A Model for Mobile Agent Security in E-Business Applications

Mobile agent systems provide a great flexibility and customizability to distributed applications like e-business and information retrieval in the current scenario. Security is a crucial concern for such systems, especially when they are used to deal with money transactions. Mobile agents moving around the network are not safe because the remote hosts that accommodate the agents can initiate all kinds of attacks and can attempt to analyze the agents' decision logic and their accumulated data. Hence, mobile agent security is one of the most challenging unsolved problems. This paper analyzes the security attacks on mobile agents by malicious hosts and seeks to address some of these problems by proposing solutions based on public key authentication techniques and cryptography. The authors develop an experimental application and evaluate the security and performance of proposed solutions. They develop a performance model in order to tune the parameters of execution environment to meet the desired level of performance and security.

[1]  Fritz Hohl A Model of Attacks of Malicious Hosts Against Mobile Agents , 1998, ECOOP Workshops.

[2]  Huanguo Zhang,et al.  The Mobile Agent Security Enhanced by Trusted Computing Technology , 2006, 2006 International Conference on Wireless Communications, Networking and Mobile Computing.

[3]  Jim Alves-Foss,et al.  The use of encrypted functions for mobile agent security , 2004, 37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the.

[4]  Anand R. Tripathi,et al.  Security in the Ajanta mobile agent system , 2001, Softw. Pract. Exp..

[5]  Luo Hong JAVA Security Architecture , 2000 .

[6]  John Zachary Protecting Mobile Code in the Wild , 2003, IEEE Internet Comput..

[7]  Marcin Paprzycki,et al.  Mobile Agent Security - an Overview , 2004 .

[8]  Chin-Chen Chang,et al.  A fair and secure mobile agent environment based on blind signature and proxy host , 2004, Comput. Secur..

[9]  Christian Tschudin,et al.  Mobile Agent Security , 1999 .

[10]  Danny B. Lange,et al.  Seven good reasons for mobile agents , 1999, CACM.

[11]  Christian F. Tschudin,et al.  Protecting Mobile Agents Against Malicious Hosts , 1998, Mobile Agents and Security.

[12]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[13]  Joseph S. Sventek,et al.  A Trustworthy Mobile Agent Infrastructure for Network Management , 2007, 2007 10th IFIP/IEEE International Symposium on Integrated Network Management.

[14]  Jinyuan You,et al.  POM-a mobile agent security model against malicious hosts , 2000, Proceedings Fourth International Conference/Exhibition on High Performance Computing in the Asia-Pacific Region.

[15]  Arkady B. Zaslavsky,et al.  A Buddy Model of Security for Mobile Agent Communities Operating in Pervasive Scenarios , 2004, ACSW.

[16]  Ajith Abraham,et al.  AGENT SYSTEMS TODAY; METHODOLOGICAL CONSIDERATIONS , 2003 .