Integrity protection for code-on-demand mobile agents in e-commerce

Authors:
Tianhan Wang;Sheng-Uei Guan;Tai Khoon Chan
Affiliations:
Department of Electrical and Computer Engineering, National University of Singapore, 10 Kent Ridge Crescent, Singapore 119260, Singapore;Department of Electrical and Computer Engineering, National University of Singapore, 10 Kent Ridge Crescent, Singapore 119260, Singapore;Department of Electrical and Computer Engineering, National University of Singapore, 10 Kent Ridge Crescent, Singapore 119260, Singapore
Venue:
Journal of Systems and Software
Year:
2002

Citing 8
Cited 3

The Michigan Internet AuctionBot: a configurable auction server for human and software agents

AGENTS '98 Proceedings of the second international conference on Autonomous agents
Intelligent mobile agents for E-commerce: security issues and agent transport

Electronic commerce
Inside the Java Virtual Machine

Inside the Java Virtual Machine
Security Issues in Mobile Agent Technology

FTDCS '99 Proceedings of the 7th IEEE Workshop on Future Trends of Distributed Computing Systems
Security Mechanisms for Using Mobile Agents in Electronic Commerce

SRDS '99 Proceedings of the 18th IEEE Symposium on Reliable Distributed Systems
Mobile software agents: an overview

IEEE Communications Magazine
Mobile agents and security

IEEE Communications Magazine
Electronic commerce: enablers and implications

IEEE Communications Magazine

Mobile agent protection in e-business application: a dynamic adaptability based approach

OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
Advanced mobile agent security models for code integrity and malicious availability check

Journal of Network and Computer Applications
Mobile agent routing based on a two-stage optimization model and a hybrid evolutionary algorithm in wireless sensor networks

ICNC'06 Proceedings of the Second international conference on Advances in Natural Computation - Volume Part II

Quantified Score

Hi-index	0.00

Visualization

Abstract

The mobile agent paradigm has been proposed as a promising solution to facilitate distributed computing over open and heterogeneous networks. Mobility, autonomy, and intelligence are identified as key features of mobile agent systems and enabling characteristics for the next-generation smart electronic commerce on the Internet. However, security-related issues, especially integrity protection in mobile agent technology, still hinder the widespread use of software agents: from the agent's perspective, mobile agent integrity should be protected against attacks from malicious hosts and other agents. In this paper, we present Code-on-Demand (CoD) mobile agents and a corresponding agent integrity protection scheme. Compared to the traditional assumption that mobile agents consist of invariant code parts, we propose the use of dynamically upgradeable agent code, in which new agent function modules can be added and redundant ones can be deleted at runtime. This approach will reduce the weight of agent programs, equip mobile agents with more flexibility, enhance code privacy and help the recoverability of agents after attack. In order to meet the security challenges for agent integrity protection, we propose agent code change authorization protocols and a double integrity verification scheme. Finally, we discuss the Java implementation of CoD mobile agents and integrity protection.