SAFE: Secure-Roaming Agents for E-commerce

The development of the Internet has made a powerful impact on the concept of commerce. E-commerce, a new way to conduct business, is gaining more and more popularity. Despite its rapid growth, there are limitations that hinder the expansion of e-commerce. The primary concern for most people when talking about on-line shopping is security. Due to the open nature of the Internet, personal financial details necessary for on-line shopping can be stolen if sufficient security mechanism is not put in place. How to provide the necessary assurance of security to consumers remains a question mark despite various past efforts. Another concern is the lack of intelligence. The Internet is an ocean of information depository. It is rich in content but lacks the necessary intelligent tools to help one locate the correct piece of information. Intelligent agent, a piece of software that can act on behalf of its owner intelligently, is designed to fill this gap. However, no matter how intelligent an agent is, if it remains on its owner’s machine and does not have any roaming capability, its functionality is limited. With the roaming capability, more security concerns arise. In response to these concerns, SAFE, Secure roaming Agent For E-commerce, is designed to provide secure roaming capability to intelligent agents

Secure agent data integrity shield

In the rapidly expanding field of E-Commerce, mobile agent is the emerging technology that addresses the requirement of intelligent filtering/processing of information. This paper will address the area of mobile agent data integrity protection. We propose the use of Secure Agent Data Integrity Shield (SADIS) as a scheme that protects the integrity of data collected during agent roaming. With the use of a key seed negotiation protocol and integrity protection protocol, SADIS protects the secrecy as well as the integrity of agent data. Any illegal data modification, deletion, or insertion can be detected either by the subsequent host or the agent butler. Most important of all, the identity of each malicious host can be established. To evaluate the feasibility of our design, a prototype has been developed using Java. The result of benchmarking shows improvement both in terms of data and time efficiency

Performance Considerations for an Embedded Implementation of OMA DRM 2

As digital content services gain importance in the mobile world, Digital Rights Management (DRM) applications will become a key component of mobile terminals. This paper examines the effect dedicated hardware macros for specific cryptographic functions have on the performance of a mobile terminal that supports version 2 of the open standard for Digital Rights Management defined by the Open Mobile Alliance (OMA). Following a general description of the standard, the paper contains a detailed analysis of the cryptographic operations that have to be carried out before protected content can be accessed. The combination of this analysis with data on execution times for specific algorithms realized in hardware and software has made it possible to build a model which has allowed us to assert that hardware acceleration for specific cryptographic algorithms can significantly reduce the impact DRM has on a mobile terminal's processing performance and battery life.Comment: Submitted on behalf of EDAA (http://www.edaa.com/

Agent fabrication and its implementation for agent-based electronic commerce

In the last decade, agent-based e-commerce has emerged as a potential role for the next generation of e-commerce. How to create agents for e-commerce applications has become a serious consideration in this field. This paper proposes a new scheme named agent fabrication and elaborates its implementation in multi-agent systems based on the SAFER (Secure Agent Fabrication, Evolution & Roaming) architecture. First, a conceptual structure is proposed for software agents carrying out e-commerce activities. Furthermore, agent module suitcase is defined to facilitate agent fabrication. With these definitions and facilities in the SAFER architecture, the formalities of agent fabrication are elaborated. In order to enhance the security of agent-based e-commerce, an infrastructure of agent authorization and authentication is integrated in agent fabrication. Our implementation and prototype applications show that the proposed agent fabrication scheme brings forth a potential solution for creating agents in agent-based e-commerce applications