Value exchange systems enabling security and unobservability
Computers and Security
Designing distributed applications with mobile code paradigms
ICSE '97 Proceedings of the 19th international conference on Software engineering
Secure Internet programming: security issues for mobile and distributed objects
Secure Internet programming: security issues for mobile and distributed objects
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Programming and Deploying Java Mobile Agents Aglets
Programming and Deploying Java Mobile Agents Aglets
Mobile Agents: Are They a Good Idea?
MOS '96 Selected Presentations and Invited Papers Second International Workshop on Mobile Object Systems - Towards the Programmable Internet
Tamper resistance: a cautionary note
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
A formal approach to security architectures
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Itinerant Agents for Mobile Computing
IEEE Communications Surveys & Tutorials
Secure Internet programming
DISSECT: DIStribution for SECurity Tool
ISC '01 Proceedings of the 4th International Conference on Information Security
Live forensics framework for wireless sensor nodes using sandboxing
Proceedings of the 6th ACM workshop on QoS and security for wireless and mobile networks
| Hi-index | 0.00 |
The mobile agent paradigm gains ever more acceptance for the creation of distributed applications, particularly in the domain of electronic commerce. In such applications, a mobile agent roams the global Internet in search of services for its owner. One of the problems with this approach is that malicious service providers on the agent's itinerary can access confidential information contained in the agent or tamper with the agent. In this article we identify trust as a major issue in this context and propose a pessimistic approach to trust that tries to prevent malicious behaviour rather than correcting it. The approach relies on a trusted and tamper-resistant hardware device that provides the mobile agent with the means to protect itself. Finally, we show that the approach is not limited to protecting the mobile agents of a user but can also be extended to protect the mobile agents of a trusted third party in order to take full advantage of the mobile agent paradigm.