]  Bennet S. Yee A Sanctuary for Mobile Agents , 2001, Secure Internet Programming.

[7]  André Schiper,et al.  Fault-Tolerant Mobile Agent Execution , 2003, IEEE Trans. Computers.

[8]  Li Gong,et al.  Signing, Sealing, and Guarding Java Objects , 1998, Mobile Agents and Security.

[9]  Fritz Hohl A Model of Attacks of Malicious Hosts Against Mobile Agents , 1998, ECOOP Workshops.

[10]  J. C. Byington,et al.  Mobile agents and security , 1998, IEEE Commun. Mag..

[11]  Chunyan Ma,et al.  A Security Evaluation Model for Multi-Agents Distributed Systems , 2006, BIS.

[12]  James E. White,et al.  Mobile Agents , 1997, Lecture Notes in Computer Science.

[13]  N. Asokan,et al.  Protecting the computation results of free-roaming agents , 1998, Personal Technologies.

[14]  Sung-Ming Yen,et al.  Protection of mobile agent data collection by using ring signature , 2004, IEEE International Conference on Networking, Sensing and Control, 2004.

[15]  Wenfei Fan,et al.  Keys with Upward Wildcards for XML , 2001, DEXA.

[16]  Witold Abramowicz,et al.  Technologies for Business Information Systems , 2007 .

[17]  Lu Ma,et al.  Security Modeling of Mobile Agent Systems , 2007 .

[18]  Giovanni Vigna,et al.  Cryptographic Traces for Mobile Agents , 1998, Mobile Agents and Security.

[19]  Richard T. Dué,et al.  OBJECT-ORIENTED TECHNOLOGY: The Economics of a New Paradigm , 1993 .

[20]  Jose L. Muñoz,et al.  Mobile Agent Watermarking and Fingerprinting: Tracing Malicious Hosts , 2003, DEXA.

[21]  Alec Yasinsac,et al.  Mobile Agent Data Integrity Using Multi-agent Architecture , 2004, ISCA PDCS.

[22]  P. S. Thiagarajan,et al.  Advances in Computing Science — ASIAN’99 , 1999, Lecture Notes in Computer Science.

[23]  Sergio Loureiro,et al.  Mobile code protection , 2001 .

[24]  Zhang Yong,et al.  Protecting Mobile Agent's Computation Results with Reversible Watermarking and Digital Signature , 2007, Third International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP 2007).

[25]  Michael R. Lyu,et al.  Security Modeling and Evaluation for the Mobile Code Paradigm , 1999, ASIAN.

[26]  Danny B. Lange,et al.  Programming and Deploying Java¿ Mobile Agents with Aglets¿ , 1998 .

[27]  Volker Roth,et al.  Mutual Protection of Co-operating Agents , 2001, Secure Internet Programming.

[28]  Jan Vitek,et al.  Secure Internet Programming , 1999 .