Encrypting Java Archives and Its Application to Mobile Agent Security
نویسندگان
چکیده
In this article we describe an extension of Java Archives that allows to keep data encrypted for multiple recipients. Encrypted data is accessible only by selected access groups. Java archives may be used as containers of mobile agents, which allows agents to keep confidential data unaccessible while residing on untrusted hosts. However, additional protective measures are required in order to prevent Cut & Paste attacks on mobile agents by malicious hosts. One such mechanism is described. The usefulness of the concepts is illustrated by an example application for user profile management in an electronic commerce setting.
منابع مشابه
Security Risks in Java-based Mobile Code Systems
Java is the predominant language for mobile agent systems, both for implementing mobile agent execution environments and for writing mobile agent applications. This is due to inherent support for code mobility by means of dynamic class loading and separable class name spaces, as well as a number of security properties, such as language safety and access control by means of stack introspection. ...
متن کاملA Design of local resource access control for mobile agent in PDA
Personal Device Assistance (PDA) devices are becoming popular, and some such devices have extended their capability to run a mobile agent platform. This paper describes a new security mechanism for mobile agent platforms running on PDAs. Our security mechanism is based on PDAgentSecurityManager built upon a Java virtual machine environment and provides dynamic authentication and flexible access...
متن کاملMobile Agent Protection in E-Business Application A Dynamic Adaptability Based Approach
The applications of mobile agent technology are various and include electronic commerce, personal assistance, parallel processing ... The use of mobile agent paradigm provides several advantages. Unfortunately, it has introduced some problems. Security represents an important issue. Current researches efforts in the area of mobile agent security follow two aspects: (i) protection of the hosts f...
متن کاملMelding Abstractions with Mobile Agents
Mobile Agents (MA) seems to be the most suitable technology for distributed systems to integrate the Internet in a synergic way. One of the problems that should be faced when considering MA models for distributed applications is the lack of a thorough model capable of describing the Internet world composed of interconnected networks, each of them with its peculiar policies (for administrative, ...
متن کاملConcepts and Architecture of a Security-Centric Mobile Agent Server
Mobile software agents are software components that are able to move in a network. They are often considered as an attractive technology in electronic commerce applications. Although security concerns prevail. In this paper we describe the architecture and concepts of the SeMoA server – a runtime environment for Java-based mobile agents. Its architecture has a focus on security and easy extenda...
متن کامل