Protecting mobile agents from external replay attacks
نویسندگان
چکیده
This paper presents a protocol for the protection of mobile agents against external replay attacks. This kind of attacks are performed by malicious platforms when dispatching an agent multiple times to a remote host, thus making it reexecute part of its itinerary. Current proposals aiming to address this problem are based on storing agent identifiers, or trip markers, inside agent platforms, so that future reexecutions can be detected and prevented. The problem of these solutions is that they do not allow the agent to perform legal migrations to the same platform several times. The aim of this paper is to address these issues by presenting a novel solution based on authorisation entities, which allow the agent to be reexecuted on the same platform a number of times determined at runtime. The proposed protocol is secure under the assumption that authorisation entities are trusted. 2008 Elsevier Inc. All rights reserved.
منابع مشابه
Monotonicity and Partial Results Protection for Mobile Agents
Remotely executing mobile code introduces a plethora of security problems. This paper examines the “external agent replay” attack, identifies the notion of one-way program state transitions, describes the use of monotonic variables as a practical method for detecting these attacks, examines the more general problem state modification attacks, and introduces the use of “results verification vect...
متن کاملProtecting Mobile Agents against Malicious Host Attacks Using Threat Diagnostic AND/OR Tree
Threat diagnostic, using AND/OR tree and risk analysis, is a mechanism to protect mobile agents against malicious host attacks. The method is based on analyzing the probable causes of mobile agent failure to perform its intended function. It uses the symptoms of different types of malicious host attacks and arranges them in a logical order depending on the expected outcomes. We provide a method...
متن کاملLoxin - A solution to password-less universal login
As the easiest and cheapest way of authenticating an end user, password based authentication methods have been consistently chosen by almost every new cloud service. Unfortunately, the explosive growth of cloud services and web applications has made it impossible for users to manage dozens of passwords for accessing different cloud services. The situation is even worse considering the potential...
متن کاملInterference Mitigation of Replay Attacks in GPS Receiver using of Finite Impulse Response Filter
The vulnerability of civil GPS receiver to interference may be intentional or unintentional. Among all types of interference, replay attack intended as the most dangerous intentional one. The signal structure of replay attack is almost the same with the satellite signal. The interference effects can be reduce with the design of an appropriate filter in the receiver. This paper presents two meth...
متن کاملAn Efficient Offline Delegation Protocol in Mobile RFID Environment
In this paper, we propose a new protocol to allow delegation transfer between offline mobile readers in the mobile RFID (Radio Frequency Identification) environment. A mobile reader can grant the access rights of a specific tag to another reader. Besides, our protocol is efficient and secure against most current network threats, such as replay attacks, Man-in-the-Middle (MITM) attacks, denial o...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Journal of Systems and Software
دوره 82 شماره
صفحات -
تاریخ انتشار 2009