Verifiable Distributed Oblivious Transfer and Mobile Agent Security

The mobile agent is a fundamental building block of the mobile computing paradigm. In mobile agent security, oblivious transfer (OT) from a trusted party can be used to protect the agent's privacy and the hosts' privacy. In this paper, we introduce a new cryptographic primitive called Verifiable Distributed Oblivious Transfer (VDOT), which allows us to replace a single trusted party with a group of threshold trusted servers. The design of VDOT uses two novel techniques, consistency verification of encrypted secret shares and consistency verification through re-randomization. VDOT protects the privacy of both the sender and the receiver against malicious attacks of the servers. We also show the design of a system to apply VDOT to protect the privacy of mobile agents. Our design partitions an agent into the general portion and the security-sensitive portion. We also implement the key components of our system. As far as we know, this is the first e#ort to implement a system that protects the privacy of mobile agents. Our preliminary evaluation shows that protecting mobile agents not only is possible, but also can be implemented e#ciently

A Risk And Trust Security Framework For The Pervasive Mobile Environment

A pervasive mobile computing environment is typically composed of multiple fixed and mobile entities that interact autonomously with each other with very little central control. Many of these interactions may occur between entities that have not interacted with each other previously. Conventional security models are inadequate for regulating access to data and services, especially when the identities of a dynamic and growing community of entities are not known in advance. In order to cope with this drawback, entities may rely on context data to make security and trust decisions. However, risk is introduced in this process due to the variability and uncertainty of context information. Moreover, by the time the decisions are made, the context data may have already changed and, in which case, the security decisions could become invalid.With this in mind, our goal is to develop mechanisms or models, to aid trust decision-making by an entity or agent (the truster), when the consequences of its decisions depend on context information from other agents (the trustees). To achieve this, in this dissertation, we have developed ContextTrust a framework to not only compute the risk associated with a context variable, but also to derive a trust measure for context data producing agents. To compute the context data risk, ContextTrust uses Monte Carlo based method to model the behavior of a context variable. Moreover, ContextTrust makes use of time series classifiers and other simple statistical measures to derive an entity trust value.We conducted empirical analyses to evaluate the performance of ContextTrust using two real life data sets. The evaluation results show that ContextTrust can be effective in helping entities render security decisions

Verifiable distributed oblivious transfer and mobile agent security. DialM-POMC 2003

The mobile agent is a fundamental building block of the mobile computing paradigm. In mobile agent security, oblivioustransfer(OT)fromatrustedpartycanbeusedtoprotect the agent’s privacy and the hosts ’ privacy. In this paper, we introduce a new cryptographic primitive called Verifiable Distributed Oblivious Transfer (VDOT), which allows us to replace a single trusted party with a group of threshold trusted servers. The design of VDOT uses two novel techniques, consistency verification of encrypted secret shares and consistency verification through re-randomization. VDOT protects the privacy of both the sender and the receiver against malicious attacks of the servers. We also show the designofasystemtoapplyVDOTtoprotecttheprivacy of mobile agents. Our design partitions an agent into the general portion and the security-sensitive portion. We also implement the key components of our system. As far as we know, this is the first effort to implement a system that protects the privacy of mobile agents. Our preliminary evaluation shows that protecting mobile agents not only is possible, but also can be implemented efficiently