Abstract
This article investigates if and how mobile agents can execute secure electronic transactions on untrusted hosts. An overview of the security issues of mobile agents is first given. The problem of untrusted (i.e., potentially malicious) hosts is one of these issues, and appears to be the most difficult to solve. The current approaches to counter this problem are evaluated, and their relevance for secure electronic transactions is discussed. In particular, a state-of-the-art survey of mobile agent-based secure electronic transactions is presented.
- Algesheimer, J., Cachin, C., Camenisch, J., and Karjoth, G. 2001. Cryptographic security for mobile code. In Proceedings of the IEEE Symposium on Security and Privacy (S&P 2001), 2--11.]] Google ScholarDigital Library
- Asokan, N., Tsudik, G., and Waidner, M. 1997. Server-supported signatures. J. Comput. Sec. 5, 1, 91--108.]] Google ScholarDigital Library
- Aucsmith, D. 1996. Tamper resistant software: An implementation. In Proceedings of the Information Hiding Workshop '96, R. Anderson, Ed., Springer-Verlag, New York, 317--333.]] Google ScholarDigital Library
- Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S., and Yang, K. 2001. On the (im)possibility of obfuscating programs. In Advances in Cryptology---CRYPTO 2001, J. Kilian, Ed., Lecture Notes in Computer Science, vol. 2139, Springer-Verlag, New York, 1--18.]] Google ScholarDigital Library
- Bellare, M. and Miner, S. K. 1999. A forward-secure digital signature scheme. In Advances in Cryptology---CRYPTO'99, M. Wiener, Ed., Lecture Notes in Computer Science, vol. 1666, Springer-Verlag, New York, 431--448.]] Google ScholarDigital Library
- Bellovin, S. M. 1989. Security problems in the TCP/IP protocol suite. Comput. Commun. Rev. 19, 2 (April), 32--48.]] Google ScholarDigital Library
- Berkovits, S., Guttman, J. D., and Swarup, V. 1998. Authentication for mobile agents. In Mobile Agents and Security, G. Vigna, Ed. Lecture Notes in Computer Science, vol. 1419, Springer-Verlag, New York, 114--136.]] Google ScholarDigital Library
- Biehl, I., Meyer, B., and Wetzel, S. 1998. Ensuring the integrity of agent-based computations by short proofs. In Proceedings of the Second International Workshop on Mobile Agents, K. Rothermel and F. Hohl, Eds., Lecture Notes in Computer Science, vol. 1477, Springer-Verlag, New York, 183--194.]] Google ScholarDigital Library
- Binder, W. 1999. J-Seal2---A secure high-performance mobile agent system. In Proceedings of the Workshop on Agents in Electronic Commerce, Y. Ye and J. Liu, Eds., 141--150.]]Google Scholar
- Borselius, N., Mitchell, C. J., and Wilson, A. 2001a. On mobile agent based transactions in moderately hostile environments. In Advances in Network and Distributed Systems Security---Proceedings of IFIP I-NetSec'01, B. De Decker, F. Piessens, J. Smits, and E. Van Herreweghen, Eds., Kluwer Academic, Hingham, MA, 173--186.]] Google ScholarDigital Library
- Borselius, N., Mitchell, C. J., and Wilson, A. 2001b. Undetachable threshold signatures. In Proceedings of the Eighth IMA International Conference on Cryptography and Coding, B. Honary, Ed., Lecture Notes in Computer Science, vol. 2260, Springer-Verlag, New York, 239--244.]] Google ScholarDigital Library
- Cachin, C., Camenisch, J., Kilian, J., and Müller, J. 2000. One-round secure computation and secure autonomous mobile agents. In Proceedings of the 27th International Colloquium on Automata, Languages and Programming (ICALP), U. Montanari, J. D. P. Rolim, and E. Welzl, Eds., Lecture Notes in Computer Science, vol. 1853. Springer-Verlag, New York, 512--523.]] Google ScholarDigital Library
- Chess, D. M. 1998. Security issues in mobile code systems. In Mobile Agents and Security, G. Vigna, Ed., Lecture Notes in Computer Science, vol. 1419, Springer-Verlag, New York, 1--14.]] Google ScholarDigital Library
- Chess, D. M., Grosof, B., Harrison, C. G., Levine, D., Parris, C., and Tsudik, G. 1995. Itinerant agents for mobile computing. IBM Res. Rep. RC 20010.]]Google Scholar
