Design and implementation of a secure multi-agent marketplace

A multi-agent marketplace, MAGNET (Multi AGent Negotiation Testbed), is a promising solution for conducting online combinatorial auctions. The trust model of MAGNET is somewhat dieren t from other on-line auction systems, since the marketplace, which mediates all communications between agents, acts as a partiallytrusted third party. In this paper, we identify the security vulnerabilities of MAGNET and present a solution that overcomes these weaknesses. Our solution makes use of three dieren t existing technologies with standard cryptographic techniques: a publish/subscribe system to provide simple and general messaging, time-release cryptography to provide guaranteed nondisclosure of the bids, and anonymous communication to hide the identity of the bidders until the end of the auction. By doing so, we successfully minimize the trust on the market as well as increase the security of the whole system. The protocol that we have developed can be adapted for use by other agent-based auction systems, which use a third party to mediate transactions.

[1]  Julian Padget,et al.  Agent-Mediated Electronic Commerce IV , 2002 .

[2]  Ronald L. Rivest,et al.  Time-lock Puzzles and Timed-release Crypto , 1996 .

[3]  Leonard N. Foner A Security Architecture for Multi-Agent Matchmaking , 1996 .

[4]  Paul F. Syverson,et al.  Fair On-Line Auctions without Special Trusted Parties , 1999, Financial Cryptography.

[5]  Sean W. Smith,et al.  SAM: a flexible and secure auction architecture using trusted hardware , 2001, Proceedings 15th International Parallel and Distributed Processing Symposium. IPDPS 2001.

[6]  Katia P. Sycara,et al.  Adding security and trust to multiagent systems , 2000, Appl. Artif. Intell..

[7]  Maria L. Gini,et al.  A Multi-Agent Negotiation Testbed for Contracting Tasks with Temporal and Precedence Constraints , 2002, Int. J. Electron. Commer..

[8]  Stefan Poslad,et al.  Specifying Standard Security Mechanisms in Multi-agent Systems , 2002, Trust, Reputation, and Security.

[9]  Yao-Hua Tan,et al.  Trust and Deception in Virtual Societies , 2001, Springer Netherlands.

[10]  Blake Ramsdell,et al.  S/MIME Version 3 Message Specification , 1999, RFC.

[11]  尚弘 島影 National Institute of Standards and Technologyにおける超伝導研究及び生活 , 2001 .

[12]  Robert Tappan Morris,et al.  Tarzan: a peer-to-peer anonymizing network layer , 2002, CCS '02.

[13]  Marc Joye,et al.  A Practical and Provably Secure Coalition-Resistant Group Signature Scheme , 2000, CRYPTO.

[14]  Nicolas Lhuillier,et al.  FOUNDATION FOR INTELLIGENT PHYSICAL AGENTS , 2003 .

[15]  Felix Brandt,et al.  A verifiable, bidder-resolved Auction Protocol , 2002 .

[16]  Matthew K. Franklin,et al.  The design and implementation of a secure auction service , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[17]  M. Calisti,et al.  FOUNDATION FOR INTELLIGENT PHYSICAL AGENTS , 2000 .

[18]  Maria Gini,et al.  Temporal Strategies in a Multi-Agent Contracting Protocol , 1997 .

[19]  Bennet S. Yee,et al.  Secure Coprocessors in Electronic Commerce Applications , 1995, USENIX Workshop on Electronic Commerce.

[20]  Maria L. Gini,et al.  Bidtree Ordering in IDA* Combinatorial Auction Winner-Determination with Side Constraints , 2002, AMEC.

[21]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[22]  Makoto Yokoo,et al.  Secure Combinatorial Auctions by Dynamic Programming with Polynomial Secret Sharing , 2002, Financial Cryptography.

[23]  Katia Sycara,et al.  Security infrastructure for software agent society , 2001 .

[24]  Qi He,et al.  Personal security agent: KQML-based PKI , 1998, AGENTS '98.

[25]  Dawn Xiaodong Song,et al.  Secure Auctions in a Publish/Subscribe System , 2000 .

[26]  Maria L. Gini,et al.  A market architecture for multi-agent contracting , 1998, AGENTS '98.