Skip to main content
SpringerLink
Log in
Book cover

Intelligent Agents in the Evolution of Web and Applications pp 303–329Cite as

Security of Intelligent Agents in the Web-Based Applications

  • Chapter

  • 520 Accesses

Part of the book series: Studies in Computational Intelligence ((SCI,volume 167))

Abstract

The major goal of this chapter is to discuss the following tow topics: first is the security issues related to web-based applications with intelligent agents; the second is the adaptation of intelligent agents to existing information security mechanisms. Mobile agents are considered to be an alternative to client-server systems. Security issues are discussed for generic agent-based systems, i.e. intelligent agents migrate to agent platforms. Public key infrastructure (PKI) is a major cryptographic systems deployed for agent-based systems. Cryptographic techniques such as digital signatures, hash function, proxy certificate and attribute certificate, are utilized for protecting both intelligent agents and agent platforms. Countermeasures to agent protections and agent platform protection are given, which are based on information security mechanisms such as authentication, authorization, access control and confidentiality. Other major security concern such as the identity binding and delegation between intelligent agent and its host are discussed with solutions based on proxy certificates and attribute certificates. For application layer security mechanism, non-repudiation and Secure Electronic Transaction (SET) are developed for agent-based applications.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ouardani, A., Pierre, S., Boucheneb, H.: A Security Protocol for Mobile Agents based Upon the Cooperation of Sedentary Agents. J. Network and Computer Applications 30, 1228–1243 (2007)

    Article  Google Scholar 

  2. Weiss, G. (ed.): Multiagent Systems, A modern approach to distributed artificial intelligence. MIT Press, Cambridge (1999)

    Google Scholar 

  3. Pagnia, H., Vogt, H., Gartner, F., Wilhelm, U.: Solving Fair Exchange with Mobile Agents. In: Kotz, D., Mattern, F. (eds.) MA 2000, ASA/MA 2000, and ASA 2000. LNCS, vol. 1882, pp. 57–72. Springer, Heidelberg (2000)

    Google Scholar 

  4. Wilhelm, U., Staamann, S., Buttyan, L.: On the Problem of Trust in Mobile Agent Systems. In: Symposium on Network and Distributed System Security, Internet Society, pp. 114–124 (1998)

    Google Scholar 

  5. Esparza, O., Munoz, J., Soriano, M., Forne, J.: Host Revocation Authority: A Way of Protecting Mobile Agents from Malicious Hosts. In: Cueva Lovelle, J.M., Rodríguez, B.M.G., Gayo, J.E.L., del Ruiz, M.P.P., Aguilar, L.J. (eds.) ICWE 2003. LNCS, vol. 2722, pp. 289–292. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  6. Zhou, J., Deng, R., Bao, F.: Evolution of Fair Non-repudiation with TTP. In: Pieprzyk, J.P., Safavi-Naini, R., Seberry, J. (eds.) ACISP 1999. LNCS, vol. 1587, pp. 258–269. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  7. ITU-T, Recommendation, X.813: Information Technology-Open Systems Interconnection- Security Frameworks in Open Systems, Non-repudiation Framework (1996)

    Google Scholar 

  8. Li, B., Luo, J.: On Timeliness of a Fair Non-repudiation Protocol. In: InfoSecu 2004, pp. 99–106 (2004)

    Google Scholar 

  9. Jansen, W.: Countermeasures for Mobile Agent Security. Computer Communications 23, 1667–1676 (2000)

    Article  Google Scholar 

  10. Zhang, M., Karmouch, A.: Adding Security Features to FIPA Agent Platform (2001), http://www2.elec.qmul.ac.uk/~stefan/fipa-security/rfi-response/Karmouth-FIPA-Security-Journal.pdf

  11. Deng, X.: A Comparison of the Security Frameworks in Agent-Based Semantic Web. 20th Computer Science Seminar, SC2-T4-1

    Google Scholar 

  12. Jansen, W., Karygiannis, T.: NIST Special Publication 800-19: Mobile Agent Security (1999)

    Google Scholar 

  13. Ou, C.-M., Ou, C.R.: Adaptation of Proxy Certificates to Non-Repudiation Protocol of Agent-based Mobile Payment Systems. Applied Intelligence (Accepted and online first) DOI: 10.1007/s10489-007-0089-4