- Chess, D. M., Harrison, C. G., and Kershenbaum, A. 1997. Mobile agents: Are they a good idea? In Proceedings of the Second International Workshop on Mobile Object Systems: Towards the Programmable Internet, J. Vitek and C. Tschudin, Eds., Lecture Notes in Computer Science, vol. 1222, Springer-Verlag, New York, 25--45.]] Google ScholarDigital Library
- Claessens, J., Preneel, B., and Vandewalle, J. 2001. Secure communication for secure agent-based electronic commerce. In E-Commerce Agents: Marketplace Solutions, Security Issues, and Supply and Demand, J. Liu and Y. Ye, Eds., Lecture Notes in Computer Science, vol. 2033, Springer-Verlag, New York, 180--190.]] Google ScholarDigital Library
- Cramer, R. 1999. Introduction to secure computation. In Lectures on Data Security---Modern Cryptology in Theory and Practice, I. Damgård, Ed., Lecture Notes in Computer Science, vol. 1561, Springer-Verlag, New York, 16--62.]] Google ScholarDigital Library
- Das, A. and Gongxuan, Y. 2001. A secure payment protocol using mobile agents in an untrusted host environment. In Electronic Commerce Technologies---Proceedings of the Second International Symposium, ISEC 2001, W. Kou, Y. Yesha, and C. J. Tan, Eds., Lecture Notes in Computer Science, vol. 2040, Springer-Verlag, New York, 33--41.]] Google ScholarDigital Library
- de Carvalho Ferreira, L. and Dahab, R. 2001. Blinded-key signatures: Securing private keys embedded in mobile agents. Tech. Rep., Institute of Computing, University of Campinas, Brazil.]]Google Scholar
- De Decker, B., Piessens, F., Van Hoeymissen, E., and Neven, G. 2000. Semi-trusted hosts and mobile agents: Enabling secure distributed computations. In Proceedings of the Second International Workshop on Mobile Agents for Telecommunication Applications, E. Horlait, Ed., Lecture Notes in Computer Science, vol. 1931, Springer-Verlag, New York, 219--232.]] Google ScholarDigital Library
- Dierks, T. and Allen, C. 1999. The TLS Protocol Version 1.0. IETF Request for Comments, RFC 2246.]] Google ScholarDigital Library
- Doraswamy, N. and Harkins, D. 1999. IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks. Prentice-Hall, Englewood Cliffs, NJ.]] Google ScholarDigital Library
- Eastlake, D., Reagle, J., and Solo, D. 2002. XML-Signature syntax and processing. W3C Recommendation.]]Google Scholar
- Farmer, W. M., Guttman, J. D., and Swarup, V. 1996b. Security for mobile agents: Authentication and state appraisal. In Proceedings of the Fourth European Symposium on Research in Computer Security (ESORICS), E. Bertino, H. Kurth, G. Martella, and E. Montolivo, Eds., Lecture Notes in Computer Science, vol. 1146, Springer-Verlag, New York, 118--130.]] Google ScholarDigital Library
- Farmer, W. M., Guttman, J. D., and Swarup, V. 1996a. Security for mobile agents: Issues and requirements. In Proceedings of the Nineteenth National Information Systems Security Conference.]]Google Scholar
- Goldreich, O., Pfitzmann, B., and Rivest, R. L. 1998. Self-delegation with controlled propagation---or---What if you lose your laptop. In Advances in Cryptology---CRYPTO'98, H. Krawczyk, Ed., Lecture Notes in Computer Science, vol. 1462, Springer-Verlag, New York, 153--168.]] Google ScholarDigital Library
- Gong, L. and Schemers, R. 1998. Signing, sealing, and guarding JavaTM objects. In Mobile Agents and Security, G. Vigna, Ed., Lecture Notes in Computer Science, vol. 1419, Springer-Verlag, New York, 206--216.]] Google ScholarDigital Library
- Gray, R. S., Kotz, D., Cybenko, G., and Rus, D. 1998. D'Agents: Security in a multiple-language, mobile-agent system. In Mobile Agents and Security, G. Vigna, Ed., Lecture Notes in Computer Science, vol. 1419, Springer-Verlag, New York, 154--187.]] Google ScholarDigital Library
- Hassler, V. 2000. Mobile agent security. In Security Fundamentals for E-Commerce, Computer Security Series. Artech House, Chapter 20, 331--351.]]Google Scholar
- Hohl, F. 1998a. A model of attacks of malicious hosts against mobile agents. In Proceedings of the fourth ECOOP Workshop on Mobile Oject Systems: Secure Internet Mobile Computation.]] Google ScholarDigital Library
