Non-repudiation Mechanism of Agent-Based Mobile Payment Systems: Perspectives on Wireless PKI

Non-repudiation of a mobile payment transaction ensures that when a buyer (B) sends some messages to a seller (S), neither B nor S can deny having participated in this transaction. An evidence of a transaction is generated by wireless PKI mechanism such that B and S cannot repudiate sending and receiving the purchase order respectively. The broker generates a mobile agent for B which carries encrypted purchase order to the seller. One trusted third party acts as a lightweight notary for evidence generation. One advantage of this agent-based non-repudiation protocol is to reduce inconvenience for mobile clients such as connection time; it causes difficulty for fair transaction for mobile payments.

[1]  Li Yan,et al.  An Optimistic Fair Non-Repudiation Protocol with Semi-Trusted Third Party , 2006 .

[2]  Jose L. Muñoz,et al.  Secure brokerage mechanisms for mobile electronic commerce , 2006, Comput. Commun..

[3]  Wayne A. Jansen,et al.  Mobile Agent Security , 1999 .

[4]  Yahiko Kambayashi,et al.  Fair Exchange under Limited Trust , 2002, TES.

[5]  Athanasios T. Karygiannis,et al.  SP 800-19. Mobile Agent Security , 1999 .

[6]  Robert H. Deng,et al.  Evolution of Fair Non-repudiation with TTP , 1999, ACISP.

[7]  Felix C. Freiling,et al.  Solving Fair Exchange with Mobile Agents , 2000, ASA/MA.

[8]  Jeffrey J. P. Tsai,et al.  Security Modeling and Analysis of Mobile Agent Systems , 2006, Series in Electrical and Computer Engineering.

[9]  Jianying Zhou,et al.  An intensive survey of fair non-repudiation protocols , 2002, Comput. Commun..

[10]  Andrés Marín López,et al.  Smart card-based agents for fair non-repudiation , 2007, Comput. Networks.

[11]  Andreu Riera,et al.  Securing the itinerary of mobile agents through a non-repudiation protocol , 1999, Proceedings IEEE 33rd Annual 1999 International Carnahan Conference on Security Technology (Cat. No.99CH36303).

[12]  Elsabé Cloete,et al.  Classification of malicious host threats in mobile agent computing , 2002 .

[13]  Levente Buttyán,et al.  On the Problem of Trust in Mobile Agent Systems , 1998, NDSS.

[14]  Amitabha Das,et al.  A Secure Payment Protocol Using Mobile Agents in an Untrusted Host Environment , 2001, ISEC.

[15]  Dieter Gollmann,et al.  A fair non-repudiation protocol , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[16]  Jose L. Muñoz,et al.  Host Revocation Authority: A Way of Protecting Mobile Agents from Malicious Hosts , 2003, ICWE.

[17]  E. F. Michiels,et al.  ISO/IEC 10181-4:1995 Information technology Open Systems Interconnection Security frameworks for open systems: Non-repudiation framework , 1996 .

[18]  David M'Raïhi,et al.  E-commerce applications of smart cards , 2001, Comput. Networks.

[19]  Volker Roth,et al.  Access control and key management for mobile agents , 1998, Comput. Graph..

[20]  Wayne Jansen,et al.  NIST Special Publication 800-19 – Mobile Agent Security , 2000 .

[21]  Yugyung Lee,et al.  A software framework for non-repudiation service in electronic commerce based on the Internet , 2002, Proceedings. Eleventh International Conference on Computer Communications and Networks.

[22]  Chung-Ming Ou,et al.  Adaptation of proxy certificates to non-repudiation protocol of agent-based mobile payment systems , 2009, Applied Intelligence.

[23]  Luo Junzhou,et al.  On timeliness of a fair non-repudiation protocol , 2004, InfoSecu '04.