Evaluation of the Recorded State Mechanism for Protecting Agent Integrity Against Malicious Hosts

Kamalrulnizam Abu Bakar, B. S. Doherty

Abstract


As agent technology is expected to become a possible base platform for an electronic services framework, especially in the area of Electronic Commerce, reliable security protection is a crucial aspect, since some transactions in this area might involve confidential information, such as credit card number, bank account information or some form of digital cash, that has value and might therefore be attacked. In addition, without proper and reliable security protection, the wide spread use of agent technology in real world applications could be impeded. In this paper, evaluation of the Recorded State Mechanism (RSM) previously proposed by the authors is presented. The evaluation examines the RSM security protection and implementation overhead, in order to analyse the RSM security strength and implementation feasibility in real world application.

Keywords


Agent security, Malicious host, Recorded State Mechanism

Full Text:

PDF

References


Abu Bakar, K. and Doherty, B. S. A New Model for Protecting Mobile Agents against Malicious Host. Proceedings of the IADIS International Conference WWW/Internet. IADIS Press, Portugal (2002) 780-784

Abu Bakar, K. and Doherty, B. S. Protecting Mobile Agents Against A Malicious Host Attacks Using Recorded State Mechanism. Proceedings of the 2003 International Conference on Informatics, Cybernetics and Systems. I-Shou University(2003) 396 – 401

Chess, D.M. Security Issues in Mobile Code Systems. G. Vigna(Ed.): Mobile Agents and Security, Vol. 1419. Springer Verlag (1998) 1 – 14

Chess, D.M. and Harrison, C.G. and Kershenbaum, A. Mobile Agents: Are They a Good Idea?. IBM Research Report. IBM Research Division (1995). http://www.research.ibm.com/iagents/publications. html

Corradi, A. and Cremonini, M. and Montanari, R. and Stefanelli, C. Mobile Agents Integrity for Electronic Commerce Application. Information System. Elsevier Science (1999) 519 – 533

Diaz, J. and Gutierrez, D. and Lovelle, J. An Implementation of A Secure Java2-Based Mobile Agent System. Proceedings of The Second International Conference on The Practical Application of Java. Practical Application Company (2000) 125 – 142

Farmer, W.M. and Guttman, J.D. and Swarup, V.: Security for Mobile Agents: Issues and Requirements. Proceedings of the 19th National Information System Security Conference. Baltimore (1996) 591-597

Ford, W. and Baum, M. Secure Electronic Commerce, Ed. 2nd. Prentice Hall (2001)

Guan, X. and Yang, Y. and You, J. POM - A Mobile Agent Security Model against Malicious Hosts. Proceedings of IS & N'99 Spring Verlag (1999) 155 – 167

Hohl, F. A Framework to Protect Mobile Agents by Using Reference States. In: Proceedings of the 20th international conference on distributed computing systems (ICDCS 2000). IEEE Computer Society (2000) 410 – 417
http://dx.doi.org/10.1109/ICDCS.2000.840953

Hohl, F.: Time Limited Blackbox Security: Protecting Mobile Agents from Malicious Hosts. In: G. Vigna (Ed.). Mobile Agent and Security. Lecture Notes in Computer Science, Vol. 1419. Springer- Verlag, Berlin(1998) 92–113
http://dx.doi.org/10.1007/3-540-68671-1_6

Hohl, F. A Model of Attacks of Malicious Hosts Against Mobile Agents. In 4th ECOOP Workshop on Mobile Object Systems (MOS'98): Secure Internet Mobile Computations. (1998) http://mole.informatik.uni-stuttgart.de/papers.html

Hohl, F. An Approach to Solve the Problem of Malicious Hosts. Institute of Parallel and Distributed High-Performance Systems (IPVR), University of Stuttgart, Germany (1997)

Sun Microsystems, Inc. Java 2 Platform Std. Ed. V1.3.1 http://java.sun.com/j2se/ 1.3/docs/api/index. html (2004)

Kun, Y. and Xin, G. and Dayou, L. Security in Mobile Agent System: Problems and Approaches. Operating System Review, Vol. 34, No. 1. ACM (2000) 21 – 28
http://dx.doi.org/10.1145/506128.506131

Reisner, J. and Donkor, E. Protecting Software Agents from Malicious Hosts using Quantum Computing. Proceedings of SPIE - The International Society for Optical Engineering. IEE (2000) 50 – 57
http://dx.doi.org/10.1117/12.391967

