The security of mobile agent directly decides its usage width in e-commerce. Especially, to protect users' private information is becoming more important now and future. So an anonymous mobile agent security mechanis...The security of mobile agent directly decides its usage width in e-commerce. Especially, to protect users' private information is becoming more important now and future. So an anonymous mobile agent security mechanism with the secure authentication infrastructure based on PKI (public key infrastructure) is proposed in the paper. The multi-agent system is programmed by java language and every agent must register itself in CA (certificate authority) before working in the net and express his legit identity which is temptly produced and used only once. The CA ensures the legal of all agents' identity which take part in communicaiton or trade. And every user agent identity only is used once which makes other agents cannot decipher users' private information. The security mechanism of the multi-agent system implements anonymity, integrity, data confidentiality of mobile agent based on the MH(multiple hop) integrity protection regard to PKI limit.展开更多
The wireless application protocol (WAP) protocol is now the leading standard for information services on wireless terminals like digital mobile phones. By the use of WAP, wireless devices, like mobile phones, are po...The wireless application protocol (WAP) protocol is now the leading standard for information services on wireless terminals like digital mobile phones. By the use of WAP, wireless devices, like mobile phones, are possibly infected with virus and worms. Though up to now there is no such attack, as the usage of script languages increases, there is a chance of malicious code injection. This paper discusses the threats with current WAP protocol, and how changes in the protocol and the increase in its usage will enable entry of real viruses. Future threat scenarios are presented along with suggestions to avoid these problems.展开更多
The broadcast nature of wireless network makes traditional link-layer attacks readily available to anyone within the range of the network. User authentication is best safeguard against the risk of unauthorized access ...The broadcast nature of wireless network makes traditional link-layer attacks readily available to anyone within the range of the network. User authentication is best safeguard against the risk of unauthorized access to the wireless networks. The present 802.1× authentication scheme has some flaws, making mutual authentication impossible and open to man-in-the-middle attacks. These characteristics make traditional cryptographic mechanism provide weak security for the wireless environment. We have proposed the use of mobile agents to provide dependable Internet services delivery to users, this will guarantee secure authentication in wireless networks and we examine the feasibility of our solution and propose a model for wireless network security.展开更多
This paper focuses on investigating immunological principles in designing a multi-agent security architecture for intrusion detection and response in mobile ad hoc networks. In this approach, the immunity-based agents...This paper focuses on investigating immunological principles in designing a multi-agent security architecture for intrusion detection and response in mobile ad hoc networks. In this approach, the immunity-based agents monitor the situation in the network. These agents can take appropriate actions according to the underlying security policies. Specifically, their activities are coordinated in a hierarchical fashion while sensing, communicating, decision and generating responses. Such an agent can learn and adapt to its environment dynamically and can detect both known and unknown intrusions. The proposed intrusion detection architecture is designed to be flexible, extendible, and adaptable that can perform real-time monitoring. This paper provides the conceptual view and a general framework of the proposed system. In the end, the architecture is illustrated by an example to show it can prevent the attack efficiently.展开更多
Network management scheme must consider security challenges for the Mobile Agent paradigm to be accepted in the Internet computing world. Techniques to provide security solutions have been proposed and some have achie...Network management scheme must consider security challenges for the Mobile Agent paradigm to be accepted in the Internet computing world. Techniques to provide security solutions have been proposed and some have achieved good results. For example, it is possible to launch a code with a guarantee that it cannot attack the hosting sites. The main problem remaining, however, is protecting the mobile code against malicious service providers, the host problem. This paper proposed a Mobile Agent management scheme in a hierarchical level that provides to user a reliable and flexible global access to internet/network information services. We further described a protection mechanism to Mobile Agents against malicious hosts. As an effort to address host problems we first identify the kinds of attack that may be performed by malicious hosts, and propose a mechanism to prevent these attacks. At each agent host we introduce a trusted third party entity on each server called Secure Service Station (SSS) to carry out security actions.展开更多
通过考察国内外分布式移动入侵检测系统的发展现状,分析了目前基于MOB ILE AGENT(移动代理)的IDS应用所存在的安全问题,提出结合JAVA安全特性采用一种新型平台AGLETWORKBENCH开发MA IDS的技术研究.首先介绍了AGLET的基本知识,然后通过分...通过考察国内外分布式移动入侵检测系统的发展现状,分析了目前基于MOB ILE AGENT(移动代理)的IDS应用所存在的安全问题,提出结合JAVA安全特性采用一种新型平台AGLETWORKBENCH开发MA IDS的技术研究.首先介绍了AGLET的基本知识,然后通过分析AGLET的工作流程,从几个方面论述了用AGLET可以为MOB ILE AGENT展开更多
基金Supported by the National Natural Science Foun-dation of China (50077007) the Youth Teacher Foundation ofNorth China Electric Power University (20051101)
文摘The security of mobile agent directly decides its usage width in e-commerce. Especially, to protect users' private information is becoming more important now and future. So an anonymous mobile agent security mechanism with the secure authentication infrastructure based on PKI (public key infrastructure) is proposed in the paper. The multi-agent system is programmed by java language and every agent must register itself in CA (certificate authority) before working in the net and express his legit identity which is temptly produced and used only once. The CA ensures the legal of all agents' identity which take part in communicaiton or trade. And every user agent identity only is used once which makes other agents cannot decipher users' private information. The security mechanism of the multi-agent system implements anonymity, integrity, data confidentiality of mobile agent based on the MH(multiple hop) integrity protection regard to PKI limit.
