Abstract
Sea-of-Data (SoD) applications (those that need to process huge quantities of distributed data) present specific restrictions, which make mobile agent systems one of the most feasible technologies to implement them. On the other hand mobile agent technologies are in a hot research state, spfiecially concerning security. We present an access control method for mobile agent systems. It is based on Role-based Access Control and trust management to provide a reliable solution for e-commerce SoD applications. It uses SPKI certificates to implement the role system and the delegation of authorization. It is proposed as an extension of the MARISM-A project,a secure mobile agent platform for SoD application. We also show its functionality with an e-commerce SoD medical imaging data application,whic h is based on a scenario of the IST project INTERPRET.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
T. Aura. Distributed access-rights management with delegation certificates. In J. Vitek and C. Jensen, editors, Secure Internet Programming: Security Issues for Distributed and Mobile Objects, volume 1603 of LNCS,pages 211–235. Springer, 1999.
J. Baumann, F. Hohl, K. Rothermel, and M. Straßer. Mole — Concepts of a Mobile Agent System. Special Issue on Distributed World Wide Web Processing: Applications and Techniques of Web Agents,1(3):123–137,1998.
D. Chess. Security issues of mobile agents. In Mobile Agents, volume 1477 of LNCS, pages 1–12. Springer-Verlang,1998.
D. Clarke, J. Elien, C. Ellison, M. Fredette, A. Morcos, and R. Rivest. Certificate chain discovery in SPKI/SDSI. Journal of Computer Security, 9(9):285–322,2001.
C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, and T. Ylonen. RFC 2693: SPKI certificate theory. The Internet Society, September 1999.
E. Freudenthal, T. Pesin, L. Port, E. Keenan, and V. Karamcheti. dRBAC: Distributed role-based access control for dynamic coalition environments. New York University, Technical Report TR2001-819.(to appear ICDCS 2002),2001.
Intel Architecture Labs. Intel Common Data Security Architecture. http://developer.intel.com/ial/security/.
L. Kagal, T. Finn, and A. Joshi. Trust-Based Security in Pervasive Computing Environments. IEEE Computer, pages 154–157, Dec. 2001.
G. Karjoth, N. Asokan, and C. Gülcü. Protecting the Computation of Free-Roaming Agents. In Proceedings of the Second International Workshop on Mobile Agents, LNCS 1477,pages 194–207. Springer-Verlag, 1998.
D. Rerraiolo, R. Sandhu, S. Gavrila, D. Kuhn, and R Chandramouli. Proposed NIST standard for role-based access control. In ACM Transactions on Information and System Security, volume 4, pages 224–274, August 2001.
J. Riordan and B. Schneier. Environmental key generation towards clueless agents. In Mobile Agents and Security, pages 15–24,1998.
R. Rivest. S-expressions. Internet-draft: <draft-rivest-sexp-00.txt>. The Internet Society, 1997.
S. Robles, J. Mir, and J. Borrell. Marism-a: An architecture for mobile agents with recursive itinerary and secure migration. In 2nd. IW on Security of Mobile Multiagent Systems, Bologna, 2002.
M. Straβer and K. Rothermel. Reliability Concepts for Mobile Agents. International Journal of Cooperative Information Systems (IJCIS),7(4):355–382,1998.
M. Straßer, K. Rothermel, and C. Maifer. Providing Reliable Agents for Electronic Commerce. In Trends in Distributed Systems for Electronic Commerce, LNCS 1402, pages 241–253. Springer-Verlag, 1998.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Navarro, G., Robles, S., Borrell, J. (2002). Role-Based Access Control for E-commerce Sea-of-Data Applications. In: Chan, A.H., Gligor, V. (eds) Information Security. ISC 2002. Lecture Notes in Computer Science, vol 2433. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45811-5_8
Download citation
DOI: https://doi.org/10.1007/3-540-45811-5_8
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44270-7
Online ISBN: 978-3-540-45811-1
eBook Packages: Springer Book Archive