Evaluation of the Recorded State Mechanism for Protecting Agent Integrity Against Malicious Hosts

  • Kamalrulnizam Abu Bakar Faculty of Computer Science and Information System Universiti Teknologi Malaysia 81310 UTM Skudai Johor D. T. Malaysia
  • B. S. Doherty School of Engineering and Applied Science Aston University Aston Triangle, Birmingham B4 7ET United Kingdom

Abstract

As agent technology is expected to become a possible base platform for an electronic services framework, especially in the area of Electronic Commerce, reliable security protection is a crucial aspect, since some transactions in this area might involve confidential information, such as credit card number, bank account information or some form of digital cash, that has value and might therefore be attacked. In addition, without proper and reliable security protection, the wide spread use of agent technology in real world applications could be impeded. In this paper, evaluation of the Recorded State Mechanism (RSM) previously proposed by the authors is presented. The evaluation examines the RSM security protection and implementation overhead, in order to analyse the RSM security strength and implementation feasibility in real world application.

References

[1] Abu Bakar, K. and Doherty, B. S. A New Model for Protecting Mobile Agents against Malicious Host. Proceedings of the IADIS International Conference WWW/Internet. IADIS Press, Portugal (2002) 780-784

[2] Abu Bakar, K. and Doherty, B. S. Protecting Mobile Agents Against A Malicious Host Attacks Using Recorded State Mechanism. Proceedings of the 2003 International Conference on Informatics, Cybernetics and Systems. I-Shou University(2003) 396 – 401

[3] Chess, D.M. Security Issues in Mobile Code Systems. G. Vigna(Ed.): Mobile Agents and Security, Vol. 1419. Springer Verlag (1998) 1 – 14

[4] Chess, D.M. and Harrison, C.G. and Kershenbaum, A. Mobile Agents: Are They a Good Idea?. IBM Research Report. IBM Research Division (1995). http://www.research.ibm.com/iagents/publications. html

[5] Corradi, A. and Cremonini, M. and Montanari, R. and Stefanelli, C. Mobile Agents Integrity for Electronic Commerce Application. Information System. Elsevier Science (1999) 519 – 533

[6] Diaz, J. and Gutierrez, D. and Lovelle, J. An Implementation of A Secure Java2-Based Mobile Agent System. Proceedings of The Second International Conference on The Practical Application of Java. Practical Application Company (2000) 125 – 142

[7] Farmer, W.M. and Guttman, J.D. and Swarup, V.: Security for Mobile Agents: Issues and Requirements. Proceedings of the 19th National Information System Security Conference. Baltimore (1996) 591-597

[8] Ford, W. and Baum, M. Secure Electronic Commerce, Ed. 2nd. Prentice Hall (2001)

[9] Guan, X. and Yang, Y. and You, J. POM - A Mobile Agent Security Model against Malicious Hosts. Proceedings of IS & N'99 Spring Verlag (1999) 155 – 167

[10] Hohl, F. A Framework to Protect Mobile Agents by Using Reference States. In: Proceedings of the 20th international conference on distributed computing systems (ICDCS 2000). IEEE Computer Society (2000) 410 – 417
http://dx.doi.org/10.1109/ICDCS.2000.840953

[11] Hohl, F.: Time Limited Blackbox Security: Protecting Mobile Agents from Malicious Hosts. In: G. Vigna (Ed.). Mobile Agent and Security. Lecture Notes in Computer Science, Vol. 1419. Springer- Verlag, Berlin(1998) 92–113
http://dx.doi.org/10.1007/3-540-68671-1_6

[12] Hohl, F. A Model of Attacks of Malicious Hosts Against Mobile Agents. In 4th ECOOP Workshop on Mobile Object Systems (MOS'98): Secure Internet Mobile Computations. (1998) http://mole.informatik.uni-stuttgart.de/papers.html

[13] Hohl, F. An Approach to Solve the Problem of Malicious Hosts. Institute of Parallel and Distributed High-Performance Systems (IPVR), University of Stuttgart, Germany (1997)

[14] Sun Microsystems, Inc. Java 2 Platform Std. Ed. V1.3.1 http://java.sun.com/j2se/ 1.3/docs/api/index. html (2004)

[15] Kun, Y. and Xin, G. and Dayou, L. Security in Mobile Agent System: Problems and Approaches. Operating System Review, Vol. 34, No. 1. ACM (2000) 21 – 28
http://dx.doi.org/10.1145/506128.506131

[16] Reisner, J. and Donkor, E. Protecting Software Agents from Malicious Hosts using Quantum Computing. Proceedings of SPIE - The International Society for Optical Engineering. IEE (2000) 50 – 57
http://dx.doi.org/10.1117/12.391967

[17] Sander, T. and Tschudin, C.: Protecting Mobile Agent Against Malicious Hosts. In: G. Vigna (Ed.). Mobile Agent and Security. Lecture Notes in Computer Science, Vol. 1419. Springer-Verlag, Berlin(1998) 44-60
http://dx.doi.org/10.1007/3-540-68671-1_4

[18] Schneier, S. Applied Cryptography, Ed. 2nd. Wiley & Son (1996)

[19] Vigna, G. Cryptographic Traces for Mobile Agents. In: G. Vigna (Ed.). Mobile Agent and Security. Lecture note in Computer Science, Vol. 1419. Springer Verlag (1998) 137 – 153
http://dx.doi.org/10.1007/3-540-68671-1_8

[20] Wang, T., Guan, S. and Chan, T.: Integrity Protection for Code-on-Demand Mobile Agents in E-Commerce. The Journal of Systems and Software. Elsevier (2002) 211-221
Published
2008-03-01
How to Cite
ABU BAKAR, Kamalrulnizam; DOHERTY, B. S.. Evaluation of the Recorded State Mechanism for Protecting Agent Integrity Against Malicious Hosts. INTERNATIONAL JOURNAL OF COMPUTERS COMMUNICATIONS & CONTROL, [S.l.], v. 3, n. 1, p. 60-68, mar. 2008. ISSN 1841-9844. Available at: <http://univagora.ro/jour/index.php/ijccc/article/view/2375>. Date accessed: 05 july 2020. doi: https://doi.org/10.15837/ijccc.2008.1.2375.

Keywords

Agent security, Malicious host, Recorded State Mechanism