A Factory-based Approach to Support E-commerce Agent Fabrication

With the development of Internet computing and software agent technologies, agent-based e-commerce is emerging. How to create agents for e-commerce applications has become an important issue along the way to success. We propose a factory-based approach to support agent fabrication in e-commerce and elaborate a design based on the SAFER (Secure Agent Fabrication, Evolution & Roaming) framework. The details of agent fabrication, modular agent structure, agent life cycle, as well as advantages of agent fabrication are presented. Product-brokering agent is employed as a practical agent type to demonstrate our design and Java-based implementation

eIDeCert: a user-centric solution for mobile identification

The necessity to certify one's identity for different purposes and the evolution of mobile technologies have led to the generation of electronic devices such as smart cards, and electronic identities designed to meet daily needs. Nevertheless, these mechanisms have a problem: they don't allow the user to set the scope of the information presented. That problem introduces interesting security and privacy challenges and requires the development of a new tool that supports user-centrity for the information being handled. This article presents eIDeCert, a tool for the management of electronic identities (eIDs) in a mobile environment with a user-centric approach. Taking advantage of existing eCert technology we will be able to solve a real problem. On the other hand, the application takes us to the boundary of what the technology can cope with: we will assess how close we are to the boundary, and we will present an idea of what the next step should be to enable us to reach the goal

AMISEC: Leveraging Redundancy and Adaptability to Secure AmI Applications

Security in Ambient Intelligence (AmI) poses too many challenges due to the inherently insecure nature of wireless sensor nodes. However, there are two characteristics of these environments that can be used effectively to prevent, detect, and confine attacks: redundancy and continuous adaptation. In this article we propose a global strategy and a system architecture to cope with security issues in AmI applications at different levels. Unlike in previous approaches, we assume an individual wireless node is vulnerable. We present an agent-based architecture with supporting services that is proven to be adequate to detect and confine common attacks. Decisions at different levels are supported by a trust-based framework with good and bad reputation feedback while maintaining resistance to bad-mouthing attacks. We also propose a set of services that can be used to handle identification, authentication, and authorization in intelligent ambients. The resulting approach takes into account practical issues, such as resource limitation, bandwidth optimization, and scalability

Agent fabrication and its implementation for agent-based electronic commerce

In the last decade, agent-based e-commerce has emerged as a potential role for the next generation of e-commerce. How to create agents for e-commerce applications has become a serious consideration in this field. This paper proposes a new scheme named agent fabrication and elaborates its implementation in multi-agent systems based on the SAFER (Secure Agent Fabrication, Evolution & Roaming) architecture. First, a conceptual structure is proposed for software agents carrying out e-commerce activities. Furthermore, agent module suitcase is defined to facilitate agent fabrication. With these definitions and facilities in the SAFER architecture, the formalities of agent fabrication are elaborated. In order to enhance the security of agent-based e-commerce, an infrastructure of agent authorization and authentication is integrated in agent fabrication. Our implementation and prototype applications show that the proposed agent fabrication scheme brings forth a potential solution for creating agents in agent-based e-commerce applications

A modularized electronic payment system for agent-based e-commerce

With the explosive growth of the Internet, electronic-commerce (e-commerce) is an increasingly important segment of commercial activities on the web. The Secure Agent Fabrication, Evolution & Roaming (SAFER) architecture was proposed to further facilitate e-commerce using agent technology. In this paper, the electronic payment aspect of SAFER will be explored. The Secure Electronic Transaction (SET) protocol and E-Cash were selected as the bases for the electronic payment system implementation. The various modules of the payment system and how they interface with each other are shown. An extensible implementation done using JavaTM will also be elaborated. This application incorporates agent roaming functionality and the ability to conduct e-commerce transactions and carry out intelligent e-payment procedures

A multi-agent architecture for electronic payment

The Internet has brought about innumerable changes to the way enterprises do business. An essential problem to be solved before the widespread commercial use of the Internet is to provide a trustworthy solution for electronic payment. We propose a multi-agent mediated electronic payment architecture in this paper. It is aimed at providing an agent-based approach to accommodate multiple e-payment schemes. Through a layered design of the payment structure and a well-defined uniform payment interface, the architecture shows good scalability. When a new e-payment scheme or implementation is available, it can be plugged into the framework easily. In addition, we construct a framework allowing multiple agents to work cooperatively to realize automation of electronic payment. A prototype has been built to illustrate the functionality of this design. Finally we discuss the security issues

