Lianhai Liu,Yujue Wang,Jingwei Zhang,Qing Yang

DOI: https://doi.org/10.1049/joe.2018.5311

2019-01-01

Journal of Engineering

Abstract:The messages in vehicular ad hoc networks (VANET) are vulnerable to attack in the open wireless environment. Group communication in VANET is receiving more attention, which confronts many security issues. First, only users who have passed legal authentication can communicate in the group. The ring signature is an effective solution. In addition, the group membership in the vehicular self-organising network changes rapidly, which leads to dynamic adjustment of group members. It is necessary to consider the computing power and communication capability of each node in the group members. To speed up the authentication process, a roadside unit with more computing power and communication capability than vehicles is selected as the signature agent, which effectively reduces the computational load of vehicles and accelerates the communication throughput. Meanwhile, the computational task and communication overhead have not been well-solved. To address these issues, this paper proposed an efficient proxy ring signature scheme for VANET to achieve higher signature efficiency and lower transmission overhead. The scheme allows both privacy protection and original signer tracing. Security analysis shows that the proposed scheme meets the security requirements of VANET.

Lianhai Liu,Yujue Wang,Jingwei Zhang,Qing Yang

DOI: https://doi.org/10.3390/s19030482

IF: 3.9

2019-01-01

Sensors

Abstract:A vehicular ad hoc network (VANET) is a special mobile ad hoc network that provides vehicle collaborative security applications using intervehicle communication technology. The method enables vehicles to exchange information (e.g., emergency brake). In VANET, there are many vehicle platoon driving scenes, where vehicles with identical attributes (location, organization, etc.) are organized as a group. However, this organization causes the issue of security threats (message confidentiality, identity privacy, etc.) because of an unsafe wireless communication channel. To protect the security and privacy of group communication, it is necessary to design an effective group key agreement scheme. By negotiating a dynamic session secret key using a fixed roadside unit (RSU), which has stronger computational ability than the on-board unit (OBU) equipped on the vehicle, the designed scheme can help to provide more stable communication performance and speed up the encryption and decryption processes. To effectively implement the anonymous authentication mechanism and authentication efficiency, we use a batch authentication scheme and a shared secret key mechanism among the vehicles, RSUs and trusted authority (TA). We design an efficient group secret key agreement scheme, which satisfies the above communication and security requirements, protects the privacy of vehicles, and traces the real identity of the vehicle at a time when it is necessary. Computational analysis shows that the proposed scheme is secure and more efficient than existing schemes.

ZHANG Fei,CHEN Zi-chen,XIONG Li

DOI: https://doi.org/10.3969/j.issn.1006-5911.2006.10.012

2006-01-01

Abstract:To improve the performance and network security of collaborative commerce chain system and to deal with shortcomings of existing solution to electronic commerce,Mobile Agent technology was introduced into the modeling of network-based collaborative commerce chain system.Based on Mobile Agent properties,problems of security and network security confronted with Mobile Agent in the transaction process of network-based collaborative commerce chain were analyzed.Finally,a prototype system between the customer Agent and the supplier Agent was used to expatiate security negotiation bargain procedure based on Mobile Agent under the public key infrastructure and certification authority.Research results showed that Agent's submission permit to the supplier server during authentication process could enhance the network bargain security of the collaborative commerce chain system.

Hung-Min Sun,Bing-Zhe He,Chien-Ming Chen,Tsu-Yang Wu,Chia-Hsien Lin,Huaxiong Wang

DOI: https://doi.org/10.1016/j.ins.2015.01.037

IF: 8.1

2015-01-01

Information Sciences

Abstract:Secure group communication over an untrusted open network is a continuing problem, especially in mobile environments. With the development of 3G networks and mobile computing technology, the number of group-oriented applications is increasing rapidly. Although these applications are convenient, achieving secure group communication to protect user privacy is a major concern. This study presents an authenticated group key agreement protocol for mobile environments. By using certificateless public key cryptography, the protocol reduces the cost of managing the certificates and avoids the key escrow problem. Instead of a fully-trusted server, the protocol uses a semi-trusted server, which helps users communicate but does not learn about the group key. The analytical results indicate that the proposed protocol provides good security in mobile environments.

TC Ma,SP Li

DOI: https://doi.org/10.1109/clustr.2003.1253356

2003-01-01

Cluster Computing

Abstract:In this paper, an instance-oriented security mechanism is proposed, to attack possible security threats in grid-based mobile agent system. The proposed delegation profile allows application systems to define their own security instances, while it provides mechanisms to delegate one's identity on those instances, instead of on certain hosts, just like the conventional delegation does. This can prevent the delegated host from abusing privileges. By adopting the new delegation profile kernel, a new trust framework is then proposed to enhance the security verification ability and provide more fine-grained authorization to mobile agent platforms.

Liu Yi,Wang Yumin

DOI: https://doi.org/10.1360/crad20051211

2005-01-01

Abstract:Mobile agents are software programs that can be autonomously migrated from host to host to fulfill their goals.It also creates significant new security threats from malicious agents and hosts.Route protection is one of them.It is important to protect the routes of a mobile agent if it will visit a list hosts or if it will dispatch some mobile agents to other hosts.Route protections available were analyzed and discussed.After that,a new mobile agents route protection was given using non-commutative associative one-way functions.The analysis shows that this method not only satisfies a set of general security properties for agent route protection,but also has lower computational cost than those existed.

ZHANG Yang,CAO Ying-Chun,XIE Li

DOI: https://doi.org/10.3969/j.issn.1002-137X.2005.03.004

2005-01-01

Computer Science

Abstract:Mobile agent is a new kind of network computing paradigm in the field of distributed computing. Because of its distinguished advantages, such as asynchrony,autonomy,mobility,mobile agent is likely to become the dominant approach in network applications. However,with the popu1arity of mobile agent technology,more and more challenges come from those possible security threats in mobile agent systems. Starting from a detailed analysis of these security threats on mobile agent systems,we describe and compare the primary countermeasures for mobile agent security. Some representative mobile agent systems are introduced and their security mechanisms are evaluated.

Rui Zhang,Wendie Han,Lei Zhang,Lulu Wang,Xinyu Meng

DOI: https://doi.org/10.3390/s23094198

IF: 3.9

2023-04-23

Sensors

Abstract:Mobile ad hoc networks (MANETs) are self-configuring networks of wireless nodes, i.e., mobile devices. Since communications in MANETs occur via wireless channels, it is of significance to secure communications among wireless and mobile nodes. Group key management, as a widely used method for securing group communications, has potentially been used in MANETs for years. Most recently, a secure receiver-unrestricted group key management scheme for MANETs has been proposed, which is used to establish a secure channel among a group of wireless nodes without a trusted dealer, which has some advantages such as eliminating the certificate management problem and receiver restriction. However, a formal security analysis of this scheme is still lacking. Therefore, in this paper, we propose the complete security proof to demonstrate that the scheme satisfies the essential security properties including authentication, message confidentiality, known-key security and dynamic secrecy. We also give a brief discussion about the efficiency of the scheme.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Maryam Mahmoodi,Mohammad Mahmoodi Varnamkhasti

DOI: https://doi.org/10.48550/arXiv.1402.0886

2014-02-04

Cryptography and Security

Abstract:A mobile agent is a software code with mobility which can be move from a computer into another computers through network. The mobile agent paradigm provides many benefits in developments of distributed application at the same time introduce new requirements for security issues with these systems. In this article we present a solution for protection agent from other agents attacks with loging patterns of malicious agent and useing this log for communication. We implemented our resolution by JADE.

董红斌,石纯一

DOI: https://doi.org/10.3969/j.issn.1002-137X.2000.10.026

2000-01-01

Computer Science

Abstract:This article introduces security issues related to mobile agent system and discusses some technical approaches to address the problem.

Aneta Zwierko,Zbigniew Kotulski

DOI: https://doi.org/10.48550/arXiv.cs/0506103

2005-06-29

Cryptography and Security

Abstract:The recent developments in the mobile technology (mobile phones, middleware) created a need for new methods of protecting the code transmitted through the network. The proposed mechanisms not only secure the compiled program, but also the data, that can be gathered during its "journey". The oldest and the simplest methods are more concentrated on integrity of the code itself and on the detection of unauthorized manipulation. Other, more advanced proposals protect not only the code but also the execution state and the collected data. The paper is divided into two parts. The first one is mostly devoted to different methods of securing the code and protecting its integrity; starting from watermarking and fingerprinting, up to methods designed specially for mobile agent systems: encrypted function, cryptographic traces, time limited black-box security, chained-MAC protocol, publicly-verifiable chained digital signatures The second part presents new concept for providing mobile agents with integrity protection, based on a zero-knowledge proof system.

S. P. Liu,Shiyong Zhang,Chengrong Wu

2001-01-01

Ruan Jian Xue Bao/Journal of Software

Abstract:A mobile agent is an executing program that can migrate from one system to another system on behalf of its user. Mobile Agent system is one of the most important and promising directions of distributed computing research. The Security problems of mobile agent system include secure communication between agents and secure transferring of agents between systems, protection of the agents and protecting of the hosts etc. Software wrapper is introduced to build a wrapper-based mobile agent security monitoring framework. It is a very important and necessary complement to all the mobile agent system security frameworks. The principal and architecture of the framework is discussed in detail and at last some directions of research in the future are addressed.

Daojing He,Chun Chen,Maode Ma,Sammy Chan,Jiajun Bu

DOI: https://doi.org/10.1002/dac.1355

2011-01-01

International Journal of Communication Systems

Abstract:SUMMARYPassword‐authenticated group key exchange protocols enable communication parties to establish a common secret key (a session key) by only using short secret passwords. Such protocols have been receiving significant attention. This paper shows some security weaknesses in some recently proposed password‐authenticated group key exchange protocols. Furthermore, a secure and efficient password‐authenticated group key exchange protocol in mobile ad hoc networks is proposed. It only requires constant round to generate a group session key under the dynamic scenario. In other words, the overhead of key generation is independent of the size of a total group. Further, the security properties of our protocol are formally validated by a model checking tool called AVISPA. Security and performance analyses show that, compared with other related group key exchange schemes, the proposed protocol is also efficient for real‐world applications in enhancing the security over wireless communications. Copyright © 2011 John Wiley & Sons, Ltd.

Changwu Wang,Xiuxian Zheng,Yali Si,Wenyuan Liu

2011-01-01

Abstract:Mobile agent is identified as a programming paradigm that allows exible structuring of distributed computation. However, their adoption is largely hampered by the security issues. In this paper, by using environmental key propagation and execution tracing technology, an enhanced-security fair payment protocol based on mobile agent is proposed. This protocol can protect the confidentiality of sensitive payment information carried by mobile agent better than existing ones. At the same time, by ameliorating the using of the theory of cross validation, mobile agent is able to avoid malicious merchant's attack when it validates the product. So the security is enhanced. Moreover, the trusted third patty is offline unless someone is misbehaving or prematurely aborting. © 2011 ISSN 1881-803X.

赵进,袁春风

DOI: https://doi.org/10.3969/j.issn.1000-7024.2004.04.030

2004-01-01

Abstract:An overview of security problems in mobile Agent system is presented. Threats in mobile Agent system include varying attacks to Agents, Agent hosts and communication. The security objectives can be summarized in terms of confidentiality, auth-orization, accountability and availability. Later the security of two dominating mobile Agent programming language: Java and TCL is discussed. A series of measures are also given for countering the identified threats and fulfilling these security objectives.

Kai Sun

2002-01-01

Abstract:In current mobile agent systems, the research of protecting a host from possibly malicious mobile agents has made great progress, but reverse problem, namely protecting the agent from malicious hosts has not. This paper puts forward a scheme that uses JavaCard to provide a secure execution environment. First, attack of agent is analyzed. Then the detailed solution based on JavaCard is given.

