An Agent-Based Secure Internet Payment System for Mobile Computing
TREC '98 Proceedings of the International IFIP/GI Working Conference on Trends in Distributed Systems for Electronic Commerce
Time Limited Blackbox Security: Protecting Mobile Agents From Malicious Hosts
Mobile Agents and Security
Protecting Mobile Agents Against Malicious Hosts
Mobile Agents and Security
Secure Electronic Commerce: Custom Vc Online
Secure Electronic Commerce: Custom Vc Online
A Secure Agent-Mediated Payment Protocol
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
A secure method for signature delegation to mobile agents
Proceedings of the 2004 ACM symposium on Applied computing
Autonomous mobile agent based fair exchange
Computer Networks: The International Journal of Computer and Telecommunications Networking
Secure route structures for parallel mobile agents based systems using fast binary dispatch
Mobile Information Systems
A study of securing route structures for mobile agents dispatched in parallel
International Journal of Web Engineering and Technology
Autonomous mobile agent based fair exchange
Computer Networks: The International Journal of Computer and Telecommunications Networking
Adaptation of agent-based non-repudiation protocol to mobile digital right management (DRM)
Expert Systems with Applications: An International Journal
IWDW'04 Proceedings of the Third international conference on Digital Watermarking
A survey on mobile digital signature models
Proceedings of the 12th International Conference on Electronic Commerce: Roadmap for the Future of Electronic Business
Hi-index | 0.00 |
Security issues related to the usage of mobile agents in performing operations to which their owners have to be bound, such as payments, are of utmost importance if this kind of agents are to be used in electronic commerce. If this binding is achieved by means of digital signature techniques, this means agents have to carry the owner's private key to the host where they sign documents. This exposes the key to attacks because it is copied outside a protected environment. In this paper, we present a mechanism, called proxy certificates, that avoids the need for the agent to have access to the user's private key for digitally signing documents, but still binds the owner to the contents of those documents. In order to support our claims, we apply the mechanism to SET/A, an agent-based payment system we proposed in previous work. We also analyze the emerging technology of attribute certificates and argue that it is appropriate to implement proxy certificates.