Ontology acquisition and exchange of evolutionary product-brokering agents

Agent-based electronic commerce (e-commerce) has been booming with the development of the Internet and agent technologies. However, little effort has been devoted to exploring the learning and evolving capabilities of software agents. This paper addresses issues of evolving software agents in e-commerce applications. An agent structure with evolution features is proposed with a focus on internal hierarchical knowledge. We argue that knowledge base of agents should be the cornerstone for their evolution capabilities, and agents can enhance their knowledge bases by exchanging knowledge with other agents. In this paper, product ontology is chosen as an instance of knowledge base. We propose a new approach to facilitate ontology exchange among e-commerce agents. The ontology exchange model and its formalities are elaborated. Product-brokering agents have been designed and implemented, which accomplish the ontology exchange process from request to integration

Integrity protection for code-on-demand mobile agents in e-commerce

The mobile agent paradigm has been proposed as a promising solution to facilitate distributed computing over open and heterogeneous networks. Mobility, autonomy, and intelligence are identified as key features of mobile agent systems and enabling characteristics for the next-generation smart electronic commerce on the Internet. However, security-related issues, especially integrity protection in mobile agent technology, still hinder the widespread use of software agents: from the agent’s perspective, mobile agent integrity should be protected against attacks from malicious hosts and other agents. In this paper, we present Code-on-Demand(CoD) mobile agents and a corresponding agent integrity protection scheme. Compared to the traditional assumption that mobile agents consist of invariant code parts, we propose the use of dynamically upgradeable agent code, in which new agent function modules can be added and redundant ones can be deleted at runtime. This approach will reduce the weight of agent programs, equip mobile agents with more flexibility, enhance code privacy and help the recoverability of agents after attack. In order to meet the security challenges for agent integrity protection, we propose agent code change authorization protocols and a double integrity verification scheme. Finally, we discuss the Java implementation of CoD mobile agents and integrity protection

Future wireless applications for a networked city: services for visitors and residents

Future wireless networks will offer near-ubiquitous high-bandwidth communications to mobile users. In addition, the accurate position of users will be known, either through network services or via additional sensing devices such as GPS. These characteristics of future mobile environments will enable the development of location-aware and, more generally, context-sensitive applications. In an attempt to explore the system, application, and user issues associated with the development and deployment of such applications, we began to develop the Lancaster GUIDE system in early 1997, finishing the first phase of the project in 1999. In its entirety, GUIDE comprises a citywide wireless network based on 802.11, a context-sensitive tour guide application with, crucially, significant content, and a set of supporting distributed systems services. Uniquely in the field, GUIDE has been evaluated using members of the general public, and we have gained significant experience in the design of usable context-sensitive applications. We focus on the applications and supporting infrastructure that will form part of GUIDE II, the successor to the GUIDE system. These developments are designed to expand GUIDE outside the tour guide domain, and to provide applications and services for residents of the city of Lancaster, offering a vision of the future mobile environments that will emerge once ubiquitous high-bandwidth coverage is available in most cities

The simplicity project: easing the burden of using complex and heterogeneous ICT devices and services

As of today, to exploit the variety of different "services", users need to configure each of their devices by using different procedures and need to explicitly select among heterogeneous access technologies and protocols. In addition to that, users are authenticated and charged by different means. The lack of implicit human computer interaction, context-awareness and standardisation places an enormous burden of complexity on the shoulders of the final users. The IST-Simplicity project aims at leveraging such problems by: i) automatically creating and customizing a user communication space; ii) adapting services to user terminal characteristics and to users preferences; iii) orchestrating network capabilities. The aim of this paper is to present the technical framework of the IST-Simplicity project. This paper is a thorough analysis and qualitative evaluation of the different technologies, standards and works presented in the literature related to the Simplicity system to be developed