Electronic negotiation and security of information exchanged in e-commerce

In settings such as electronic markets where trading partners have conflicting interests and a desire to cooperate, mobile agent mediated negotiation have become very popular. However, agent-based negotiation in electronic commerce involves the exchange of critical and sensitive data that must be highly safeguarded. Therefore, in order to give benefits of quick and safe trading to the trading partners, an approach that secures the information exchanged between the mobile agents during e-Commerce negotiations is needed. To this end, we discuss an approach that we refer to as Multi-Agent Security NEgotiation Protocol (MASNEP). To show that MASNEP protocol is free of attacks and thus the information exchanged throughout electronic negotiation is truly secured, we provide a formal proof on the correctness of the MASNEP.<br /

A survey of security issue in multi-agent systems

Multi-agent systems have attracted the attention of researchers because of agents' automatic, pro-active, and dynamic problem solving behaviors. Consequently, there has been a rapid development in agent technology which has enabled us to provide or receive useful and convenient services in a variety of areas such as banking, transportation, e-business, and healthcare. In many of these services, it is, however, necessary that security is guaranteed. Unless we guarantee the security services based on agent-based systems, these services will face significant deployment problems. In this paper, we survey existing work related to security in multi-agent systems, especially focused on access control and trust/reputation, and then present our analyses. We also present existing problems and discuss future research challenges. © Springer Science+Business Media B.V 2011

Developing a security mechanism for software agents

Thesis (Master)--Izmir Institute of Technology, Computer Engineering, Izmir, 2006Includes bibliographical references (leaves: 73-76)Text in English; Abstract: Turkish and Englishx 76 leavesThis thesis proposes a message security solution on multi-agent systems. A general security analysis based on properties of software agents is presented along with an overview of security measures applicable to multi-agent systems. A security design and implementation has been developed to protect communication among agents. And this implementation scheme has been applied to Seagent, a semantic web enabled multi-agent framework. Hence, a set of agent security mechanisms have been adapted for Seagent and have been implemented for message confidentiality, integrity, authentication and nonrepudiation. Then these mechanisms have been tested for communication performance on Seagent

Trusted community : a novel multiagent organisation for open distributed systems

[no abstract

Credibilidade e reputação em agentes inteligentes. Aplicação ao comércio electrónico

Desde o seu aparecimento, a Internet teve um desenvolvimento e uma taxa de crescimento quase exponencial. Os mercados de comércio electrónico têm vindo a acompanhar esta tendência de crescimento, tornando-se cada vez mais comuns e populares entre comerciantes ou compradores/vendedores de ocasião. A par deste crescimento também foi aumentando a complexidade e sofisticação dos sistemas responsáveis por promover os diferentes mercados. No seguimento desta evolução surgiram os Agentes Inteligentes devido à sua capacidade de encontrar e escolher, de uma forma relativamente eficiente, o melhor negócio, tendo por base as propostas e restrições existentes. Desde a primeira aplicação dos Agentes Inteligentes aos mercados de comércio electrónico que os investigadores desta área, têm tentado sempre auto-superar-se arranjando modelos de Agentes Inteligentes melhores e mais eficientes. Uma das técnicas usadas, para a tentativa de obtenção deste objectivo, é a transferência dos comportamentos Humanos, no que toca a negociação e decisão, para estes mesmos Agentes Inteligentes. O objectivo desta dissertação é averiguar se os Modelos de Avaliação de Credibilidade e Reputação são uma adição útil ao processo de negociação dos Agente Inteligentes. O objectivo geral dos modelos deste tipo é minimizar as situações de fraude ou incumprimento sistemático dos acordos realizados aquando do processo de negociação. Neste contexto, foi proposto um Modelo de Avaliação de Credibilidade e Reputação aplicável aos mercados de comércio electrónico actuais e que consigam dar uma resposta adequada o seu elevado nível de exigência. Além deste modelo proposto também foi desenvolvido um simulador Multi-Agente com a capacidade de simular vários cenários e permitir, desta forma, comprovar a aplicabilidade do modelo proposto. Por último, foram realizadas várias experiências sobre o simulador desenvolvido, de forma a ser possível retirar algumas conclusões para o presente trabalho. Sendo a conclusão mais importante a verificação/validação de que a utilização de mecanismos de credibilidade e reputação são uma mais-valia para os mercado de comércio electrónico.Since its emergence, the Internet has had a development and a growth rate almost exponentially. The markets for electronic commerce have been accompanying almost side-by-side this growth trend, becoming increasingly common and popular among traders and occasional buyers/sellers. With this growth, also the complexity and sophistication of the systems has increased. On the following of these developments came the Intelligent Agents due to their ability to find and choose with a relatively efficient form, the best deal, based on the goal objective and existing restrictions. Since the first application of Intelligent Agents for e-commerce markets that researchers in this area are always trying to overcome themselves by developing better and more efficient Intelligent Agents models. One of the techniques used to attempt to achieve this objective, is the transfer of human behavior, when it comes to negotiating and decision, for these Intelligent Agents. The objective of this dissertation is to evaluate if the Evaluation Models of Trust and Reputation are a useful addition to the negotiation process. The main objective of this type of models is to try to minimize the occurrences of frauds or systematic failure to comply with the agreements reached during the negotiation process. In this context, a Model to Assess Credibility and Reputation applicable to the current e-commerce markets was proposed, which should be capable of responding adequately to these markets known for being highly demanding. Other than this model, a Multi-Agent Simulator capable of simulating several scenarios was also developed, thus making it possible to confirm the applicability of the proposed model. Lastly, several experiments were carried out on the developed simulator so that it is possible to draw some conclusions for this work. The most important conclusion is the verification/validation that credibility and reputation mechanisms are an asset to e-commerce markets

