Authentication Model Based on JWT and Local PKI for Communication Security in Multi-agent Systems

This paper aims to present a new model based on JSON Web Token (JWT) and Public Key Infrastructure (PKI) for communication security as part of a Multi-Agent System Middleware for massively distributed systems. The proposed model aims to provide secure communications between agents to ensure the integrity of the exchanged messages, the authentication of agents, and the no-repudiation, articulated on an approach based on a Registration Authority (RA) and a Certification Authority (CA) that are managed by a Public Key Infrastructure (PKI). This architecture is based on the Stateless JWT security technology based on the asymmetric cryptographic algorithm used for validation of subsequent client requests for making frequent remote calls to the target server resources. The proposed solution uses a digital signature claim using a KeyStore.p12 generated periodically by the local PKI, to ensure message integrity, transmitter authentication, and non-repudiation based on asymmetric cryptographic technology. The article presents an approach based on digital trust micro-agent for better security.

[1]  Prajakta Solapurkar,et al.  Building secure healthcare services using OAuth 2.0 and JSON web token in IOT cloud scenario , 2016, 2016 2nd International Conference on Contemporary Computing and Informatics (IC3I).

[2]  Mohammad Abdullah Al Faruque,et al.  GPU Architecture Aware Instruction Scheduling for Improving Soft-Error Reliability , 2017, IEEE Transactions on Multi-Scale Computing Systems.

[3]  Mohammad Abdullah Al Faruque,et al.  GPU-EvR: Run-time event based real-time scheduling framework on GPGPU platform , 2014, 2014 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[4]  Mohamed-Khireddine Kholladi,et al.  A security model for complex applications based on normative multi-agents system , 2015, 2015 Second International Conference on Information Security and Cyber Forensics (InfoSec).

[5]  R. M. Alguliev,et al.  Identity management based security architecture of cloud computing on multi-agent systems , 2013, Third International Conference on Innovative Computing Technology (INTECH 2013).

[6]  Ramin Yahyapour,et al.  A JSON Token-Based Authentication and Access Management Schema for Cloud SaaS Applications , 2017, 2017 IEEE 5th International Conference on Future Internet of Things and Cloud (FiCloud).

[7]  Mohannad Najjar,et al.  A blue print practical implementation of PKI using open PGP at University of Tabuk , 2013, 2013 Science and Information Conference.

[8]  J. Bradley,et al.  JSON Web Token (JWT) draft-ietf-oauth-json-web-token-02 , 2013 .

[9]  Guangming Shi,et al.  Parallel Implementation of the Range-Doppler Radar Processing on a GPU Architecture , 2016, 2016 15th International Symposium on Parallel and Distributed Computing (ISPDC).

[10]  Peter Gutmann,et al.  Lessons Learned in Implementing and Deploying Crypto Software , 2002, USENIX Security Symposium.

[11]  Petru Eles,et al.  Saving energy without defying deadlines on mobile GPU-based heterogeneous systems , 2014, 2014 International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS).

[12]  Peng Yinghui The Application of PKCS#12 Digital Certificate in User Identity Authentication System , 2009, 2009 WRI World Congress on Software Engineering.

[13]  Zhongliang Chen,et al.  Balancing Scalar and Vector Execution on GPU Architectures , 2016, 2016 IEEE International Parallel and Distributed Processing Symposium (IPDPS).

[14]  Zoltan Juhasz Highly parallel online bioelectrical signal processing on GPU architecture , 2017, 2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO).

[15]  Jianying Zhou,et al.  FlexiCert: merging X.509 identity certificates and attribute certificates , 2003, 14th International Workshop on Database and Expert Systems Applications, 2003. Proceedings..

[16]  Abderrahim Abdellaoui,et al.  A security scheme for mobile cloud using multi-agents system , 2016, 2016 4th IEEE International Colloquium on Information Science and Technology (CiSt).

[17]  Yousof Al-Hammadi,et al.  Secure lightweight ECC-based protocol for multi-agent IoT systems , 2017, 2017 IEEE 13th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[18]  I. Arul Jothi,et al.  Increasing performance of parallel and distributed systems in high performance computing using weight based approach , 2015, 2015 International Conference on Circuits, Power and Computing Technologies [ICCPCT-2015].