ZHANG Fei,CHEN Zi-chen,XIONG Li

DOI: https://doi.org/10.3969/j.issn.1006-5911.2006.10.012

2006-01-01

Abstract:To improve the performance and network security of collaborative commerce chain system and to deal with shortcomings of existing solution to electronic commerce,Mobile Agent technology was introduced into the modeling of network-based collaborative commerce chain system.Based on Mobile Agent properties,problems of security and network security confronted with Mobile Agent in the transaction process of network-based collaborative commerce chain were analyzed.Finally,a prototype system between the customer Agent and the supplier Agent was used to expatiate security negotiation bargain procedure based on Mobile Agent under the public key infrastructure and certification authority.Research results showed that Agent's submission permit to the supplier server during authentication process could enhance the network bargain security of the collaborative commerce chain system.

TC Ma,SP Li

DOI: https://doi.org/10.1109/clustr.2003.1253356

2003-01-01

Cluster Computing

Abstract:In this paper, an instance-oriented security mechanism is proposed, to attack possible security threats in grid-based mobile agent system. The proposed delegation profile allows application systems to define their own security instances, while it provides mechanisms to delegate one's identity on those instances, instead of on certain hosts, just like the conventional delegation does. This can prevent the delegated host from abusing privileges. By adopting the new delegation profile kernel, a new trust framework is then proposed to enhance the security verification ability and provide more fine-grained authorization to mobile agent platforms.

Tianchi Ma,Shanping Li

DOI: https://doi.org/10.1007/978-3-540-24679-4_153

2004-01-01

Abstract:An instance-oriented security mechanism is proposed to deal with security threats in building a general-purpose mobile agent middleware in Grid environment. The proposed solution imports security instance, which is an encapsulation of one set of authorizations and their validity specifications with respect to the agent's specific code segments, or even the states and requests. Study shows this mechanism can inject large flexibility and scalability into the security framework, and can avoid the inefficiency and potential damages obscuring in a conventional linear delegation model.

Miao-liang ZHU,Yu QIU

2001-01-01

Journal of Computer Research and Development

Abstract:Mobile agent technology is a new distributed computation paradigm. With its potential power, the technology aroused a great interest and experienced a rapid development in the last ten years. Various mobile agent systems were made for different targets and were implemented in different means. It is necessary to explore the current mobile agent systems and to summarize the implementation technologies for further research. In this paper a comprehensive explanation of mobile agent systems is given. First the definition and peculiarities of mobile agents and mobile agent systems are stated. Its advantages are enumerated. Then eight representative mobile agent systems are surveyed and the design issues about mobile agent programming language, mobility, communication, fault tolerance and security are discussed. Finally, the deficiencies and the trends of mobile agent technology are pointed out.

Wei Feng,Yu Qin,Dengguo Feng,Ge Wei,Lihui Xue,Dexian Chang

DOI: https://doi.org/10.1007/978-3-642-38631-2_23

2013-01-01

Abstract:Trusted computing technology can establish trust in the local computer platform by a trusted boot, and can further transfer the trust to a remote verifier through a remote attestation mechanism. However, no standard solution is provided to convey the trust information to users in a friendly manner. Existing methods have no implementation, or need users to buy a specific USB device (an additional purchasing burden for users). To establish user-based trust, we summarize possible solutions and classify the related works according to each solution. After comparing these solutions, we provide a better method “Mobile Trusted Agent (MTA)”, which uses a general mobile device as a reliable medium to establish a secure channel between the local user and the remote verifier. Finally, we have implemented MTA using an ARM SoC device and evaluated the performance of the protocol for secure channel. The evaluation results demonstrate that MTA has high quality and flexibility for building user-based trust.