文摘The wireless application protocol (WAP) protocol is now the leading standard for information services on wireless terminals like digital mobile phones. By the use of WAP, wireless devices, like mobile phones, are possibly infected with virus and worms. Though up to now there is no such attack, as the usage of script languages increases, there is a chance of malicious code injection. This paper discusses the threats with current WAP protocol, and how changes in the protocol and the increase in its usage will enable entry of real viruses. Future threat scenarios are presented along with suggestions to avoid these problems.
文摘The broadcast nature of wireless network makes traditional link-layer attacks readily available to anyone within the range of the network. User authentication is best safeguard against the risk of unauthorized access to the wireless networks. The present 802.1× authentication scheme has some flaws, making mutual authentication impossible and open to man-in-the-middle attacks. These characteristics make traditional cryptographic mechanism provide weak security for the wireless environment. We have proposed the use of mobile agents to provide dependable Internet services delivery to users, this will guarantee secure authentication in wireless networks and we examine the feasibility of our solution and propose a model for wireless network security.
基金Supported by the National High Technology Develop ment 863 Program of China (No.2003AA148010)Key Technologies R&D Program of China (No.2002DA103A03-07).
文摘This paper focuses on investigating immunological principles in designing a multi-agent security architecture for intrusion detection and response in mobile ad hoc networks. In this approach, the immunity-based agents monitor the situation in the network. These agents can take appropriate actions according to the underlying security policies. Specifically, their activities are coordinated in a hierarchical fashion while sensing, communicating, decision and generating responses. Such an agent can learn and adapt to its environment dynamically and can detect both known and unknown intrusions. The proposed intrusion detection architecture is designed to be flexible, extendible, and adaptable that can perform real-time monitoring. This paper provides the conceptual view and a general framework of the proposed system. In the end, the architecture is illustrated by an example to show it can prevent the attack efficiently.
文摘Network management scheme must consider security challenges for the Mobile Agent paradigm to be accepted in the Internet computing world. Techniques to provide security solutions have been proposed and some have achieved good results. For example, it is possible to launch a code with a guarantee that it cannot attack the hosting sites. The main problem remaining, however, is protecting the mobile code against malicious service providers, the host problem. This paper proposed a Mobile Agent management scheme in a hierarchical level that provides to user a reliable and flexible global access to internet/network information services. We further described a protection mechanism to Mobile Agents against malicious hosts. As an effort to address host problems we first identify the kinds of attack that may be performed by malicious hosts, and propose a mechanism to prevent these attacks. At each agent host we introduce a trusted third party entity on each server called Secure Service Station (SSS) to carry out security actions.
文摘通过考察国内外分布式移动入侵检测系统的发展现状,分析了目前基于MOB ILE AGENT(移动代理)的IDS应用所存在的安全问题,提出结合JAVA安全特性采用一种新型平台AGLETWORKBENCH开发MA IDS的技术研究.首先介绍了AGLET的基本知识,然后通过分析AGLET的工作流程,从几个方面论述了用AGLET可以为MOB ILE AGENT