Electronic negotiation and security of information exchanged in e-commerce

In settings such as electronic markets where trading partners have conflicting interests and a desire to cooperate, mobile agent mediated negotiation have become very popular. However, agent-based negotiation in electronic commerce involves the exchange of critical and sensitive data that must be highly safeguarded. Therefore, in order to give benefits of quick and safe trading to the trading partners, an approach that secures the information exchanged between the mobile agents during e-Commerce negotiations is needed. To this end, we discuss an approach that we refer to as Multi-Agent Security NEgotiation Protocol (MASNEP). To show that MASNEP protocol is free of attacks and thus the information exchanged throughout electronic negotiation is truly secured, we provide a formal proof on the correctness of the MASNEP.<br /

Mobile-agent based multi-constraint one-to-many bilateral e-Negotiation framework

The thesis proposes a multi-constraint one-to-many bilateral e-Trade negotiation framework. It deploys mobile agents in negotiation, considers trading competition between vendors and search space, efficiently manages the risk of losing top utility offers that expire before the negotiation deadline, accurately evaluates offers, and truly maintains the security of negotiation data

Agents based e-commerce and securing exchanged information

Mobile agents have been implemented in e-commerce to search and filter information of interest from electronic markets. When the in format ion is very sensitive and critical, it is important to develop a novel security protocol that can efficiently protect the information from malicious tampering as well as unauthorized disclosure or at least detect any malicious act of intruders. In this chapter, we describe robust security techniques that ensure a sound security of information gathered throughout agent\u27s itinerary against various security attacks, as well as truncation attacks. A sound security protocol is described , which implements the various security techniques that would jointly prevent or at least detect any malicious act of intruders. We reason about the soundness of the protocol using Symbolic Trace Analyzer (STA), a formal verification tool that is based on symbolic techniques. We analyze the protocol in key configurations and show that it is free of flaws. We also show that the protocol fulfils the various security requirements of exchanged information in MAS, including data-integrity, data-confidentiality, data authenticity, origin confidentiality and data non-repudiability.<br /

Negotiation strategy for mobile agent-based e-negotiation

Negotiation is a vital component of electronic trading. It is the key decision-making approach used to reach consensus between trading partners. Generally, the trading partners implement various negotiation strategies in an attempt to maximize their utilities. As negotiation strategies have impact on the outcomes of negotiation, it is imperative to have efficient negotiation strategies that truly maximize clients&rsquo; utilities. In this paper, we propose a multi-attribute mobile agent-based negotiation strategy that maximizes client&rsquo;s utility. The strategy focuses on one-to-many bilateral negotiation. It considers different factors that have significant effect on the scheduling of various negotiation phases: offer collection, evaluation, negotiation, and bid settlement. The factors include offers expiry time, market search space, communication delays, processing queues, and transportation times. We reasoned about the correctness of the proposed negotiation strategy with respect to the existing negotiation strategies. The analysis showed that the proposed strategy boosts client&rsquo;s utility, shortens negotiation time, and ensures adequate market search.<br /

Mobile agents security protocols

Mobile agents are expected to run in partially unknown and untrustworthy environments. They transport from one host to another host through insecure channels and may execute on non-trusted hosts. Thus, they are vulnerable to direct security attacks of intruders and non-trusted hosts. The security of information the agents collect is a fundamental requirement for a trusted implementation of electronic business applications and trade negotiations. This chapter discusses the security protocols presented in the literature that aim to secure the data mobile agents gather while searching the Internet, and identifies the security flaws revealed in the protocols. The protocols are analyzed with respect to the security properties, and the security flaws are identified. Two recent promising protocols that fulfill the various security properties are described. The chapter also introduces common notations used in describing security protocols and describes the security properties of the data that mobile agents gather

Security framework for mobile agents-based applications

Mobile agents have been proposed for key applications such as forensics analysis, intrusion detection, e-commerce, and resource management. Yet, they are vulnerable to various security threats by malicious hosts or intruders. Conversely, genuine platforms may run malicious agents. It is essential to establish a truly secure framework for mobile agents to gain trust of clients in the system. Failure to accomplish a trustworthy secured framework for Mobile Agent System (MAS) will limit their deployment into the key applications. This chapter presents a comprehensive taxonomy of various security threats to Mobile Agent System and the existing implemented security mechanisms. Different mechanisms are discussed, and the related security deficiencies are highlighted. The various security properties of the agent and the agent platform are described. The chapter also introduces the properties, advantages, and roles of agents in various applications. It describes the infrastructure of the system and discusses several mobile agent frameworks and the accomplished security level

Strategies for agent-based negotiation in e-trade

&pound;-negotiation handles negotiation over the Internet without human supervision and has shown effectiveness in concluding verifiable and more favorable agreements in a reasonably short time. In this chapter, the authors discuss the negotiation 5ystem and its components with particular emphasis on negotiation strategies. A negotiation strategy defines strategic tactics, which advise on the proper action to select from a set of possible actions that optimizes negotiation outcomes. A strategy should integrate negotiation goals and reactive attitudes. Usually, a fixed strategy is implemented during the course of negotiation regardless ofsignificant decision-makingfactors including market status, opponent :S profile, or eagerness for a negotiated goods/service. The chapter presents the main negotiation strategies and outlines the different decision-makingfactors that should be considered. A strategy uses a utility function to evaluate the offer of an opponent and advises on the generation of a counter offer or the best interaction. The authors finally discuss different utility functions presented in the literature.<br /

A proposed security protocol for data gathering mobile agents

We address the security issue of the data which mobile agents gather as they are traversing the Internet. Our goal is to devise a security protocol that truly secures the data which mobile agents gather. Several cryptographic protocols were presented in the literature asserting the security of gathered data. Formal verification of the protocols reveals unforeseen security flaws, such as truncation or alteration of the collected data, breaching the privacy of the gathered data, sending others data under the private key of a malicious host, and replacing the collected data with data of similar agents. So the existing protocols are not truly secure. We present an accurate security protocol which aims to assert strong integrity, authenticity, and confidentiality of the gathered data. The proposed protocol is derived from the Multi-hops protocol. The protocol suffers from security flaws, e.g. an adversary might truncate/ replace collected data, or sign others data with its own private key without being detected. The proposed protocol refines the Multi-hops protocol by implementing the following security techniques: utilization of co-operating agents, scrambling the gathered offers, requesting a visited host to clear its memory from any data acquired as a result of executing the agent before the host dispatches the agent to the succeeding host in the agent's itinerary, and carrying out verifications on the identity of the genuine initiator at the early execution of the agent at visited hosts, in addition to the verifications upon the agent's return to the initiator. The proposed protocol also implements the common security techniques such as public key encryption, digital signature, etc. The implemented security techniques would rectify the security flaws revealed in the existing protocols. We use STA, an infinite-state exploration tool, to verify the security properties of a reasonably small instance of the proposed protocol in key configurations. The analysis using STA reports no attack. Moreover, we carefully reason the correctness of the security protocol for a general model and show that the protocol would be capable of preventing or at least detecting the attacks revealed in the existing protocols