Xining Li

DOI: https://doi.org/10.1007/978-3-540-72839-9_10

2007-01-01

Abstract:Mobile agent technology offers a new approach to mining information from data sources distributed over the Internet. However, the potential benefits of mobile agents must be weighted against the real security threats. An agent based Distributed Data Mining (DDM) system must cope with exposed data services and insecure communication channels in the Internet to protect the privacy, integrity and availability of agents and distributed resources. In this paper, we present the design of a mobile agent infrastructure for DDM applications and discuss the implementation of security mechanism that has been effectively integrated with the mobile agent virtual machine.

Tao Li,Aiqun Hu

DOI: https://doi.org/10.1007/s10207-014-0266-5

2015-01-01

International Journal of Information Security

Abstract:Due to increasing demands for mobile security, the Trusted Computing Group organized a special group—Mobile Phone Working Group (MPWG) to deal with mobile security specification business. Though MPWG proposes an architecture of trusted mobile platform (TMP), it does not indicate specific technology for TMP. A general method to build a TMP is adopting virtualization method in a system, but it is very resource consuming. In this paper, we propose a new trusted mobile model using Domain Type Enforcement (DTE) to construct a secure surrounding with complete isolation and controlled communication between different entities of the system. The proposed DTE model is composed of two parts: the basic rules of configuring DTE and the system status transition. The former sets up corresponding domains and types of the DTE model, and the latter describes how to maintain security invariants of the systems’ status. Comparing with the conventional virtualization methods, the DTE model-based trusted mobile platform is more efficient and flexible in resource using and also easily realized in a SELinux operating system.

杨博,杨鲲,刘大有

2003-01-01

Journal of Software

Abstract:Mobile Agent technology provides a new means for network management, but it also brings some insecurity factors at the same time. Based on the analysis of the security threats and the corresponding measures that may occur during the policy and mobile agent based network management applications, the MASF (mobile Agent security facility) for network management is presented. MASF supports a wide span of security mechanisms such as storage protection, confidentiality, authentication, integrity, authorization and security log, all these mechanisms are seamlessly integrated to secure the network management. Based on MASF, a practical network management application, inter-domain virtual private network configuration, is developed. Verified by the application, MASF can satisfy with most security requirement of network management.

Zhi Wang,Zhongwen Guo

DOI: https://doi.org/10.1142/9789812702654_0094

2004-01-01

Abstract:As a new computation paradigm, the Mobile Agent (MA) paradigm seems to be a promising technology for developing applications in open, distributed and heterogeneous environments, such as the Internet. Although security is very important for mobile agent system, security has not been pursued in a satisfactory way yet. After discussing the security problems and the existing security technology of mobile agent, a dynamic security adaptation mechanism is presented. Using this mechanism, different security implementations can replace one another base on given security policy dynamically. This mechanism provides a framework with which mobile agents can select security implementation dynamically from different security algorithms implementations to adapt different applications and run time environments on demand. We also draw a distinction between adaptation and non-adaptation. Our solution for dynamic security adaptation provides a concept for exchanging environment dependent security implementation of mobile agents dynamically during runtime. Dynamic security adaptation enhances efficiency of mobile agent in terms of bandwidth and scalability on the premise of ensuring the security of itself

Li Tao,Hu Aiqun

DOI: https://doi.org/10.1109/ncis.2011.129

2011-01-01

Abstract:Mobile services are pervasive in wireless network and are one of the crucial components needed for various applications and services. Security problems related to mobile phones directly influence credibility of these applications and services. Trusted Computing technology provides powerful support for the solution to security issues of mobile device in mobile network. This paper proposes a Holistic Security Service System for mobile network. It consists of a Security Service Provider, a Software Provider and a Mobile Trusted Terminal. A hardware and software solution of trusted mobile device is also proposed, and a trusted software running mechanism based on certificate access control is discussed. Our security analysis and experimental results prove that both the Holistic Security Service System and mobile trusted mechanism can be used in mobile networks.