- Hohl, F. 1998b. Time limited blackbox security: Protecting mobile agents from malicious hosts. In Mobile Agents and Security, G. Vigna, Ed., Lecture Notes in Computer Science, vol. 1419, Springer-Verlag, New York, 92--113.]] Google ScholarDigital Library
- Hohl, F. 2000. A framework to protect mobile agents by using reference states. In Proceedings of the Twentieth International Conference on Distributed Computing Systems.]] Google ScholarDigital Library
- Jakobsson, M. and Juels, A. 1998. X-Cash: Executable digital cash. In Proceedings of Financial Cryptography '98, R. Hirschfeld, Ed., Lecture Notes in Computer Science, vol. 1465, Springer-Verlag, New York, 16--27.]] Google ScholarDigital Library
- Jansen, W. 2000. Countermeasures for mobile agent security. Comput. Commun. 23, 17 (Nov.), 1667--1676.]]Google ScholarDigital Library
- Jansen, W. and Karygiannis, T. 1999. Mobile agent security. NIST Special Publication 800-19.]]Google Scholar
- Karjoth, G., Asokan, N., and Gülcü, C. 1998. Protecting the computation results of free-roaming agents. In Proceedings of the Second International Workshop on Mobile Agents, K. Rothermel and F. Hohl, Eds., Lecture Notes in Computer Science, vol. 1477, Springer-Verlag, New York, 195--207.]] Google ScholarDigital Library
- Karjoth, G., Lange, D. B., and Oshima, M. 1998. A security model for aglets. In Mobile Agents and Security, G. Vigna, Ed., Lecture Notes in Computer Science, vol. 1419, Springer-Verlag, New York, 188--205.]] Google ScholarDigital Library
- Kim, H., Baek, J., Lee, B., and Kim, K. 2001. Secret computation with secrets for mobile agent using one-time proxy signature. In Proceedings of the 2001 Symposium on Cryptography and Information Security, 845--850.]]Google Scholar
- Kocher, P., Jaffe, J., and Jun, B. 1999. Differential power analysis. In Advances in Cryptology---CRYPTO'99, M. Wiener, Ed., Lecture Notes in Computer Science, vol. 1666, Springer-Verlag, New York, 388--397.]] Google ScholarDigital Library
- Kotz, D. and Gray, R. S. 1999. Mobile agents and the future of the Internet. ACM SIGOPS Oper. Syst. Rev. 33, 3 (July), 7--13.]] Google ScholarDigital Library
- Kotzanikolaou, P., Burmester, M., and Chrissikopoulos, V. 2000. Secure transactions with mobile agents in hostile environments. In Proceedings of the fifth Australasian Conference on Information Security and Privacy, E. Dawson, A. Clark, and C. Boyd, Eds., Lecture Notes in Computer Science, vol. 1841, Springer-Verlag, New York, 289--297.]] Google ScholarDigital Library
- Kotzanikolaou, P., Katsirelos, G., and Chrissikopoulos, V. 1999. Mobile agents for secure electronic transactions. In Recent Advances in Signal Processing and Communications, N. Mastorakis, Ed., World Scientific, River Edge, NJ, 363--368.]]Google Scholar
- Krawczyk, H. 2000. Simple forward-secure signatures from any signature scheme. In Proceedings of the Seventh ACM Conference on Computer and Communications Security, 108--115.]] Google ScholarDigital Library
- Lange, D. B. and Oshima, M. 1999. Seven good reasons for mobile agents. Commun. ACM 42, 3 (March), 88--89.]] Google ScholarDigital Library
- Lee, B., Kim, H., and Kim, K. 2001. Secure mobile agent using strong non-designated proxy signature. In Proceedings of the Sixth Australasian Conference on Information Security and Privacy (ACISP 2001), V. Varadharajan and Y. Mu, Eds., Lecture Notes in Computer Science, vol. 2119, Springer-Verlag, New York, 474--486.]] Google ScholarDigital Library
- Loureiro, S. 2001. Mobile code protection. PhD thesis, ENST Paris.]]Google Scholar
- Loureiro, S. and Molva, R. 1999. Function hiding based on error correcting codes. In Proceedings of the CryptTEC'99 International Workshop on Cryptographic Techniques and Electronic Commerce (Hong Kong), M. Blum and C. Lee, Eds., 92--98.]]Google Scholar
- Loureiro, S. and Molva, R. 2000. Mobile code protection with smartcards. In Proceedings of the Sixth ECOOP Workshop on Mobile Object Systems: Operating System Support, Security and Programming Languages.]]Google Scholar
