Evaluation of the Recorded State Mechanism for Protecting Agent Integrity Against Malicious Hosts
Keywords:
Agent security, Malicious host, Recorded State MechanismAbstract
As agent technology is expected to become a possible base platform for an electronic services framework, especially in the area of Electronic Commerce, reliable security protection is a crucial aspect, since some transactions in this area might involve confidential information, such as credit card number, bank account information or some form of digital cash, that has value and might therefore be attacked. In addition, without proper and reliable security protection, the wide spread use of agent technology in real world applications could be impeded. In this paper, evaluation of the Recorded State Mechanism (RSM) previously proposed by the authors is presented. The evaluation examines the RSM security protection and implementation overhead, in order to analyse the RSM security strength and implementation feasibility in real world application.References
Abu Bakar, K. and Doherty, B. S. A New Model for Protecting Mobile Agents against Malicious Host. Proceedings of the IADIS International Conference WWW/Internet. IADIS Press, Portugal (2002) 780-784
Abu Bakar, K. and Doherty, B. S. Protecting Mobile Agents Against A Malicious Host Attacks Using Recorded State Mechanism. Proceedings of the 2003 International Conference on Informatics, Cybernetics and Systems. I-Shou University(2003) 396 - 401
Chess, D.M. Security Issues in Mobile Code Systems. G. Vigna(Ed.): Mobile Agents and Security, Vol. 1419. Springer Verlag (1998) 1 - 14
Chess, D.M. and Harrison, C.G. and Kershenbaum, A. Mobile Agents: Are They a Good Idea?. IBM Research Report. IBM Research Division (1995). http://www.research.ibm.com/iagents/publications. html
Corradi, A. and Cremonini, M. and Montanari, R. and Stefanelli, C. Mobile Agents Integrity for Electronic Commerce Application. Information System. Elsevier Science (1999) 519 - 533
Diaz, J. and Gutierrez, D. and Lovelle, J. An Implementation of A Secure Java2-Based Mobile Agent System. Proceedings of The Second International Conference on The Practical Application of Java. Practical Application Company (2000) 125 - 142
Farmer, W.M. and Guttman, J.D. and Swarup, V.: Security for Mobile Agents: Issues and Requirements. Proceedings of the 19th National Information System Security Conference. Baltimore (1996) 591-597
Ford, W. and Baum, M. Secure Electronic Commerce, Ed. 2nd. Prentice Hall (2001)
Guan, X. and Yang, Y. and You, J. POM - A Mobile Agent Security Model against Malicious Hosts. Proceedings of IS & N'99 Spring Verlag (1999) 155 - 167
Hohl, F. A Framework to Protect Mobile Agents by Using Reference States. In: Proceedings of the 20th international conference on distributed computing systems (ICDCS 2000). IEEE Computer Society (2000) 410 - 417 http://dx.doi.org/10.1109/ICDCS.2000.840953
Hohl, F.: Time Limited Blackbox Security: Protecting Mobile Agents from Malicious Hosts. In: G. Vigna (Ed.). Mobile Agent and Security. Lecture Notes in Computer Science, Vol. 1419. Springer- Verlag, Berlin(1998) 92-113 http://dx.doi.org/10.1007/3-540-68671-1_6
Hohl, F. A Model of Attacks of Malicious Hosts Against Mobile Agents. In 4th ECOOP Workshop on Mobile Object Systems (MOS'98): Secure Internet Mobile Computations. (1998) http://mole.informatik.uni-stuttgart.de/papers.html
Hohl, F. An Approach to Solve the Problem of Malicious Hosts. Institute of Parallel and Distributed High-Performance Systems (IPVR), University of Stuttgart, Germany (1997)
Sun Microsystems, Inc. Java 2 Platform Std. Ed. V1.3.1 http://java.sun.com/j2se/ 1.3/docs/api/index. html (2004)
Kun, Y. and Xin, G. and Dayou, L. Security in Mobile Agent System: Problems and Approaches. Operating System Review, Vol. 34, No. 1. ACM (2000) 21 - 28 http://dx.doi.org/10.1145/506128.506131
Reisner, J. and Donkor, E. Protecting Software Agents from Malicious Hosts using Quantum Computing. Proceedings of SPIE - The International Society for Optical Engineering. IEE (2000) 50 - 57 http://dx.doi.org/10.1117/12.391967
Sander, T. and Tschudin, C.: Protecting Mobile Agent Against Malicious Hosts. In: G. Vigna (Ed.). Mobile Agent and Security. Lecture Notes in Computer Science, Vol. 1419. Springer-Verlag, Berlin(1998) 44-60 http://dx.doi.org/10.1007/3-540-68671-1_4
Schneier, S. Applied Cryptography, Ed. 2nd. Wiley & Son (1996)
Vigna, G. Cryptographic Traces for Mobile Agents. In: G. Vigna (Ed.). Mobile Agent and Security. Lecture note in Computer Science, Vol. 1419. Springer Verlag (1998) 137 - 153 http://dx.doi.org/10.1007/3-540-68671-1_8
Wang, T., Guan, S. and Chan, T.: Integrity Protection for Code-on-Demand Mobile Agents in E-Commerce. The Journal of Systems and Software. Elsevier (2002) 211-221
Published
Issue
Section
License
ONLINE OPEN ACCES: Acces to full text of each article and each issue are allowed for free in respect of Attribution-NonCommercial 4.0 International (CC BY-NC 4.0.
You are free to:
-Share: copy and redistribute the material in any medium or format;
-Adapt: remix, transform, and build upon the material.
The licensor cannot revoke these freedoms as long as you follow the license terms.
DISCLAIMER: The author(s) of each article appearing in International Journal of Computers Communications & Control is/are solely responsible for the content thereof; the publication of an article shall not constitute or be deemed to constitute any representation by the Editors or Agora University Press that the data presented therein are original, correct or sufficient to support the conclusions reached or that the experiment design or methodology is adequate.
