Secure agent data integrity shield

Abstract In the rapidly expanding field of E-Commerce, mobile agent is the emerging technology that addresses the requirement of intelligent filtering/processing of information. This paper addresses the area of mobile agent data integrity protection. We propose the use of Secure Agent Data Integrity Shield (SADIS) as a scheme that protects the integrity of data collected during agent roaming. With the use of a key seed negotiation protocol and integrity protection protocol, SADIS protects the secrecy as well as the integrity of agent data. Any illegal data modification, deletion, or insertion can be detected either by the subsequent host or the agent butler. Most important of all, the identity of each malicious host can be established. To evaluate the feasibility of our design, a prototype has been developed using Java. The result of benchmarking shows improvement both in terms of data and time efficiency.

[1]  Bruce Schneier,et al.  Applied cryptography : protocols, algorithms, and source codein C , 1996 .

[2]  Sheng-Uei Guan,et al.  SAFER E-Commerce: Secure Agent Fabrication, Evolution & Roaming for E-Commerce , 2001 .

[3]  Yang Yang,et al.  SAFE: secure agent roaming for e-commerce , 2002 .

[4]  Steven Guan,et al.  Integrity protection for Code-on-Demand mobile agents in e-commerce , 2002, J. Syst. Softw..

[5]  Antonio Corradi,et al.  Mobile agents and security: protocols for integrity , 1999, DAIS.

[6]  Andrew S. Patrick,et al.  Building Trustworthy Software Agents , 2002, IEEE Internet Comput..

[7]  Niklas Borselius Mobile agent security , 2002 .

[8]  Volker Roth,et al.  Secure mobile agent systems using Java: where are we heading? , 2002, SAC '02.

[9]  Yang Yang,et al.  Intelligent mobile agents for E-commerce: security issues and agent transport , 2000 .

[10]  Chris J. Mitchell,et al.  On Mobile Agent Based Transactions in Moderately Hostile Environments , 2001, Network Security.

[11]  Sim Heng Ong,et al.  Migration control for mobile agents based on passport and visa , 2003, Future Gener. Comput. Syst..

[12]  Niklas Borselius,et al.  A security architecture for agent-based mobile systems , 2002 .

[13]  Dong-Ik Lee,et al.  One-Time Key Generation System for Agent Data Protection in Mobile Agent Systems , 2001 .

[14]  Steven Guan,et al.  Intelligent product brokering for e-commerce: an incremental approach to unaccounted attribute detection , 2004, Electron. Commer. Res. Appl..

[15]  Steven Guan,et al.  Virtual Marketplace for Agent-based Electronic Commence , 2002, IMSA.

[16]  Anand R. Tripathi,et al.  Design of the Ajanta system for mobile agent programming , 2002, J. Syst. Softw..

[17]  Jim Youll Agent-based electronic commerce: opportunities and challenges , 2001, Proceedings 5th International Symposium on Autonomous Decentralized Systems.

[18]  Steven Guan,et al.  Handy broker: an intelligent product-brokering agent for m-commerce applications with user preference tracking , 2002, Electron. Commer. Res. Appl..

[19]  Antonio Corradi,et al.  Protection and Interoperability for Mobile Agents: A Secure and Open Programming Environment ∗ , 2000 .

[20]  N. Asokan,et al.  Protecting the computation results of free-roaming agents , 2005, Personal Technologies.

[21]  Robbert van Renesse,et al.  A TACOMA retrospective , 2002, Softw. Pract. Exp..

[22]  Volker Roth,et al.  On the Robustness of Some Cryptographic Protocols for Mobile Agent Protection , 2001, Mobile Agents.