Sander, T. and Tschudin, C.: Protecting Mobile Agent Against Malicious Hosts. In: G. Vigna (Ed.). Mobile Agent and Security. Lecture Notes in Computer Science, Vol. 1419. Springer-Verlag, Berlin(1998) 44-60
http://dx.doi.org/10.1007/3-540-68671-1_4

Schneier, S. Applied Cryptography, Ed. 2nd. Wiley & Son (1996)

Vigna, G. Cryptographic Traces for Mobile Agents. In: G. Vigna (Ed.). Mobile Agent and Security. Lecture note in Computer Science, Vol. 1419. Springer Verlag (1998) 137 – 153
http://dx.doi.org/10.1007/3-540-68671-1_8

Wang, T., Guan, S. and Chan, T.: Integrity Protection for Code-on-Demand Mobile Agents in E-Commerce. The Journal of Systems and Software. Elsevier (2002) 211-221




DOI: https://doi.org/10.15837/ijccc.2008.1.2375



Copyright (c) 2017 Kamalrulnizam Abu Bakar, B. S. Doherty

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

CC-BY-NC  License for Website User

Articles published in IJCCC user license are protected by copyright.

Users can access, download, copy, translate the IJCCC articles for non-commercial purposes provided that users, but cannot redistribute, display or adapt:

  • Cite the article using an appropriate bibliographic citation: author(s), article title, journal, volume, issue, page numbers, year of publication, DOI, and the link to the definitive published version on IJCCC website;
  • Maintain the integrity of the IJCCC article;
  • Retain the copyright notices and links to these terms and conditions so it is clear to other users what can and what cannot be done with the  article;
  • Ensure that, for any content in the IJCCC article that is identified as belonging to a third party, any re-use complies with the copyright policies of that third party;
  • Any translations must prominently display the statement: "This is an unofficial translation of an article that appeared in IJCCC. Agora University  has not endorsed this translation."

This is a non commercial license where the use of published articles for commercial purposes is forbiden. 

Commercial purposes include: 

  • Copying or downloading IJCCC articles, or linking to such postings, for further redistribution, sale or licensing, for a fee;
  • Copying, downloading or posting by a site or service that incorporates advertising with such content;
  • The inclusion or incorporation of article content in other works or services (other than normal quotations with an appropriate citation) that is then available for sale or licensing, for a fee;
  • Use of IJCCC articles or article content (other than normal quotations with appropriate citation) by for-profit organizations for promotional purposes, whether for a fee or otherwise;
  • Use for the purposes of monetary reward by means of sale, resale, license, loan, transfer or other form of commercial exploitation;

    The licensor cannot revoke these freedoms as long as you follow the license terms.

[End of CC-BY-NC  License for Website User]


INTERNATIONAL JOURNAL OF COMPUTERS COMMUNICATIONS & CONTROL (IJCCC), With Emphasis on the Integration of Three Technologies (C & C & C),  ISSN 1841-9836.

IJCCC was founded in 2006,  at Agora University, by  Ioan DZITAC (Editor-in-Chief),  Florin Gheorghe FILIP (Editor-in-Chief), and  Misu-Jan MANOLESCU (Managing Editor).

Ethics: This journal is a member of, and subscribes to the principles of, the Committee on Publication Ethics (COPE).

Ioan  DZITAC (Editor-in-Chief) at COPE European Seminar, Bruxelles, 2015:

IJCCC is covered/indexed/abstracted in Science Citation Index Expanded (since vol.1(S),  2006); JCR2018: IF=1.585..

IJCCC is indexed in Scopus from 2008 (CiteScore2018 = 1.56):

Nomination by Elsevier for Journal Excellence Award Romania 2015 (SNIP2014 = 1.029): Elsevier/ Scopus

IJCCC was nominated by Elsevier for Journal Excellence Award - "Scopus Awards Romania 2015" (SNIP2014 = 1.029).

IJCCC is in Top 3 of 157 Romanian journals indexed by Scopus (in all fields) and No.1 in Computer Science field by Elsevier/ Scopus.

 

 Impact Factor in JCR2018 (Clarivate Analytics/SCI Expanded/ISI Web of Science): IF=1.585 (Q3). Scopus: CiteScore2018=1.56 (Q2); Editors-in-Chief: Ioan DZITAC & Florin Gheorghe FILIP.