Skip to main content
SpringerLink
Log in

Encrypting Java Archives and Its Application to Mobile Agent Security

  • Chapter
  • First Online:
Book cover Agent Mediated Electronic Commerce

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 1991))

Abstract

In this article we describe an extension of Java Archives that allows to keep data encrypted for multiple recipients. Encrypted data is accessible only by selected access groups. Java archives may be used as containers of mobile agents, which allows agents to keep confidential data unaccessible while residing on untrusted hosts. However, additional protective measures are required in order to prevent Cut & Paste attacks on mobile agents by malicious hosts. One such mechanism is described. The usefulness of the concepts is illustrated by an example application for user profile management in an electronic commerce setting.

See URL http://www.informatik.uni-stuttgart.de/ipvr/vs/projekte/mole/mal/mal.html

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. CONAN, V., FOSS, M., LENDA, P., LOUVEAUX, S., and SALAYN, A. Legal issues for personalised agent mediated electronic commerce: The aimedia case study. In Agent Mediated Electronic Commerce, C. Sierra, Ed.Springer Verlag, Berlin, 2000. Issued for review, book is to appear.

    Google Scholar 

  2. CROCKER, D. RFC 822: Standard for the format of ARPA Internet text messages, Aug. 1982. See also STD0011. Obsoletes RFC0733. Updated by RFC1123, RFC1138, RFC1148, RFC1327, RFC2156. Status: STANDARD.

    Google Scholar 

  3. FIPS46. Data Encryption Standard. Federal Information Processing Standards Publication 46, U.S. Department of Commerce/National Bureau of Standards, National Technical Information Service, Springfield, Virginia, 1977. revised as FIPS 46-1:1988; FIPS 46-2:1993.

    Google Scholar 

  4. International Organization For Standardization. Information Processing-Modes of Operation for an n-Bit Block Cipher Algorithm. Geneva, Switzerland, 1991. ISO/IEC 10116.

    Google Scholar 

  5. International Organization for Standardization. Information technology-Open Systems Interconnection-The Directory: Authentication Framework. Geneva, Switzerland, nov 1993. ISO/IEC 9594-8, equivalent to ITU-T Rec. X.509, 1993.

    Google Scholar 

  6. KARNIK, N. M., and TRIPATHI, A. R. Agent server architecture for the Ajanta mobile-agent system. In Proceedings of the 1998 International Conference on Parallel and Distributed Processing Techniques and Applications (PDPTA’ 98) (Las Vegas, July 1998).

    Google Scholar 

  7. KARNIK, N. M., and TRIPATHI, A. R. Security in the Ajanta mobile agent system. Technical ReportTR-5-99, University of Minnesota, Minneapolis, MN 55455, U. S. A., May1999.

    Google Scholar 

  8. MENEZES, A. J., vanOORSCHOT, P. C., and VANSTONE, S. A. Handbook of Applied Cryp-tography. Discrete Mathematics and its Applications. CRC Press, New York, 1996. ISBN 0-8493-8523-7.

    Google Scholar 

  9. RIORDAN, J., and SCHNEIER, B. Environmental key generation towards clueless agents. In Vigna [20], pp. 15–24.

    Google Scholar 

  10. RIVEST, R. L., SHAMIR, A., and ADLEMAN, L. M. A method for obtaining digital signatures and publi-key cryptosystems. Communications of the ACM 21 (1978), 120–126.

    Article  MATH  MathSciNet  Google Scholar 

  11. Roth, V. Mutual protection of co-operating agents. In Secure Internet Programming [21].

    Google Scholar 

  12. ROTH, V., AND JALALI, M. Access control and key management for mobile agents. Computers & Graphics, Special Issue on Data Security in Image Communication and Networks22, 3 (1998).

    Google Scholar 

  13. RSA Laboratories. Cryptographic message syntax standard. Public Key-Cryptography Standards 7, RSA Laboratories, Redwood City, CA, USA, 1993. Available at URL: ftp://ftp.rsa.com/pub/pkcs/.

  14. RSA Laboratories. Password-based encryption standard. Public Key-Cryptography Standards 5, RSA Laboratories, Redwood City, CA, USA, 1993. Available at URL: ftp://ftp.rsa.com/pub/pkcs/.

  15. SANDER, T., and TSCHUDIN, C. F. Protecting mobile agents against malicious hosts. In Vigna [20], pp. 44–60.

    Google Scholar 

  16. Sun Microsystems, Inc. Java tm Archive (JAR) Features. in [19], relative URL: http://file:/docs/guide/jar/index.html.

  17. SUN MICROSYSTEMS,INC. JDK 1.2 Documentation, 1998. Available at URL:http://java.sun.com.

  18. VIGNA, G., Ed. Mobile Agents and Security, vol. 1419 of Lecture Notes in Computer Science.Springer Verlag, Berlin Heidelberg, 1998.

    Google Scholar 

  19. VITEK, J., and JENSEN, C. Secure Internet Programming: Security Issues for Mobile and Distributed Objects, vol. 1603of Lecture Notes in Computer Science. Springer-Verlag Inc., NewYork, NY, USA, 1999.

    Google Scholar 

  20. WHITE, J. E. Mobile Agents. AAAI/MIT Press, 1997, ch. 18.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Fraunhofer Institut für Graphische Datenverarbeitung, Rundeturmstraße 6, 64283, Darmstadt, Germany

    Volker Roth

  2. Thomson-CSF Communications, 66, Rue du Fossé Blanc, BP82, 92231, Gennevilliers Cedex, France

    Vania Conan

Authors
  1. Volker Roth
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vania Conan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institute of Information and Computing Sciences, Utrecht University, P.O.Box 80.089, 3508 TB, Utrecht, The Netherlands

    Frank Dignum

  2. IIIA, CSIC Campus UAB, 08193, Bellaterra, Catalonia, Spain

    Carles Sierra

Rights and permissions

Reprints and permissions

Copyright information

© 2001 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Roth, V., Conan, V. (2001). Encrypting Java Archives and Its Application to Mobile Agent Security. In: Dignum, F., Sierra, C. (eds) Agent Mediated Electronic Commerce. Lecture Notes in Computer Science(), vol 1991. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44682-6_13

Download citation

  • DOI: https://doi.org/10.1007/3-540-44682-6_13

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-41671-5

  • Online ISBN: 978-3-540-44682-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation