Font Size: a A A

Study On Several Security Issues Of Mobile Agents Technology

Posted on:2006-09-05Degree:DoctorType:Dissertation
Country:ChinaCandidate:Y LiuFull Text:PDF
GTID:1118360182460106Subject:Cryptography
Abstract/Summary:PDF Full Text Request
Mobile agents are autonomous software entities that are able to migrate across different execution environments. Mobility and autonomy make permanent connections unnecessary. Mobile agents architecture can bring many potential benefits such as great flexibility and improved performance into distributed systems. Therefore, they are believed to be playing an important role in future electronic commerce systems. However, mobile agents also create many significant new security threats from malicious agents and hosts. These security issues have been regarded as the one of obstacles for application of mobile agent.In this thesis, we discuss mobile agent's sequence itinerary protection, robust route, flexible itinerary protection, computation results protection and mobile agent's application in electronic commerce. The main contributions are as follows.1. We present an effective sequence itinerary protection of mobile agents. Based on atomic encryptions and signatures, the protocol use hash function to accomplish route protection. Its security and computational overhead are analyzed in detail. The results show that the protocol satisfies a set of general security properties for mobile agents route protection and reduces the computational cost of route protection too(n) compared with the one based on nested encryptions.After that, we give a secure and robust route for mobile agents. The protocol can make mobile agents bypass unreachable hosts and continue to finish the task of owner while secure environments existed in hosts to generate mobile agents are not required.2. We propose two protocols to protect mobile agent's flexible itinerary, including alternative itinerary and set itinerary. Compared with Mir J's methods, the only protocols existed to protect flexible route, our protocols have lower computational cost for both agent's owner and hosts. In addition, the set route protection given removes the assumption that there must be a trusted third party before "set" hosts, so it has greater flexibility.3. We analyze Josep D.F's two route protections which are suitable for twospecial environments and point out that both the two solutions can not resist the collusion of hosts. Based on them, we propose two improved solutions which not only keep the properties of Josep's methods but also can resist the collusion attack.4. We study how to protect the computational results of free-roaming agents and analyze the advantages and disadvantages of the existed solutions. We point out that an assumption existed in these methods limit the mobile agent's flexibility: the mobile agent can pass a host only once, it must not visit the same host more times. Then we present an improved method which removes the assumption.5. We propose a payment protocol based on mobile agents. The performances of the protocol, including security, non-repudiation and efficiency, are analyzed and discussed in detail. The results show that, compared with the existed method, the proposed protocol has better flexibility, better security, non-repudiation and proper efficiency.Based on RSA scheme and the theory of cross validation, we present a new payment protocol which has following features: (1) protecting the confidentiality of sensitive payment information from spying by malicious hosts;(2) allowing agent to verify that the product that he is about to receive is the one he is paying for;(3) using a trusted third party in a minimal way: the trusted third party is offline unless a problem occurs such as someone misbehaving or prematurely aborting.
Keywords/Search Tags:Mobile Agent, Sequence Itinerary Protection, Robust route, Flexible Itinerary Protection, Computation Results Protection
PDF Full Text Request
Related items