申永军,史小平,李小青

DOI: https://doi.org/10.3969/j.issn.1008-0570.2009.03.016

2009-01-01

Abstract:With the development of Mobile Agent, the security of Mobile Agent systems becomes one of the important reasons that restrict mobile agent going further. It includes Mobile Agent security and host security. The mobile agent security is one of the most complicated and hard to deal with problems in mobile agent. Focusing on the entrusted executing environment of mobile agent now, using Trust Model of Mobile Agent based on Reputation Computing (TMMARC) to protect the executing environment of mobile agent is proposed. The paper describes the establishment, maintenance, update and management of trust relationships in TMMARC, reputation computing of mobile agent and simple application of TMMARC model in mobile agent.

Xining Li

DOI: https://doi.org/10.5220/0002189500910096

2009-01-01

Abstract:Mobile agents are self-contained processes, dispatched by their principal, roaming the Internet to access data and services, and carrying out their decision-making and problem-solving tasks remotely. Mobile commerce (M-commerce), the traditional E-commerce combined with mobile devices and wireless networks, is likely to become a major business model in the near future. Due to the flexibility and mobility, mobile agent based M-commerce can complement the existing client/server based E-commerce model to enable consumers to conduct business without time and space restrictions. For the purpose of applying mobile agents to various interne applications, we have implemented an experimental mobile agent system infrastructure that provides programming languages and virtual machines, and also integrates security, service discovery and database access functionalities. The goal of this research is to deploy the existing system infrastructure for M-commerce applications. We hope that the proposed research will benefit mobile consumers who wish to access a wide choice of products and services on an anywhere and anytime basis.

Wang Fei,Xia Qingguo

DOI: https://doi.org/10.3969/j.issn.1009-8054.2006.09.038

2006-01-01

Abstract:Based on the analysis of E-Business mode and characteristics of mobile Agent technology, research on the security of E-Business under the unreliable environment based on mobile Agent has been done. The facts of secure E- Business mode and security risk are discussed, and the solutions based on mobile Agent to avoid the risk are given. The conclusion is that, on the aspects of unreliable host and mobile Agent, the secure E-Business based on mobile Agent can be well implemented with multi-measure.

Junqi Zhang,Yan Wang,Vijay Varadharajan

DOI: https://doi.org/10.1109/soca.2007.29

2007-01-01

Abstract:Mobile agent technology and Web service technology compensate each other and play very important roles in e-service applications. The mechanism of Web services technology naturally provides a platform for deploying mobile agent technology. Therefore, the integration of the mobile agent technology and Web Service technology has been actively investigated in recent years. On the other hand, the security issues of the integration system have not drawn much attention. In this paper, we present a new security architecture for the integration of mobile agent and the Web services technology. This architecture provides a new authentication scheme for Web service provider to verify the mobile agent owner's identity by employing an identity-based signature protocol without using the username/password pair, which is infeasible for mobile agent. We also propose a new Web services and mobile agent system confidentiality protocol, which provides an alternative method to current security mechanisms without using certification authorities (CA) based public key infrastructure. With this scheme, it can simplify the key management and reduce the computation load particularly for group-oriented web services. In addition, this scheme also inherently has the non-repudiation property.

ZHANG Yang,CAO Ying-Chun,XIE Li

DOI: https://doi.org/10.3969/j.issn.1002-137X.2005.03.004

2005-01-01

Computer Science

Abstract:Mobile agent is a new kind of network computing paradigm in the field of distributed computing. Because of its distinguished advantages, such as asynchrony,autonomy,mobility,mobile agent is likely to become the dominant approach in network applications. However,with the popu1arity of mobile agent technology,more and more challenges come from those possible security threats in mobile agent systems. Starting from a detailed analysis of these security threats on mobile agent systems,we describe and compare the primary countermeasures for mobile agent security. Some representative mobile agent systems are introduced and their security mechanisms are evaluated.

