Evaluation of the Recorded State Mechanism for Protecting Agent Integrity Against Malicious Hosts

Authors

  • Kamalrulnizam Abu Bakar Faculty of Computer Science and Information System Universiti Teknologi Malaysia 81310 UTM Skudai Johor D. T. Malaysia
  • B. S. Doherty School of Engineering and Applied Science Aston University Aston Triangle, Birmingham B4 7ET United Kingdom

Keywords:

Agent security, Malicious host, Recorded State Mechanism

Abstract

As agent technology is expected to become a possible base platform for an electronic services framework, especially in the area of Electronic Commerce, reliable security protection is a crucial aspect, since some transactions in this area might involve confidential information, such as credit card number, bank account information or some form of digital cash, that has value and might therefore be attacked. In addition, without proper and reliable security protection, the wide spread use of agent technology in real world applications could be impeded. In this paper, evaluation of the Recorded State Mechanism (RSM) previously proposed by the authors is presented. The evaluation examines the RSM security protection and implementation overhead, in order to analyse the RSM security strength and implementation feasibility in real world application.

References

Abu Bakar, K. and Doherty, B. S. A New Model for Protecting Mobile Agents against Malicious Host. Proceedings of the IADIS International Conference WWW/Internet. IADIS Press, Portugal (2002) 780-784

Abu Bakar, K. and Doherty, B. S. Protecting Mobile Agents Against A Malicious Host Attacks Using Recorded State Mechanism. Proceedings of the 2003 International Conference on Informatics, Cybernetics and Systems. I-Shou University(2003) 396 - 401

Chess, D.M. Security Issues in Mobile Code Systems. G. Vigna(Ed.): Mobile Agents and Security, Vol. 1419. Springer Verlag (1998) 1 - 14

Chess, D.M. and Harrison, C.G. and Kershenbaum, A. Mobile Agents: Are They a Good Idea?. IBM Research Report. IBM Research Division (1995). http://www.research.ibm.com/iagents/publications. html

Corradi, A. and Cremonini, M. and Montanari, R. and Stefanelli, C. Mobile Agents Integrity for Electronic Commerce Application. Information System. Elsevier Science (1999) 519 - 533

Diaz, J. and Gutierrez, D. and Lovelle, J. An Implementation of A Secure Java2-Based Mobile Agent System. Proceedings of The Second International Conference on The Practical Application of Java. Practical Application Company (2000) 125 - 142

Farmer, W.M. and Guttman, J.D. and Swarup, V.: Security for Mobile Agents: Issues and Requirements. Proceedings of the 19th National Information System Security Conference. Baltimore (1996) 591-597

Ford, W. and Baum, M. Secure Electronic Commerce, Ed. 2nd. Prentice Hall (2001)

Guan, X. and Yang, Y. and You, J. POM - A Mobile Agent Security Model against Malicious Hosts. Proceedings of IS & N'99 Spring Verlag (1999) 155 - 167

Hohl, F. A Framework to Protect Mobile Agents by Using Reference States. In: Proceedings of the 20th international conference on distributed computing systems (ICDCS 2000). IEEE Computer Society (2000) 410 - 417 http://dx.doi.org/10.1109/ICDCS.2000.840953

Hohl, F.: Time Limited Blackbox Security: Protecting Mobile Agents from Malicious Hosts. In: G. Vigna (Ed.). Mobile Agent and Security. Lecture Notes in Computer Science, Vol. 1419. Springer- Verlag, Berlin(1998) 92-113 http://dx.doi.org/10.1007/3-540-68671-1_6

Hohl, F. A Model of Attacks of Malicious Hosts Against Mobile Agents. In 4th ECOOP Workshop on Mobile Object Systems (MOS'98): Secure Internet Mobile Computations. (1998) http://mole.informatik.uni-stuttgart.de/papers.html

Hohl, F. An Approach to Solve the Problem of Malicious Hosts. Institute of Parallel and Distributed High-Performance Systems (IPVR), University of Stuttgart, Germany (1997)

Sun Microsystems, Inc. Java 2 Platform Std. Ed. V1.3.1 http://java.sun.com/j2se/ 1.3/docs/api/index. html (2004)

Kun, Y. and Xin, G. and Dayou, L. Security in Mobile Agent System: Problems and Approaches. Operating System Review, Vol. 34, No. 1. ACM (2000) 21 - 28 http://dx.doi.org/10.1145/506128.506131

Reisner, J. and Donkor, E. Protecting Software Agents from Malicious Hosts using Quantum Computing. Proceedings of SPIE - The International Society for Optical Engineering. IEE (2000) 50 - 57 http://dx.doi.org/10.1117/12.391967

Sander, T. and Tschudin, C.: Protecting Mobile Agent Against Malicious Hosts. In: G. Vigna (Ed.). Mobile Agent and Security. Lecture Notes in Computer Science, Vol. 1419. Springer-Verlag, Berlin(1998) 44-60 http://dx.doi.org/10.1007/3-540-68671-1_4

Schneier, S. Applied Cryptography, Ed. 2nd. Wiley & Son (1996)

Vigna, G. Cryptographic Traces for Mobile Agents. In: G. Vigna (Ed.). Mobile Agent and Security. Lecture note in Computer Science, Vol. 1419. Springer Verlag (1998) 137 - 153 http://dx.doi.org/10.1007/3-540-68671-1_8

Wang, T., Guan, S. and Chan, T.: Integrity Protection for Code-on-Demand Mobile Agents in E-Commerce. The Journal of Systems and Software. Elsevier (2002) 211-221

Published

2008-03-01

Most read articles by the same author(s)

Obs.: This plugin requires at least one statistics/report plugin to be enabled. If your statistics plugins provide more than one metric then please also select a main metric on the admin's site settings page and/or on the journal manager's settings pages.