2,015 research outputs found
Migration control for mobile agents based on passport and visa
Research on mobile agents has attracted much attention as this paradigm has demonstrated great potential for the next-generation e-commerce. Proper solutions to security-related problems become key factors in the successful deployment of mobile agents in e-commerce systems. We propose the use of passport and visa (P/V) for securing mobile agent migration across communities based on the SAFER e-commerce framework. P/V not only serves as up-to-date digital credentials for agent-host authentication, but also provides effective security mechanisms for online communities to control mobile agent migration. Protection for mobile agents, network hosts, and online communities is enhanced using P/V. We discuss the design issues in details and evaluate the implementation of the proposed system
Have Usability and Security Trade-offs in Mobile Financial Services (MFS) become Untrustworthy?
The trade-off between Usability and Security has been well researched with various models
proposed on how best to improve Usability without jeopardizing Security and vice visa. Usable
Security has become a key factor in Mobile Financial Services (MFS), the new frontier for mobile
phones utilisation. However, have the compromises gone too far? The trustworthiness of MFS
system has already slowed down new adoption and impacted ongoing security trust issues and
user confidence in spite of potential MFS benefits for its users. To understand this growing lack of
trust with MFS, we need to comprehend the nature of Usable Security in assuring the behaviours of
MFS users and determine the right trade-off to improve trust whilst facilitating future uptake. We
conducted an empirical survey of 698 user’s experience of MFS and here present our findings of
this investigation for further synthesis towards proposing practical control elements to assure
Usable Security in MFS
Dynamics, robustness and fragility of trust
Trust is often conveyed through delegation, or through recommendation. This
makes the trust authorities, who process and publish trust recommendations,
into an attractive target for attacks and spoofing. In some recent empiric
studies, this was shown to lead to a remarkable phenomenon of *adverse
selection*: a greater percentage of unreliable or malicious web merchants were
found among those with certain types of trust certificates, then among those
without. While such findings can be attributed to a lack of diligence in trust
authorities, or even to conflicts of interest, our analysis of trust dynamics
suggests that public trust networks would probably remain vulnerable even if
trust authorities were perfectly diligent. The reason is that the process of
trust building, if trust is not breached too often, naturally leads to
power-law distributions: the rich get richer, the trusted attract more trust.
The evolutionary processes with such distributions, ubiquitous in nature, are
known to be robust with respect to random failures, but vulnerable to adaptive
attacks. We recommend some ways to decrease the vulnerability of trust
building, and suggest some ideas for exploration.Comment: 17 pages; simplified the statement and the proof of the main theorem;
FAST 200
- …