    Google Scholar 

  14. Ma, L., Tsai, J.: Security Modeling and Analysis of Mobile Agent Systems. Imperial College Press (2006)

    Google Scholar 

  15. Hu, Y.-J.: Trusted Agent-mediated E-commerce Transaction Services via Digital Certificate Management. Electronic Commerce Research 3, 221–243 (2003)

    Article  Google Scholar 

  16. Lampson, B., Abadi, M., Burrows, M., Wobber, E.: Authentication in Distributed Systems; Theory and Practice. ACM Trans. Computer Systems 10(4), 265–310 (1992)

    Article  Google Scholar 

  17. Romao, A., da Silva, M.: Secure Mobile Agent Digital Signatures with Proxy Certificates. In: Liu, J., Ye, Y. (eds.) E-Commerce Agents. LNCS (LNAI), vol. 2033, pp. 206–220. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  18. Ugurlu, S., Erdogan, N.: Comparing Object Encodings. In: Ito, T., Abadi, M. (eds.) TACS 1997. LNCS, vol. 1281, pp. 415–438. Springer, Heidelberg (1997)

    Google Scholar 

  19. Hu, Y.-J., Tang, C.-W.: Agent-oriented Public Key Infrastructure for Multi-agent E-service. In: Palade, V., Howlett, R.J., Jain, L. (eds.) KES 2003. LNCS, vol. 2773, pp. 1215–1221. Springer, Heidelberg (2003)

    Google Scholar 

  20. Jansen, W.A.: A Privilege Management Scheme for Mobile Agent Systems. Electronic Notes in Theoretical Computer Science 63, 91–107 (2002)

    Article  Google Scholar 

  21. IETF RFC 3281: An Internet Attribute Certificate Profile for Authorization

    Google Scholar 

  22. Information Technology-Open Systems Interconnection-Security Frameworks for Open Systems: Access Control Framework, ISO/IEC 10181-3:1996

    Google Scholar 

  23. Zhou, J., Gollmann, D.: A Fair Non-repudiation Protocol. In: Proc 1996 IEEE Symposium on Security and Privacy, pp. 55–61 (1996)

    Google Scholar 

  24. Lee, W.-B., Yeh, C.-K.: A New Delegation-based Authentication Protocol for Use in Portable Communication Systems. IEEE Trans. Wireless Communications 4(1), 57–64 (2005)

    Article  Google Scholar 

  25. Ou, C.-M., Ou, C.R.: Non-Repudiation Mechanism of Agent-based Mobile Payment Systems: Perspectives on Wireless PKI. In: Nguyen, N.T., Grzech, A., Howlett, R.J., Jain, L.C. (eds.) KES-AMSTA 2007. LNCS (LNAI), vol. 4496, pp. 298–307. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  26. Esparza, O., Munoz, J., Soriano, M., Forne, J.: Secure Brokerage Mechanisms for Mobile Electronic Commerce. Computer Communications 29, 2308–2321 (2006)

    Article  Google Scholar 

  27. Stallings, W.: Cryptography and Network Security, 3rd edn. Prentice Hall, Englewood Cliffs (2003)

    Google Scholar 

  28. Romao, A., Silva, M.: An Agent-based Secure Internet Payment System for Mobile Computing. In: Lamersdorf, W., Merz, M. (eds.) TREC 1998. LNCS, vol. 1402, pp. 80–93. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  29. Yi, X., Siew, C., Wang, X., Okamoto, E.: A Secure Agent-based Framework for Internet Trading in Mobile Computing Environment. Distributed and Parallel Database 8, 85–117 (2000)

    Article  Google Scholar 

  30. Raghunathan, S., Mikler, A., Cozzolino, C.: Secure Agent Computation: X.509 Proxy Certificates in a Multi-lingual Agent Framework. J. Systems and Software 75, 125–137 (2005)

    Article  Google Scholar 

  31. Benachenhou, L., Pierre, S.: Protection of a Mobile Agent with a Reference Clone. Computer Communications 29, 268–278 (2006)

    Article  Google Scholar 

  32. Hutter, D., Mantel, H., Schaefer, I., Schairer, A.: Security of Multi-agent Systems: A Case Study on Comparison Shopping. J. Applied Logic 5(2), 303–332 (2007)

    Article  MATH  MathSciNet  Google Scholar 

  33. Kuo, M.H.: An Intelligent Agent-based Collaborative Information Security Framework. Expert Systems with Applications 32, 585–598 (2007)

