Evaluation of the Recorded State Mechanism for Protecting Agent Integrity Against Malicious Hosts
AbstractAs agent technology is expected to become a possible base platform for an electronic services framework, especially in the area of Electronic Commerce, reliable security protection is a crucial aspect, since some transactions in this area might involve confidential information, such as credit card number, bank account information or some form of digital cash, that has value and might therefore be attacked. In addition, without proper and reliable security protection, the wide spread use of agent technology in real world applications could be impeded. In this paper, evaluation of the Recorded State Mechanism (RSM) previously proposed by the authors is presented. The evaluation examines the RSM security protection and implementation overhead, in order to analyse the RSM security strength and implementation feasibility in real world application.
 Abu Bakar, K. and Doherty, B. S. Protecting Mobile Agents Against A Malicious Host Attacks Using Recorded State Mechanism. Proceedings of the 2003 International Conference on Informatics, Cybernetics and Systems. I-Shou University(2003) 396 – 401
 Chess, D.M. Security Issues in Mobile Code Systems. G. Vigna(Ed.): Mobile Agents and Security, Vol. 1419. Springer Verlag (1998) 1 – 14
 Chess, D.M. and Harrison, C.G. and Kershenbaum, A. Mobile Agents: Are They a Good Idea?. IBM Research Report. IBM Research Division (1995). http://www.research.ibm.com/iagents/publications. html
 Corradi, A. and Cremonini, M. and Montanari, R. and Stefanelli, C. Mobile Agents Integrity for Electronic Commerce Application. Information System. Elsevier Science (1999) 519 – 533
 Diaz, J. and Gutierrez, D. and Lovelle, J. An Implementation of A Secure Java2-Based Mobile Agent System. Proceedings of The Second International Conference on The Practical Application of Java. Practical Application Company (2000) 125 – 142
 Farmer, W.M. and Guttman, J.D. and Swarup, V.: Security for Mobile Agents: Issues and Requirements. Proceedings of the 19th National Information System Security Conference. Baltimore (1996) 591-597
 Ford, W. and Baum, M. Secure Electronic Commerce, Ed. 2nd. Prentice Hall (2001)
 Guan, X. and Yang, Y. and You, J. POM - A Mobile Agent Security Model against Malicious Hosts. Proceedings of IS & N'99 Spring Verlag (1999) 155 – 167
 Hohl, F. A Framework to Protect Mobile Agents by Using Reference States. In: Proceedings of the 20th international conference on distributed computing systems (ICDCS 2000). IEEE Computer Society (2000) 410 – 417
 Hohl, F.: Time Limited Blackbox Security: Protecting Mobile Agents from Malicious Hosts. In: G. Vigna (Ed.). Mobile Agent and Security. Lecture Notes in Computer Science, Vol. 1419. Springer- Verlag, Berlin(1998) 92–113
 Hohl, F. A Model of Attacks of Malicious Hosts Against Mobile Agents. In 4th ECOOP Workshop on Mobile Object Systems (MOS'98): Secure Internet Mobile Computations. (1998) http://mole.informatik.uni-stuttgart.de/papers.html
 Hohl, F. An Approach to Solve the Problem of Malicious Hosts. Institute of Parallel and Distributed High-Performance Systems (IPVR), University of Stuttgart, Germany (1997)
 Sun Microsystems, Inc. Java 2 Platform Std. Ed. V1.3.1 http://java.sun.com/j2se/ 1.3/docs/api/index. html (2004)
 Kun, Y. and Xin, G. and Dayou, L. Security in Mobile Agent System: Problems and Approaches. Operating System Review, Vol. 34, No. 1. ACM (2000) 21 – 28
 Reisner, J. and Donkor, E. Protecting Software Agents from Malicious Hosts using Quantum Computing. Proceedings of SPIE - The International Society for Optical Engineering. IEE (2000) 50 – 57
 Sander, T. and Tschudin, C.: Protecting Mobile Agent Against Malicious Hosts. In: G. Vigna (Ed.). Mobile Agent and Security. Lecture Notes in Computer Science, Vol. 1419. Springer-Verlag, Berlin(1998) 44-60
 Schneier, S. Applied Cryptography, Ed. 2nd. Wiley & Son (1996)
 Vigna, G. Cryptographic Traces for Mobile Agents. In: G. Vigna (Ed.). Mobile Agent and Security. Lecture note in Computer Science, Vol. 1419. Springer Verlag (1998) 137 – 153
 Wang, T., Guan, S. and Chan, T.: Integrity Protection for Code-on-Demand Mobile Agents in E-Commerce. The Journal of Systems and Software. Elsevier (2002) 211-221
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
ONLINE OPEN ACCES: Acces to full text of each article and each issue are allowed for free in respect of Attribution-NonCommercial 4.0 International (CC BY-NC 4.0.
You are free to:
-Share: copy and redistribute the material in any medium or format;
-Adapt: remix, transform, and build upon the material.
The licensor cannot revoke these freedoms as long as you follow the license terms.
DISCLAIMER: The author(s) of each article appearing in International Journal of Computers Communications & Control is/are solely responsible for the content thereof; the publication of an article shall not constitute or be deemed to constitute any representation by the Editors or Agora University Press that the data presented therein are original, correct or sufficient to support the conclusions reached or that the experiment design or methodology is adequate.