- Loureiro, S., Molva, R., and Pannetrat, A. 1999. Secure data collection with updates. In Proceedings of the Workshop on Agents in Electronic Commerce, Y. Ye and J. Liu, Eds., 121--130.]]Google Scholar
- Meadows, C. 1997. Detecting attacks on mobile agents. In Proceedings of the DARPA Foundations for Secure Mobile Code Workshop.]]Google Scholar
- Merkle, J. and Werchner, R. 1998. On the security of server-aided RSA protocols. In Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography, H. Imai and Y. Zheng, Eds., Lecture Notes in Computer Science, vol. 1431, Springer-Verlag, New York, 99--116.]] Google ScholarDigital Library
- Minsky, Y., van Renesse, R., Schneider, F. B., and Stoller, S. D. 1996. Cryptographic support for fault-tolerant distributed computing. In Proceedings of the Seventh ACM SIGOPS European Workshop, 109--114.]] Google ScholarDigital Library
- Necula, G. C. and Lee, P. 1998. Safe, untrusted agents using proof-carrying code. In Mobile Agents and Security, G. Vigna, Ed., Lecture Notes in Computer Science, vol. 1419, Springer-Verlag, New York, 61--91.]] Google ScholarDigital Library
- Neuman, B. C. 1993. Proxy-based authorization and accounting for distributed systems. In Proceedings of the Thirteenth International Conference on Distributed Computing Systems, 283--291.]]Google ScholarCross Ref
- Neven, G., Piessens, F., and De Decker, B. 2000. On the practical feasibility of secure distributed computing: A case study. In Information Security for Global Information Infrastructures---Proceedings of IFIP SEC 2000, S. Qing and J. Eloff, Eds., Kluwer Academic, Hingham, MA, 361--370.]] Google ScholarDigital Library
- Ng, S.-K. and Cheung, K.-W. 1999. Intention spreading: An extensible theme to protect mobile agents from read attack hoisted by malicious hosts. In Intelligent Agent Technology: Systems, Methodologies, and Tools---Proceedings of the first Asia-Pacific Conference on Intelligent Agent Technology (IAT '99), J. Liu and N. Zhong, Eds., World Scientific, River Edge, NJ, 406--415.]]Google Scholar
- O'Mahony, D., Peirce, M., and Tewari, H. 2001. Electronic Payment Systems for E-Commerce, 2nd ed. Artech House.]] Google ScholarDigital Library
- Ousterhout, J. K., Levy, J. Y., and Welch, B. B. 1998. The safe-Tcl security model. In Mobile Agents and Security, G. Vigna, Ed., Lecture Notes in Computer Science, vol. 1419, Springer-Verlag, New York, 217--234.]] Google ScholarDigital Library
- Rasmusson, L. and Jansson, S. 1996. Simulated social control for secure Internet commerce. In Proceedings of the 1996 ACM Workshop on New Security Paradigms. 18--25.]] Google ScholarDigital Library
- Riordan, J. and Schneier, B. 1998. Environmental key generation towards clueless agents. In Mobile Agents and Security, G. Vigna, Ed., Lecture Notes in Computer Science, vol. 1419, Springer-Verlag, New York, 15--24.]] Google ScholarDigital Library
- Romão, A. and da Silva, M. M. 1999. Proxy certificates: A mechanism for delegating digital signature power to mobile agents. In Proceedings of the Workshop on Agents in Electronic Commerce, Y. Ye and J. Liu, Eds., 131--140.]]Google Scholar
- Roth, V. 2001. On the robustness of some cryptographic protocols for mobile agent protection. In Proceedings of the fifth International Conference on Mobile Agents, G. P. Picco, Ed., Lecture Notes in Computer Science, vol. 2240, Springer-Verlag, New York, 1--14.]] Google ScholarDigital Library
- Sander, T. and Tschudin, C. F. 1998a. On software protection via function hiding. In Proceedings of the Second International Workshop on Information Hiding, D. Aucsmith, Ed., Lecture Notes in Computer Science, vol. 1525. Springer-Verlag, New York, 111--123.]]Google Scholar
- Sander, T. and Tschudin, C. F. 1998b. Protecting mobile agents against malicious hosts. In Mobile Agents and Security, G. Vigna, Ed., Lecture Notes in Computer Science, vol. 1419, Springer-Verlag, New York, 44--60.]] Google ScholarDigital Library
- Sander, T. and Tschudin, C. F. 1998c. Towards mobile cryptography. In Proceedings of the 1998 IEEE Symposium on Security and Privacy, 215--224.]]Google Scholar