Abid Khan,Qasim Arshad,Xiamu Niu,Zhang Yong,Muhammad Waqas Anwar

DOI: https://doi.org/10.1007/978-3-642-02617-1_23

2009-01-01

Abstract:Mobile Agents (MAs) are not fully adopted for implementing distributed system especially in e-commerce application. The main reason is the security issues associated with use of MAs. Providing integrity of execution is considered as the most challenging problem in MAs. Mobile agent Graph Head Sealing (MAGHS) is a technique that aims towards providing integrity of execution. This paper discusses the attacks that can be launched against MAGHS technique and how the security properties for MAs data integrity are fulfilled. We try to model the behavior of a malicious host by launching a series of passive attacks against mobile agent and then see to what extent the security properties for mobile agent can be achieved. The experimental results suggest that MAGHS framework can be used to protect the computations results of mobile agents.

Yan Tong,Jian Zhang,Tao Qin

DOI: https://doi.org/10.1145/3028842.3028866

2016-01-01

Abstract:Security mechanism of the mobile agent running platform is very important for mobile agent system operation and stability running. In this paper we mainly focus on the security issues related with the mobile agent running platform and we proposed a cross validation mechanism mixed with encryption algorithm to solve the security problems during the migration and communication of mobile agents. Firstly, we employ the cross-validation mechanism to authenticate the nodes mobile agents will be visiting. Secondly, we employ the hybrid encryption mechanism, which combines the advantages of the symmetric encryption and asymmetric encryption, to encrypt the mobile agents and ensure the transferring process of data. Finally, we employ the EMSSL socket communication method to encrypt the content of transmission, in turn to enhance the security and robustness of the mobile agent system. We implement several experiments in the simulation environment and the experimental results verify the efficiency and accuracy of the proposed methods.

Tao Li,Aiqun Hu

DOI: https://doi.org/10.3969/j.issn.1001-0505.2011.03.016

2011-01-01

Abstract:Based on the theory of trusted computing and by adding mobile trusted module, security service provider and security software to the existing mobile network, the unified security protection system is established to provide security services to users. This scheme efficiently utilizes the functions of operating system, and makes combination of role-based access control with trust authentication. So the trusted chain transmission is accomplished efficiently. Software and courses without legal certificates are unable to run in the protected system so as to ensure the system security. The certificate is totally managed by security service provider and software provider. Experiments of files reading and writing and network access indicate that the scheme may cause a system performance decrease of 6% to 16%. The scheme can be applied in building a high efficiency holistic security system for mobile communications.

Jianwei LIU,Dongxu CHENG,Yan LI

DOI: https://doi.org/10.3969/j.issn.1009-6868.2015.03.004

2015-01-01

Abstract:Aiming at the increasing growth of high security level business requirements for mobile terminal, a high security, trusted computing platform architecture for mobile terminal based on trusted platform module (TPM) trusted chip is proposed. Based on the analysis of expanded architecture for trusted function of a wide variety of current mobile terminals, a software and hardware integration scheme is given. In this scheme, the TPM chip plays a key role in the trusted link of mobile terminal. Furthermore, a prototype platform integrated TPM chip has been designed and used for principle verification of highly secure and trusted attribute of mobile <br> terminal. A key point analysis has been done for this trusted computing platform.

Wei Feng,Yu Qin,Dengguo Feng

DOI: https://doi.org/10.1007/s11235-018-0456-y

2018-01-01

Abstract:This paper presents a new method to enhance the trust of traditional computing device by using the popular mobile phone. We first propose a formal method to analyze the platform trust establishment process based on trusted computing technology, and the formal results reveal possible attack and suggest potential solutions. Then, we design an improved solution, in which the mobile phone is extended to support three trusted computing functions: using mobile phone as a root of trust instead of Trusted Platform Module, as a local investigator to obtain evidences from the local computing platform, and as a trusted agent to build a secure communication channel with an external entity in the remote attestation applications. Finally, to describe the feasibility and efficiency, a prototype of the trusted mobile phone is implemented and evaluated based on an ARM development board.