Master of Computer Science - Research
School of Computer Science and Software Engineering - Faculty of Informatics
Zhang, Qi, Security enhanced agent systems, MCompSc-Res, School of Computer Science and Software Engineering,, University of Wollongong, 2009. http://ro.uow.edu.au/theses/3072
Software agents are useful for distributed systems and electronic commerce. However, to fully deploy software agents in practice, a number of challenging issues, especially security and privacy, need to be addressed. In general, software agents can be classified into mobile agent and multi-agent, which have different security requirements.
Mobile agents are mobile in the sense that they can move in the defined computer network. Due to this nature, security and privacy become critical. When a mobile agent travels in a hostile environment or migrates to an untrusted platform, its security and privacy can be easily compromised. In particular, the remote hosts in which agents visit and get services are not considered to be trusted. Existing solutions suggest that remote hosts together with the agent’s home jointly sign the service agreement. Therefore, proxy-based signing model was utilized. We observe that this actually poses a serious problem: a host which should be excluded from the desirable hosts could also generate a signed service agreement. In order to solve this problem, we propose a secure mobile agent transaction scheme which achieves host authentication with designated hosts. In our scheme, only selected hosts can be included in the agent network and hence generate a valid signed service agreement. We also propose a variant of our scheme that provides a shorter signature size.
Multi-agent systems are different from mobile agents systems in that they are not mobile. Although multi-agent systems do not have the security risks stemming from mobility, they have other security problems. Unfortunately, security and privacy issues have not been adequately addressed. Most proposed schemes only concern with security protection rather than privacy protection. Privacy issues have not drawn adequate attention and actually been ignored or mistreated in most proposed multi-agent protocols. We argue that privacy issues are indeed not trivial and cannot be resolved with traditional security mechanisms. If agents do not trust each other, their privacy must be protected. In order to solve the issue, we propose a novel secure multi-agent protocol which captures several most important security properties including data confidentiality, agent privacy and authenticity.
In our scheme, privacy protection is applied to both negotiating parties (agents). The security protection in our scheme satisfies the most stringent security level, i.e., indistinguishability against adaptive chosen ciphertext attacks.