    Article  Google Scholar 

  34. Vila, X., Schuster, A., Riera, A.: Security for a Multi-agent System based on JADE. Computer & Security 26, 391–400 (2007)

    Article  Google Scholar 

  35. Lin, M.-H., Chang, C.-C., Chen, Y.-R.: A Fair and Secure Mobile Agent Environment based on Blind Signature and Proxy Host. Computer & Security 23, 199–212 (2004)

    Article  Google Scholar 

  36. Zhang, M., Karmouth, A., Impey, R.: Towards a Secure Agent Platform Based on FIPA. In: Pierre, S., Glitho, R.H. (eds.) MATA 2001. LNCS, vol. 2164, pp. 277–290. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  37. Suna, A., Fallah-Seghrouchni, A.: A Mobile Agents Platform: Architecture, Mobility and Security Elements. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2003. LNCS, vol. 3364, pp. 126–146. Springer, Heidelberg (2005)

    Google Scholar 

  38. Bsufka, K., Holst, S., Schnidt, T.: Ralization of an Agent-based Certificate Authority and Key Distribution Center. In: Albayrak, Ş. (ed.) IATA 1999. LNCS (LNAI), vol. 1699, pp. 113–123. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  39. Das, A., Yao, G.: A Secure Payment Protocol Using Mobile Agents in an Untrusted Host Environment. In: Kou, W., Yesha, Y., Tan, C.J.K. (eds.) ISEC 2001. LNCS, vol. 2040, pp. 33–41. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  40. Borrel, J., Robles, S., Serra, J., Riera, A.: Securing the Itinerary of Mobile Agents through a Non-Repudiation Protocol. In: Proceedings IEEE 33rd Annual, International Carnahan Conference, pp. 461–464 (1999)

    Google Scholar 

  41. Roth, V., Jalali-Sohi, M.: Access Control and Key Management for Mobile Agents. Comput. & Graphics 22(4), 457–461 (1998)

    Article  Google Scholar 

  42. Chang, C.-C., Lin, I.-C.: A New Solution for Assigning Cryptographic Keys to Control Access in Mobile Agent Environments. Wireless Communications and Mobile Computing 6, 137–146 (2006)

    Article  Google Scholar 

  43. Ou, C.-M., Ou, C.R.: SETNR/A: An Agent-based Secure Payment Protocol for Mobile Commerce. In: Nguyen, N.T., Jo, G.S., Howlett, R.J., Jain, L.C. (eds.) KES-AMSTA 2008. LNCS (LNAI), vol. 4953, pp. 527–536. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  44. Seo, S.-H., Lee, S.-H.: A Secure Mobile Agent System Using Multi-signature Scheme in Electronic Commerce. In: Chung, C.-W., Kim, C.-k., Kim, W., Ling, T.-W., Song, K.-H. (eds.) HSI 2003. LNCS, vol. 2713, pp. 527–536. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  45. Ou, C.-M., Ou, C.R.: Role-based Access Control (RBAC) Mechanism with Attribute Certificates for Mobile Agent. In: Proceedings of 10th Joint Conference of Information Sciences (JCIS 2007) (2007)

    Google Scholar 

  46. Liew, C.-C., Ng, W.-K., Lim, E.-P., Tan, B.-S., Ong, K.-L.: Non-Repudiation in an Agent-Based Electronic Commerce System. In: DEXA Workshop, pp. 864–868 (1999)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information Management, Kainan University, #1 Kainan Rd., 338, Luchu, Taiwan

    Chung-Ming Ou

  2. Department of Electrical Engineering, Huisping Institute of Technology, 412, Taichung, Taiwan

    C. R. Ou

Authors
  1. Chung-Ming Ou
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. C. R. Ou
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Wroclaw University of Technolgy, Poland

    Ngoc Thanh Nguyen

  2. University of South Australia, Australia

    Lakhmi C. Jain

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Ou, CM., Ou, C.R. (2009). Security of Intelligent Agents in the Web-Based Applications. In: Nguyen, N.T., Jain, L.C. (eds) Intelligent Agents in the Evolution of Web and Applications. Studies in Computational Intelligence, vol 167. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-88071-4_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-88071-4_13

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-88070-7

  • Online ISBN: 978-3-540-88071-4

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation