Design And Implementation Of Security Communication Framework For Mobile Agent Systems

Nowadays, the technology of Mobile Agent has been applied into our lives. And there are some products and platforms which we can choose. For these systems, the communication security is not good enough. Agent programmers should write extra codes to ensure the communication security. The problem of security prevents the application of Mobile Agent. So, the author decided to construct a common security framework for the communication of Mobile Agent.The basis of the Mobile Agent communication security is public-key cryptosystems. It can be used to create Digital Signature and allocate the key. It is Neal Koblitz and Victor Miller who gived the idea that create public-key cryptosystems with elliptic curves in 1985. Elliptic curve cryptosystems (ECC) is the strongest public-key cryptosystems with the same key length. The best method to calculate the values of pertain discrete logarithm is Pollard-rho. It is a resonable resolution to apply ECC to the communication of Mobile Agent. We can encrypte the channel using AES, and sign the digest of the message with ECDSA. Thus we get the Data Confidentiality, Data Integrity and Non-repudiation. According this idea, we give the common security framework: agentSec.AgentSec is an add-in component which can be added into most Mobile Agent systems based in JAVA. By using agentSec, customers will get the services of Data Confidentiality, Data Integrity and Non-repudiation. At the same time, agentSec can defence the Sniffing Attack, Tamper Attack, Man in the Middle Attack and Replay Attack. ECC is the core of agentSec. AgentSec have high communication efficiency because ECC give the same security in lower key length.There are six chapters in this paper. Chapter 1 gives the research objectives and relative researches. Chapter 1 gives the introduction of Mobile Agent and its security. Chapter 3 gives the framework of agentSec. Chapter 4 gives the implementation of agentSec in JAVA platform. Chapter 5 gives the test of agentSec. Chapter 6 gives the sum of the paper and the direction of the later research.