Abstract
Mobile agent technology is promising for e-commerce and distributed computing applications due to its properties of mobility and autonomy. One of the most security-sensitive tasks a mobile agent is expected to perform is signing digital signatures on a remote untrustworthy service host that is beyond the control of the agent host. This service host may treat the mobile agents unfairly, i.e. according to its’ own benefit rather than to their time of arrival. In this research, we present a novel protocol, called Collusion-Resistant Distributed Agent-based Signature Delegation (CDASD) protocol, to allow an agent host to delegate its signing power to an anonymous mobile agent in such a way that the mobile agent does not reveal any information about its host’s identity and, at the same time, can be authenticated by the service host, hence, ensuring fairness of service provision. The protocol introduces a verification server to verify the signature generated by the mobile agent in such a way that even if colluding with the service host, both parties will not get more information than what they already have. The protocol incorporates three methods: Agent Signature Key Generation method, Agent Signature Generation method, Agent Signature Verification method. The most notable feature of the protocol is that, in addition to allowing secure and anonymous signature delegation, it enables tracking of malicious mobile agents when a service host is attacked. The security properties of the proposed protocol are analyzed, and the protocol is compared with the most related work.
Highlights
The widespread of the Internet and the powerful architecture of the World Wide Web (WWW) have transformed the market standards and created many opportunities for conducting business online (i.e. e-commerce)
The mobile agent signature key is generated in such a way that it does not reveal any information about the agent host or the mobile agent identities
We presented a novel Collusion-Resistant Distributed Agent-Based Signature Delegation (CDASD) protocol, which incorporates three methods as its building blocks, namely, Agent Signature Key Generation method, Agent Signature Generation method, Agent Signature Verification method
Summary
The widespread of the Internet and the powerful architecture of the World Wide Web (WWW) have transformed the market standards and created many opportunities for conducting business online (i.e. e-commerce). As agent-based e-commerce technology becomes more developed and standardized, we anticipate that hundreds of mobile agents will be seamlessly embedded in the WWW Their autonomous nature and heterogeneous interactions among them dramatically reduce the cost and time incurred in performing e-commerce transactions. Various mobile agents designed by different kind of programmers/ developers can work, interact, and attack at anytime from anywhere in the web, where the distance is close to null and the transactions can be performed instantly. This has made security an issue that must be considered and IIM
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
