| With the rapid development of network, the application of internet has already influenced aspects of our lives.The network bring the huge convenience to us also bring some latent unsafe factor to our lives at the same time. Protocol is the communication foundation in the network, how to actualize the security policy by the protocol is an important and basic research topic, particularly in the area of mobile agent system with high level security.A key security problem is how to prevent malicious mobile agent from attacking the mobile agent system. At present, all of mobile agent system authentication protocols on the internet employ the certificate-based public key cryptosystem to solve their related security issues. All authenticated protocol need the certificate to prove the entity's identity, however, the certificate based public key cryptosystem is hard and complicated to maintain.Firstly, we present a new identity-based non-interaction authentication protocol for mobile agent system, by ensuring that the past itinerary (of execution platforms) claimed by the agent is correct mobile agent can be defined whether favorable or not. There are two roles in the protocol: mobile agent and the platform carrying on the mobile agent. Mobile agent can migrates between different execution platforms and choose the next platform automatically. Mobile agent should be authenticated by host machine in two aspects. Initiator authentication: Is the claimed initiator the same as the real initiator? Itinerary authentication: Is the claimed itinerary the same as the real itinerary? After authenticate the mobile agent, the host machine put itself signature in the old route chaining, mobile agent would carry the new information for the authentication next time. This is necessary in order to establish a reasonable level of trust for the agent before granting execution privileges. That enables trust relationships to be formed between agent platforms without actively involving any trusted third party. As a result such achievement can guard against malicious mobile agent right away.Secondly, based on communicating sequential process the protocol is modeled. The rationality of the model is verified by formalized method. Initiator and responder in the model have assigned unique id number and their communication is simulated in using communicating sequential process. In order to make it natural to consider the closely authenticated issues of mobile agent system, we add an intruder in the model and simulate the action the intruder may do. Through one kind of commercial model-checking tool-Failure Divergence Refinement developed by Formal Systems Company, in view of the small system theory, communicating sequential process model of the protocol is executed by the model-checking tool. It has been proved that the protocol is not able to be attacked with the malicious mobile agent who may impact the protocol This protocol can effectively lessen the key size, decrease the times of correspondence, cut down the system cost. According to advantage mentioned above, the protocol is extremely suitable for authentication within the mobile agent system and guarantee the security in the opening network. |
PDF Full Text Request