How a Secure and Open Mobile Agent Framework Suits Electronic Commerce Applications

The Mobile Agent (MA) paradigm seems able to support effectively distributed applications in open and heterogeneous environments, and application areas such as ecommerce appear to be of particular interest. However, MA technology has to answer to the requirements of security and interoperability to achieve wide deployment, especially in e-commerce applications. The paper focuses on security and interoperability, and describes a Secure and Open Mobile Agent (SOMA) programming environment where both requirements are main design objectives. On the one hand, SOMA is based on a thorough security model and provides a wide range of mechanisms and tools to build and enforce flexible security policies. On the other hand, the SOMA framework permits to interoperate with different application components designed with different programming styles. SOMA grants interoperability by closely considering compliance with the OMG CORBA and MASIF standards. In particular, the paper presents a SOMA-based e-marketplace that stresses to the limit the security and interoperability issues and that has served as a testbed for the validation of SOMA security and interoperability support.

[1]  David K. Gifford,et al.  Remote evaluation , 1990, TOPL.

[2]  Oren Etzioni,et al.  A scalable comparison-shopping agent for the World-Wide Web , 1997, AGENTS '97.

[3]  Pattie Maes,et al.  Agent-mediated Electronic Commerce : A Survey , 1998 .

[4]  Doug Lea,et al.  Role-Based Protection and Delegation for Mobile Object Environments , 1998, ECOOP Workshops.

[5]  Radu Popescu-Zeletin,et al.  An Approach for Providing Mobile Agent Fault Tolerance , 1998, Mobile Agents.

[6]  Li Gong,et al.  Java security: present and near future , 1997, IEEE Micro.

[7]  Pattie Maes,et al.  Kasbah: An Agent Marketplace for Buying and Selling Goods , 1996, PAAM.

[8]  Bennet S. Yee A Sanctuary for Mobile Agents , 2001, Secure Internet Programming.

[9]  W. A. Jansen,et al.  MOBILE AGENTS AND SECURITY , 1999 .

[10]  Antonio Corradi,et al.  Mobile Agents Integrity for Electronic Commerce Applications , 1999, Inf. Syst..

[11]  Gian Pietro Picco,et al.  Understanding code mobility , 1998, Proceedings of the 2000 International Conference on Software Engineering. ICSE 2000 the New Millennium.

[12]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.