Securing open multi-agent systems governed by electronic institutions

One way to build large-scale autonomous systems is to develop an open multi-agent system using peer-to-peer architectures in which agents are not pre-engineered to work together and in which agents themselves determine the social norms that govern collective behaviour. The social norms and the agent interaction models can be described by Electronic Institutions such as those expressed in the Lightweight Coordination Calculus (LCC), a compact executable specification language based on logic programming and pi-calculus. Open multi-agent systems have experienced growing popularity in the multi-agent community and are expected to have many applications in the near future as large scale distributed systems become more widespread, e.g. in emergency response, electronic commerce and cloud computing. A major practical limitation to such systems is security, because the very openness of such systems opens the doors to adversaries for exploit existing vulnerabilities. This thesis addresses the security of open multi-agent systems governed by electronic institutions. First, the main forms of attack on open multi-agent systems are introduced and classified in the proposed attack taxonomy. Then, various security techniques from the literature are surveyed and analysed. These techniques are categorised as either prevention or detection approaches. Appropriate countermeasures to each class of attack are also suggested. A fundamental limitation of conventional security mechanisms (e.g. access control and encryption) is the inability to prevent information from being propagated. Focusing on information leakage in choreography systems using LCC, we then suggest two frameworks to detect insecure information flows: conceptual modeling of interaction models and language-based information flow analysis. A novel security-typed LCC language is proposed to address the latter approach. Both static (design-time) and dynamic (run-time) security type checking are employed to guarantee no information leakage can occur in annotated LCC interaction models. The proposed security type system is then formally evaluated by proving its properties. A limitation of both conceptual modeling and language-based frameworks is difficulty of formalising realistic policies using annotations. Finally, the proposed security-typed LCC is applied to a cloud computing configuration case study, in which virtual machine migration is managed. The secrecy of LCC interaction models for virtual machine management is analysed and information leaks are discussed

Specifying standard security mechanisms in multi-agent systems

Distributed multi-agent systems propose new infrastructure solutions to support the interoperability of electronic services. Security is a central issue for such infrastructures and is compounded by their intrinsic openness, heterogeneity and because of the autonomous and potentially self-interested nature of the agents therein. This article reviews the work that the FIPA agent standards group has undertaken to specify security in multiagent systems. This enables a discussion about the main issues that developers have to face at different levels (i.e., intra-platform, inter-platform and application level) when developing agentbased security solutions in various domains

Mobile-agent based multi-constraint one-to-many bilateral e-Negotiation framework

The thesis proposes a multi-constraint one-to-many bilateral e-Trade negotiation framework. It deploys mobile agents in negotiation, considers trading competition between vendors and search space, efficiently manages the risk of losing top utility offers that expire before the negotiation deadline, accurately evaluates offers, and truly maintains the security of negotiation data