Yousra Berguig*,Jalal Laassiri,Sanae Hanaoui,Salah-ddine Krit,,,,

DOI: https://doi.org/10.35940/ijitee.l3438.1081219

2019-10-10

International Journal of Innovative Technology and Exploring Engineering

Abstract:Mobile agent system is a satisfying solution for the implementation and maintenance of applications distributed over large-scale networks, this solution is very used in solving complex problems since they are autonomous, Intelligent, robust and faulttolerant. Mobile agents have the capacity to migrate from one node to another all over the network allowing reduction in communication costs. Although they possess all these advantages, using them in distributed environment increases the threat to mobile agent security and during their mobility they can face different types of attacks such as of attacks like Replay attack, man-in-the-middle attack, Cookie theft attack, Offline password guessing attack, Stolen-verifier attack. In this paper we investigate the security of distributed mobile agent system. We propose a solution based on a secure Elliptic Curve Cryptography (ECC) protocol to ensure mutual authentication and protect the agent from different known attacks. The implementation of the proposed solution is obtained using Java Agent Development Framework (JADE). Also, Binary serialization is used to establish a flexible portability of the agent. Finally, we present security and performance analysis, for our solution to secure mobile agent in distributed systems.

Yong Hao,Yu Cheng,Kui Ren

DOI: https://doi.org/10.1109/glocom.2008.ecp.947

2008-01-01

Abstract:The group signature based security scheme is a promising approach to provision privacy in vehicular ad hoc networks (VANETs). In this paper, we propose a novel distributed key management scheme for group signature based VANETs, which is expected to considerably facilitate the revocation of malicious vehicles, location privacy protection, heterogenous security policies, and maintenance of the system, compared with the centralized key management assumed by the existing group signature schemes. The distributed nature of the proposed scheme is that the road side units (RSUs) will be responsible for distributing group private keys in a localized manner. A brand- new issue induced by the distributed scheme is that the semi-trust RSUs may be compromised. So we develop security protocols for the distributed key management, which are capable of identifying the compromised RSUs and their collusion with the malicious vehicles if any. Details of possible attacks and the corresponding solutions are discussed to demonstrate the performance of the proposed security protocols.

Hao Yin,Yang Wang,Geyong Min,Sebastien Berton,Rui Guo,Chuang Lin

DOI: https://doi.org/10.1002/cpe.1506

2010-01-01

Abstract:Multipath routing can adapt to traffic changes, increase reliability and enhance the Quality of Service support in communication networks. This routing algorithm has been recognized as one of the salient features in Mobile Ad hoc Networks (MANETs). However, existing multipath routing protocols are often practically infeasible due to its security venerability if they suffer from attacks in MANETs, such as repudiation attacks, Denial of Service attacks. In this paper we propose a novel secure multipath routing protocol, referred to as SMRP, and investigate its feasibility and performance. SMRP applies a new heuristic algorithm increasing the number of disjoint paths and a smart authentication mechanism to enhance the security against the attacks in MANETs. The performance results from extensive analysis and experiments show that SMRP can efficiently enhance the security in MANETs while preserving the low overhead of computing and communication. Copyright (C) 2009 John Wiley & Sons, Ltd.

Chen Tianzhou,Huang Yu,Chen Feng,Hu Wei

2006-01-01

Abstract:There are many security defects in existing mobile communication systems, such as unidirectional authentication and cipher key transmission in plaintext. With the expansion of the mobile communication services, the mobile security becomes more and more important, but the existing communication systems can not prevent hostile attacks to supply high-quality service because of their defects in security. To solve these problems, we propose a new Security Architecture for Mobile Communication (SAMC), which employs new authentication protocols, chooses different encryption algorithms for different requirements and implements integrity control mechanism. Good security is developed in an open environment with the collaboration of experts. It has the robust security and the outstanding performance, just a slight and acceptable loss.