- SET Secure Electronic Transaction LLC. SET Secure Electronic Transaction Specification. Available at http://www.setco.org/.]]Google Scholar
- Shamir, A. and van Someren, N. 1999. Playing "hide and seek" with stored keys. In Proceedings of Financial Cryptography '99, M. Franklin, Ed., Lecture Notes in Computer Science, vol. 1648, Springer-Verlag, New York, 118--124.]] Google ScholarDigital Library
- Shoup, V. 2000. Practical threshold signatures. In Advances in Cryptology---EUROCRYPT 2000, B. Preneel, Ed., Lecture Notes in Computer Science, vol. 1807, Springer-Verlag, New York, 207--220.]]Google Scholar
- Spafford, E. H. 1988. The Internet worm program: An analysis. Purdue Tech. Rep. CSD-TR-823.]]Google Scholar
- TCPA. Trusted Computing Platform Alliance. Available at http://www.trustedpc.org/.]]Google Scholar
- Tschudin, C. F. 1999. Mobile Agent Security. In Intelligent Information Agents: Agent-Based Information Discovery and Management on the Internet, M. Klusch, Ed., Springer-Verlag, New York, Chapter 18, 431--446.]]Google Scholar
- Vigna, G. 1997. Protecting mobile agents through tracing. In Proceedings of the Third ECOOP Workshop on Mobile Object Systems: Operating System Support for Mobile Object Systems.]]Google Scholar
- Vigna, G. 1998. Cryptographic traces for mobile agents. In Mobile Agents and Security, G. Vigna, Ed., Lecture Notes in Computer Science, vol. 1419, Springer-Verlag, New York, 137--153.]] Google ScholarDigital Library
- Volpano, D. and Smith, G. 1998. Language issues in mobile program security. In Mobile Agents and Security, G. Vigna, Ed., Lecture Notes in Computer Science, vol. 1419, Springer-Verlag, New York, 25--43.]] Google ScholarDigital Library
- Wilhelm, U. G., Staamann, S., and Buttyán, L. 1998. On the problem of trust in mobile agent systems. In Proceedings of the 1998 Network and Distributed System Security (NDSS'98) Symposium.]]Google Scholar
- Yee, B. S. 1999. A sanctuary for mobile agents. In Secure Internet Programming: Security Issues for Mobile and Distributed Objects, J. Vitek and C. Jensen, Eds., Lecture Notes in Computer Science, vol. 1603, Springer-Verlag, New York, 261--274.]] Google ScholarDigital Library
- Yi, X., Siew, C. K., and Syed, M. R. 2000. Digital signature with one-time pair of keys. Electron. Lett. 36, 2 (Jan.), 130--131.]]Google ScholarCross Ref
- Young, A. and Yung, M. 1997. Sliding encryption: A cryptographic tool for mobile agents. In Fast Software Encryption---FSE'97, E. Biham, Ed., Lecture Notes in Computer Science, vol. 1267, Springer-Verlag, New York, 230--241.]] Google ScholarDigital Library
Index Terms
(How) can mobile agents do secure electronic transactions on untrusted hosts? A survey of the security issues and the current solutions
Recommendations
Establishing a Secure Open-Environment for Using Mobile Agents in Electronic Commerce
ASAMA '99: Proceedings of the First International Symposium on Agent Systems and Applications Third International Symposium on Mobile AgentsAlthough mobile agents are a promising technology, the large-scale deployment of agents and the existence of hosts running agencies will not happen until proper security mechanisms are well understood and implemented. When considering global open ...
On the Security Properties and Attacks against Mobile Agent Graph Head Sealing (MAGHS)
ISA '09: Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and AssuranceMobile Agents (MAs) are not fully adopted for implementing distributed system especially in e-commerce application. The main reason is the security issues associated with use of MAs. Providing integrity of execution is considered as the most challenging ...
Secure Mobile Agents with Designated Hosts
NSS '09: Proceedings of the 2009 Third International Conference on Network and System SecurityMobile agents often travel in a hostile environment where their security and privacy could be compromised by any party including remote hosts in which agents visit and get services. It was proposed in the literature that the host visited by an agent ...
Comments