ارتباط امن برای برنامه های کاربردی کسب و کار الکترونیکی در شبکه های عامل تلفن همراه

The mobile agent plays an increasingly important role in electronic business applications, because it can provide the essential properties of personalization, automation and intelligence, etc. This paper proposes several appropriate security schemes for protecting mobile agent networks in electronic business applications. As far as mobile agent security is concerned, we develop a proxy signature scheme for protecting mobile agents against malicious agent hosts. The proposed proxy signature scheme can protect users’ private keys stored in smart cards, and provide the fairness of contracts signed by agents. In addition, we also design a proxy authenticated encryption scheme so that the signature of the contracts will satisfy users’ constraints, and the non-repudiation of servers can be achieved. On the other hand, as far as agent host security is concerned, we apply the idea of proxy signature to construct an authentication scheme for protecting agent hosts. This scheme is to achieve the requirements of authentication and authorization. Furthermore, we also implement the proposed security schemes to achieve security requirements of confidentiality, integrity, authenticity, and non-repudiation for protecting Linux-based mobile agents and hosts in an electronic auction application. Hence, we affirm that the proposed security schemes are suitable for practical electronic business applications in mobile-agent-based network environments

In recent years, there are many business applications based on mobile agent on a variety of networks (Benouhiba and Nigro, 2006, Kang et al., 2008, Kim et al., 2010, Park et al., 2006, Wu et al., 2010 and Yun et al., 2009). The agents of the business applications usually provide personalization, automation and intelligence, etc. However, it also results in many security threats such as stealing data from hosts by agents and tampering constraints of agents by hosts. For instance, when a mobile agent carrying a user’s private key roams among servers on the Internet, the agent may find a bid satisfies the user’s constraints, and then sign the bid (Chess et al., 1995 and White, 1994). However, users will not wish to equip agents with their private signature keys when the agents may execute on untrusted agent hosts (Maes et al., 1999, Sander and Tschudin, 1998 and Takeda et al., 1995). On the other hand, a problem specific to mobile agents is the protection of the agent platforms running the agents. A hostile agent can destroy the hard drive, steal data, or do all sorts of undesirable operations to agent platforms. In this paper we will develop efficient security schemes based on cryptographic solutions (Mambo et al., 1996 and Sander and Tschudin, 1998) for prevention of both agents and hosts tampering. This paper develops a proxy signature scheme and a proxy authenticated encryption scheme for protecting mobile agents against malicious agent hosts using the proposed ECC-based self-certified public key cryptosystem. The proposed proxy signature scheme can protect users’ private keys stored in smart cards, and provide the fairness of contracts signed by agents. The proposed cryptosystem is constructed using the ECC, and it also integrates the identity-based public key cryptosystem with the self-certified public key cryptosystem (Girault, 1992, Petersen and Horster, 1997, Saeednia, 1997 and Saeednia, 2003) to provide higher security strength. Furthermore, based on the proposed cryptosystem, we employ the proposed proxy signature scheme to further design a proxy authenticated encryption scheme so that the signature of the contracts will satisfy users’ constraints, and the non-repudiation of servers can be achieved. In summary, these proposed schemes are able to accomplish the security requirements of confidentiality, integrity, authenticity, and non-repudiation for protecting mobile agents in electronic business applications. On the other hand, this paper also presents an authentication scheme for protecting mobile agent hosts against unauthorized mobile agents. In such a scheme, a mobile agent can register once to the system authority for several services in the mobile-agent-based networks. Finally, we implement the proposed security schemes for protecting Linux-based mobile agent networks in an electronic auction application. The rest of this paper is organized as follows. In Section 2, we briefly describe the elliptic curve cryptosystems. Section 3 first develops an efficient public key cryptosystems, and then several security schemes constructed using it are designed for protecting mobile-agent-based electronic business applications. In Section 4, security analyses about attacks on the proposed schemes consolidate the feasibility of the schemes. Performance evaluation of the proposed schemes, which is measured by the required computational effort and communicational cost, is given in Section 5. In Section 6, we present the implementation of the proposed schemes on an electronic auction application. Finally, some concluding remarks are presented in Section 7.

This paper discusses about the security of mobile agents and agent hosts in electronic business applications. We focus on the cryptographic solutions for the confidentiality, integrity, authenticity, and non-repudiation in mobile agent networks environments. In order to protect the security of transactions in e-commerce, we propose an appropriate public key cryptosystem (PKC) for the mobile-agent-based networks. The proposed PKC is constructed based on the elliptic curve cryptosystems and the ID-based self-certified public key cryptosystems. In addition, we further employ the integrated cryptosystems to design several security schemes for protecting mobile agents and agent hosts, such as the proxy signature, proxy authenticated encryption scheme and authentication scheme. The proposed schemes in this paper have the following advantages: 1. When verifying the validity of public key, it does not need to spend extra time to verify the signature in the digital certificate. 2. Verifying both a signature and the validity of public key can be concurrently fulfilled in a logically single step. 3. The security requirement of non-repudiation between customers and servers is achieved actually. 4. Both signing and encrypting a message can be concurrently accomplished in a logically single step. 5. A user can register only once to a system authority for many services. 6. The load of registration can be delegated to one trusted third party. 7. The host platforms do not maintain any database of users’ keys. Furthermore, we also implement all of the proposed ECC-based self-certified public key cryptosystem and related security schemes to demonstrate our security schemes can practically carry out security requirements of confidentiality, integrity, authenticity, and non-repudiation for protecting mobile agent networks in electronic business applications.