Integrity protection for code-on-demand mobile agents in e-commerce

The mobile agent paradigm has been proposed as a promising solution to facilitate distributed computing over open and heterogeneous networks. Mobility, autonomy, and intelligence are identified as key features of mobile agent systems and enabling characteristics for the next-generation smart electronic commerce on the Internet. However, security-related issues, especially integrity protection in mobile agent technology, still hinder the widespread use of software agents: from the agent’s perspective, mobile agent integrity should be protected against attacks from malicious hosts and other agents. In this paper, we present Code-on-Demand(CoD) mobile agents and a corresponding agent integrity protection scheme. Compared to the traditional assumption that mobile agents consist of invariant code parts, we propose the use of dynamically upgradeable agent code, in which new agent function modules can be added and redundant ones can be deleted at runtime. This approach will reduce the weight of agent programs, equip mobile agents with more flexibility, enhance code privacy and help the recoverability of agents after attack. In order to meet the security challenges for agent integrity protection, we propose agent code change authorization protocols and a double integrity verification scheme. Finally, we discuss the Java implementation of CoD mobile agents and integrity protection

An active-architecture approach to COTS integration

Commercial off-the-shelf (COTS) software products are increasingly used as standard components within integrated information systems. This creates challenges since both their developers and source code are not usually available, and the ongoing development of COTS cannot be predicted. The ArchWare Framework approach recognises COTS products as part of the ambient environment of an information system and therefore an important part of development is incorporating COTS as effective system components. This integration of COTS components, and the composition of components, is captured by an active architecture model which changes as the system evolves. Indeed the architecture modelling language used enables it to express the monitoring and evolution of a system. This active architecture model is structured using control system principles. By modelling both integration and evolution it can guide the system’s response to both predicted and emergent changes that arise from the use of COTS products.Publisher PDFPeer reviewe

Using ontologies for modeling context-aware services platforms

This paper discusses the suitability of using ontologies for modeling context-aware services platforms. It addresses the directions of research we are following in the WASP (Web Architectures for Services Platforms) project. For this purpose a simple scenario is considered