Secure electronic commerce with mobile agents

Online transactions using mobile agents need secure protocols to help the mobile agents to accomplish the transactions initiated by a client in an electronic commerce. However, the mobile agent could encounter hostile environment. For example, a server may compromise the mobile agent and try to obtain private information of the client. A solution to tackle this issue has been proposed. However, the existing solution is implemented using RSA signatures that result in long signatures and heavy workloads for the mobile agent. Mobile agents will migrate from the client to a server and from one server to other servers in order to accomplish the client?s transaction plan. Therefore, it will be interesting to re-tackle this issue. We present a new scheme for secure transactions using mobile agents in potentially hostile environments. This transaction scheme is implemented by using a new undetachable signature scheme. The new undetachable signature protocol utilizes short signatures, which is desirable for low-bandwidth and efficient mobile communications

SAFE: Secure-Roaming Agents for E-commerce

The development of the Internet has made a powerful impact on the concept of commerce. E-commerce, a new way to conduct business, is gaining more and more popularity. Despite its rapid growth, there are limitations that hinder the expansion of e-commerce. The primary concern for most people when talking about on-line shopping is security. Due to the open nature of the Internet, personal financial details necessary for on-line shopping can be stolen if sufficient security mechanism is not put in place. How to provide the necessary assurance of security to consumers remains a question mark despite various past efforts. Another concern is the lack of intelligence. The Internet is an ocean of information depository. It is rich in content but lacks the necessary intelligent tools to help one locate the correct piece of information. Intelligent agent, a piece of software that can act on behalf of its owner intelligently, is designed to fill this gap. However, no matter how intelligent an agent is, if it remains on its owner’s machine and does not have any roaming capability, its functionality is limited. With the roaming capability, more security concerns arise. In response to these concerns, SAFE, Secure roaming Agent For E-commerce, is designed to provide secure roaming capability to intelligent agents

Secure agent data integrity shield

In the rapidly expanding field of E-Commerce, mobile agent is the emerging technology that addresses the requirement of intelligent filtering/processing of information. This paper will address the area of mobile agent data integrity protection. We propose the use of Secure Agent Data Integrity Shield (SADIS) as a scheme that protects the integrity of data collected during agent roaming. With the use of a key seed negotiation protocol and integrity protection protocol, SADIS protects the secrecy as well as the integrity of agent data. Any illegal data modification, deletion, or insertion can be detected either by the subsequent host or the agent butler. Most important of all, the identity of each malicious host can be established. To evaluate the feasibility of our design, a prototype has been developed using Java. The result of benchmarking shows improvement both in terms of data and time efficiency

Secure e-transactions using mobile agents with agent broker

This paper presents an e-transactions protocol using mobile agents. However, when mobile agents travel to a number of servers for searching optimal purchase for the underlying customer, the mobile codes should be protected. We integrate a secure signature algorithm with the e-transaction algorithm to maintain the security. In addition, an agent broker is involved in the algorithm that will help to reduce the communications among the mobile agents, the customer, and the servers. We have presented security and privacy analysis for the proposed protocol

The system architecture of the Pocket Companion

In the Moby Dick project we design the architecture of a so-called Pocket Companion. It is a small personal portable computer with wireless communication facilities for every day use. The typical use of the Pocket Companion induces a number of requirements concerning security, performance, energy consumption, communication and size. We have shown that these requirements are interrelated and can only be met optimal with one single architecture. The Pocket Companion architecture consists of a central switch with a security module surrounded by several modules. The Pocket Companion is a personal machine. Communication, and particularly wireless communication, is essential for the system to support electronic transactions. Such a system requires a good security infrastructure not only for safeguarding personal data, but also to allow safe (financial) transactions. The integration of a security module in the Pocket Companion architecture provides the basis for a secure environment.\ud Because battery life is limited and battery weight is an important factor for the size and the weight of the Pocket Companion, energy consumption plays a crucial role in the architecture. An important theme of the architecture is: enough performance for minimal energy consumption

Mobile IP: state of the art report

Due to roaming, a mobile device may change its network attachment each time it moves to a new link. This might cause a disruption for the Internet data packets that have to reach the mobile node. Mobile IP is a protocol, developed by the Mobile IP Internet Engineering Task Force (IETF) working group, that is able to inform the network about this change in network attachment such that the Internet data packets will be delivered in a seamless way to the new point of attachment. This document presents current developments and research activities in the Mobile IP area

Proceedings of International Workshop "Global Computing: Programming Environments, Languages, Security and Analysis of Systems"

According to the IST/ FET proactive initiative on GLOBAL COMPUTING, the goal is to obtain techniques (models, frameworks, methods, algorithms) for constructing systems that are flexible, dependable, secure, robust and efficient. The dominant concerns are not those of representing and manipulating data efficiently but rather those of handling the co-ordination and interaction, security, reliability, robustness, failure modes, and control of risk of the entities in the system and the overall design, description and performance of the system itself. Completely different paradigms of computer science may have to be developed to tackle these issues effectively. The research should concentrate on systems having the following characteristics: • The systems are composed of autonomous computational entities where activity is not centrally controlled, either because global control is impossible or impractical, or because the entities are created or controlled by different owners. • The computational entities are mobile, due to the movement of the physical platforms or by movement of the entity from one platform to another. • The configuration varies over time. For instance, the system is open to the introduction of new computational entities and likewise their deletion. The behaviour of the entities may vary over time. • The systems operate with incomplete information about the environment. For instance, information becomes rapidly out of date and mobility requires information about the environment to be discovered. The ultimate goal of the research action is to provide a solid scientific foundation for the design of such systems, and to lay the groundwork for achieving effective principles for building and analysing such systems. This workshop covers the aspects related to languages and programming environments as well as analysis of systems and resources involving 9 projects (AGILE , DART, DEGAS , MIKADO, MRG, MYTHS, PEPITO, PROFUNDIS, SECURE) out of the 13 founded under the initiative. After an year from the start of the projects, the goal of the workshop is to fix the state of the art on the topics covered by the two clusters related to programming environments and analysis of systems as well as to devise strategies and new ideas to profitably continue the research effort towards the overall objective of the initiative. We acknowledge the Dipartimento di Informatica and Tlc of the University of Trento, the Comune di Rovereto, the project DEGAS for partially funding the event and the Events and Meetings Office of the University of Trento for the valuable collaboration