Abstract
A major problem of mobile agents is their apparent inability to authenticate transactions in hostile environments. In this paper, a new secure anonymous mobile agent scheme is proposed for the prevention of agent tempering without compromising the mobility or autonomy of the agent. In the scheme, a mobile agent can produce valid signature on website's bid (it means to transact a contact with the web site) on behalf of its customer, without revealing the customer's real private key. In addition, the anonymity of the customer is also achieved when its agent transacts with the websites. Furthermore, the customer who issues a malicious agent or denies the transaction can be identified and detected by Agent Management Center (AMC). Therefore, the scheme is practical in the future electronic commerce over Internet.
Similar content being viewed by others
References
Danny B Langeet al. Seven good reasons for mobile agents.Comm. of ACM, Mar., 1999, 42: 88–89.
Chess Det al. Itinerant agents for mobile computing. Technical Report, RC 20010 (1995) IBM T J Watson Research Center, NYC.
Panayiotis Kotzanikolaou, Katsirelos George, Chrissikopoulos Vassilios. Mobile agents for secure electronic transactions. Recent Advances in Signal Processing and Communications, World Scientific and Engineering Society Press, 1999, pp. 363–368.
Wayne Jansenet al. NIST special publication 800-19 — mobile agent security. Technical Report MD 20899, National Institute of Standards and Technology, Computer Security Division, Gaithersburg, 1999.
Paulo Jorge Marqueset al. Security mechanisms for using mobile agents in electronic commerce. InProc. 18th IEEE Symposium of Reliable Distributed Systems—Workshop on Electronic Commerce, Lausanne, Switzerland, October, 1999, pp.378–383.
Oppliger Rolf. Security issues related to mobile code and agent-based systems.Computer Communications, July, 1999, 22(12): pp. 1165–1170.
Sander Tomas, Tschudin Christian F. Towards mobile cryptography. Technical Report 97-049. International Computer Science Institute. Berkeley. 1997. http://www.icsi.berkeley.edu/~sander/publication/tr-97-049.ps
IBM, Inc. IBM Aglets Documentation Web Page. Available at URL http://aglets.trl.ibm.co.jp/documentation.html, 1998.
Concordia-Java Mobile Agent Technology. Available at http://www.meitca.com/HSL/Projects/Concordia/
Robert S Gray. Agent Tel: A flexible and secure mobile-agent system. InProc. the Fourth Annual Tel/Tk Workshop (TCL'96), July, 1996, pp.9–23.
Sander Tomas, Tschudin Christian F. Protecting mobile agents against malicious hosts.Mobile Agent Security, LNCS 1419, Springer-Verlag, 1998, pp.44–60.
Panayiotis Kotzanikolaouet al. Secure transactions with mobile agents in hostile environments. Information Security and Privacy. InProc. the 5th Australasian Conference, ACISP 2000, LNCS 1841, Springer-Verlag, 2000, pp.289–297.
Claessens Jet al. Anonymity controlled electronic payment systems. InProc. the 20th Symposium on Information Theory in the Benclux, Haasrode, Belgium, May 27–28, 1999, pp.109–116.
Chaum Det al. Untraceable electronic cash. InProc. Crypto'88, LNCS, Springer-Verlag, 1990, pp.319–327.
Miller V S. Use of elliptic curve in cryptography. InAdvances in Cryptology—CRYPTO'85, Santa Barbara, Calif.,1985, LNCS 218, Springer-Verlag, 1986, pp.417–426.
Koblitz N. Elliptic curve cryptosystems.Mathematics of Computation, 1987, 48: 203–209.
Author information
Authors and Affiliations
Corresponding author
Additional information
WANG ChangJie received the B.S. degree in telecommunication engineering in 1996 and the M.S. degree in communication and information system in 1999, both from Xidian University, China. He is a Ph.D. candidate in the National Key Lab on Integrated Services Networks, Xidian University, and works as a research assistant in the Department of Electronic Engineering, City University of Hong Kong. His research interests include Internet security, cryptography, secure mobile agent system and e-commerce security technology.
ZHANG FangGuo received the M.S. degree from Applied Mathematics Department, Tongji University, China, in 1999 and Ph.D. degree in cryptography from Xidian University, China, in 2002. He is currently a post-doctor fellow at Cryptology and Information Security Lab, Information and Communications University (ICU), Taejon, Korea. His research interests are elliptic curve cryptography, hyperelliptic curve cryptography and secure electronic commerce.
WANG YuMin received the B.E. degree from Department of Telecommunication Engineering, Xidian University, China in 1959. In 1979–1981, he was a visiting scholar in Department of Electronic Engineering, Hawaii University. Currently he is a professor in Xidian University. He is a fellow member of the Chinese Institute of Communication, a fellow member of the Chinese Institute of Electronics. He serves as a member of the Board of Governors of the Chinese Institute of Cryptography (preparatory committee) and also serves on the committee of Information. Theory Society for the Chinese Institute of Electronics, and a senior member of IEEE. His research interests are communication, information theory, coding and cryptography.
Rights and permissions
About this article
Cite this article
Wang, C., Zhang, F. & Wang, Y. Secure web transaction with anonymous mobile agent over internet. J. Comput. Sci. & Technol. 18, 84–89 (2003). https://doi.org/10.1007/BF02946654
Received:
Revised:
Issue Date:
DOI: https://doi.org/10.1007/BF02946654