Efficient migration access control for mobile agents

The speed and convenience of the Internet has facilitated dynamic development in electronic commerce in recent years. E-commerce technologies and applications are widely studied by expert researchers. Mobile agent is considered to have high potential in e-commerce; it has been attracting wide attention in recent years. Mobile agent has high autonomy and mobility; it can move unbridled in different runtime environments carrying out assigned tasks while automatically detecting its current environment and responding accordingly. The above qualities make mobile agent very suitable for use in e-commerce. The Internet is an open environment, but transfer of confidential data should be conducted only over a secure environment. So, to transfer information over the Internet, a secure Internet environment is absolutely essential. Therefore, the security of present Internet environment must be improved. During its execution, a mobile agent needs to roam around on the Internet between different servers, and it may come in contact with other mobile agents or hosts; it may also need to interact with them. So, a mobile agent might come to harm when it meets a malicious host, and the confidentiality of data could also be compromised. To tackle the above problems, this paper proposes a security scheme for mobile agents. It is designed to ensure the safety of mobile agents on the Internet, and it also has access control and key management to ensure security and data confidentiality. Volker and Mehrdad [R. Volker, J.S. Mehrdad, Access Control and Key Management for Mobile Agents, ''Computer Graphics'', Vol. 22, No. 4, August 1998, pp. 457-461] have already proposed an access control and key management scheme for mobile agents, but it needs large amount of space. So, this paper proposes a new scheme that uses the concepts of Chinese Remainder Theorem [F.H. Kuo, V.R.L. Shen, T.S. Chen, F. Lai, A Cryptographic Key Assignment Scheme for Dynamic Access Control in a User Hierarchy, ''IEE Proceeding on Computers & Digital Techniques'', Vol. 146, No. 5, Sept. 1999, pp. 235-240., T.S. Chen, Y.F. Chung, Hierarchical Access Control Based on Chinese Remainder Theorem and Symmetric Algorithm, ''Computers & Security'', Vol. 21, No. 6, 2002, pp. 565-570., U.P. Lei, S.C. Wang, A Study of the Security of Mambo et al.'s Proxy Signature Scheme Based on the Discrete Logarithm Problem, June 2004], hierarchical structure and Superkey [S.G. Akl, P.D. Taylor, Cryptographic Solution to a Problem of Access Control in a Hierarchy, ''ACM Transactions on Computer Systems'', Vol. 1, No. 3, August 1983, pp. 239-248]. A security and performance analysis of the proposed scheme shows that the scheme effectively protects mobile agents.

[1]  Bruce Schneier,et al.  Applied cryptography : protocols, algorithms, and source codein C , 1996 .

[2]  Yuke Wang Residue-to-binary converters based on new Chinese remainder theorems , 2000 .

[3]  Min-Shiang Hwang Extension of CHW cryptographic key assignment scheme in a hierarchy , 1999 .

[4]  Antonio Corradi,et al.  Security issues in mobile agent technology , 1999, Proceedings 7th IEEE Workshop on Future Trends of Distributed Computing Systems.

[5]  Chu-Hsing Lin,et al.  Dynamic key management schemes for access control in a hierarchy , 1997, Comput. Commun..

[6]  Min-Shiang Hwang,et al.  A Dynamic Key Generation Scheme for Access Control in a Hierarchy , 1999, Nord. J. Comput..

[7]  Niklas Borselius Mobile agent security , 2002 .

[8]  D. Ridley,et al.  Cape Town, South Africa , 1986, Journal of clinical ultrasound : JCU.

[9]  Pattie Maes,et al.  Agents that buy and sell , 1999, CACM.

[10]  Jean-Sébastien Coron,et al.  Index Calculation Attacks on RSA Signature and Encryption , 2006, Des. Codes Cryptogr..

[11]  Volker Roth,et al.  Access control and key management for mobile agents , 1998, Comput. Graph..

[12]  Min-Shiang Hwang An asymmetric cryptographuic key assignment scheme for access control in totally-ordered hierarchies , 2000, Int. J. Comput. Math..

[13]  William M. Farmer,et al.  Security for Mobile Agents: Authentication and State Appraisal , 1996, ESORICS.

[14]  Timothy K. Shih Mobile agent evolution computing , 2001, Inf. Sci..

[15]  Anand R. Tripathi,et al.  A security architecture for mobile agents in Ajanta , 2000, Proceedings 20th IEEE International Conference on Distributed Computing Systems.

[16]  F. Kuo,et al.  Cryptographic key assignment scheme for dynamic access control in a user hierarchy , 1999 .

[17]  Min-Shiang Hwang,et al.  An Improvement of Novel Cryptographic Key Assignment Scheme for Dynamic Access Control in a Hierarchy , 1999 .

[18]  Gene Tsudik,et al.  Itinerant Agents for Mobile Computing , 1995, IEEE Communications Surveys & Tutorials.

[19]  Giovanni Vigna,et al.  Cryptographic Traces for Mobile Agents , 1998, Mobile Agents and Security.

[20]  Fritz Hohl A Model of Attacks of Malicious Hosts Against Mobile Agents , 1998, ECOOP Workshops.

[21]  Yu-Fang Chung,et al.  Hierarchical access control based on Chinese Remainder Theorem and symmetric algorithm , 2002, Comput. Secur..

[22]  Fritz Hohl,et al.  Time Limited Blackbox Security: Protecting Mobile Agents From Malicious Hosts , 1998, Mobile Agents and Security.

[23]  Chin-Chen Chang,et al.  A new solution for assigning cryptographic keys to control access in mobile agent environments , 2006, Wirel. Commun. Mob. Comput..

[24]  Min-Shiang Hwang Cryptanalysis of YCN key assignment scheme in a hierarchy , 2000, Inf. Process. Lett..

[25]  Bruce Schneier,et al.  Applied cryptography (2nd ed.): protocols, algorithms, and source code in C , 1995 .

[26]  Selim G. Akl,et al.  Cryptographic solution to a problem of access control in a hierarchy , 1983, TOCS.

[27]  Min-Shiang Hwang,et al.  Efficient access control and key management schemes for mobile agents , 2004, Comput. Stand. Interfaces.