Abstract
Agent based architectures provide significant flexibility and extensibility to software systems that attempt to model complex real world interactions between human users and functional agents. Such systems allow agents to be seamlessly published into the system providing services to human agent consumers. Securing agent based architectures in permissions based environments while still maintaining extensibility involves establishing a pathway of trust between the agent producer, container and consumer. This paper focuses on the final trust step, verifying the identity of an agent consumer in order to bound the capability of an agent by the capabilities of the agent consumer. We present an innovative application of zero knowledge proofs to inexpensively authenticate agents and grant them the restricted permissions of their consumer operator. Our scheme’s theoretical foundation guarantees inexpensive detection of “rogue” agents and defends against replay attacks in environments where performance is critical.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
H. Weber, A. Sunbul, and J. Padberg, “Evolutionary Development Of Business Process Centered Architectures Using Component Technologies,” 2000.
Felix Bübl, “Towards desiging distributed systems with ConDIL,” in Engineering Distributed Objects (EDO 2000), Wolfgang Emmerich and Stefan Tai Eds., Berlin, November 2000, LNCS Nr. 999, pp. 61–79, Springer.
Michael Wooldridge and Paolo Ciancarini, “Agent-Oriented Software Engineering: The State of the Art,” in AOSE, 2000, pp. 1–28.
Mary hompson, William Johnston, Srilekha Mudumbai, Gary Hoo, Keith Jackson, and Abdelilah Essiari, “Certificate-based Access Control for Widely Distributed Resources,” pp. 215–228.
Kevin Fu, Emil Sit, Kendra Smith, and Nick Feamster, “Dos and Don’ts of Client Authentication on the Web,” in Proceedings of the 10th USENIX Security Symposium, Aug. 2001.
George C. Necula, “Proof-carrying code,” in Conference Record of POPL’ 97: The 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, Paris, France, jan 1997, pp. 106–119.
J. Feigenbaum and P. Lee, “Trust management and proof-carrying code in secure mobile-code applications,” 1997.
Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, and Charles E. Youman, “Role-Based Access Control Models,” IEEE Computer, vol. 29, no. 2, pp. 38–47, 1996.
Communications Of The ACM, “[41] R. L. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public-key cryptosystems.,”.
N. Modadugu, D. Boneh, and M. Kim, “Generating RSA keys on a handheld using an untrusted server,” 2000.
Uriel Feige and Joe Kilian, “Zero Knowledge and the Chromatic Number,” in IEEE Conference on Computational Complexity, 1996, pp. 278–287.
P. Kaski, “Special Course on Cryptology / Zero Knowledge: Rudiments of Interactive Proof Systems,” 2001.
Martin Abadi, Michael Burrows, C. Kaufman, and Butler W. Lampson, “Authentication and Delegation with Smart-cards,” in Theoretical Aspects of Computer Software, 1991, pp. 326–345.
Joan Feigenbaum, Michael J. Freedman, Tomas Sander, and Adam Shostack, “Privacy Engineering for Digital Rights Management Systems,” in Proceedings of the ACM Workshop in Security and Privacy in Digital Rights Management, November 2001.
Safuat Hamdy and Markus Maurer, “Feige-Fiat-Shamir Identification Based On Real Quadratic Fields,”.
I. Biehl, J. Buchmann, S. Hamdy, and A. Meyer, “A signature scheme based on the intractability of computing roots,” 2000.
M. J. Jacobson, Jr., R. Scheidler, and H. C. Williams, “The Efficiency and Security of a Real Quadratic Field Based-Key Exchange Protocol,”.
Aura, “Strategies Against Replay Attacks,” in PCSFW: Proceedings of The 10th Computer Security Foundations Workshop. 1997, IEEE Computer Society Press.
Victor Boyko and Philip D. MacKenzie and Sarvar Patel, “Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman,” in Theory and Application of Cryptographic Techniques, 2000, pp. 156–171.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Maxim, M., Venugopal, A. (2002). Securing Agent Based Architectures. In: Han, Y., Tai, S., Wikarski, D. (eds) Engineering and Deployment of Cooperative Information Systems. EDCIS 2002. Lecture Notes in Computer Science, vol 2480. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45785-2_17
Download citation
DOI: https://doi.org/10.1007/3-540-45785-2_17
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44222-6
Online ISBN: 978-3-540-45785-5
eBook Packages: Springer Book Archive