SlideShare a Scribd company logo
Agent Roaming
for Mobile
Business
Lecture 5
Introduction
• Despite its many advantages over
traditional commerce, M-Commerce has
not taken off successfully.
• One of the main hindrances is security.
• When it comes to online transactions,
security becomes the primary concern.
• The Internet was developed without too
much security in mind.
Introduction
• Besides concerns on security, current M-
Commerce lacks intelligence.
• The intelligent agent is one solution to
providing intelligence in M-Commerce
and it is important to equip intelligent
agents with roaming capability.
• Unfortunately, with the introduction of
roaming capability, more security issues
arise.
Security issues about
roaming Agent
• As the agent needs to move among external
hosts to perform its tasks, the agent itself
becomes a target of attack.
– The data collected by agents may be modified
– The credit carried by agents may be stolen
– The mission statement on the agent may be
changed.
• As a result, transport security is an immediate
concern to agent roaming
• SAFE transport protocol is designed to provide a
secure roaming mechanism for intelligent
agents
Intelligent Agents
• In the area of knowledge representation
and exchange, one of the most widely
accepted standards is KQML (Knowledge
Query and Manipulation Language)
• KQML is designed as a high-level language
for runtime exchange of information
between heterogeneous systems.
• Unfortunately, KQML is designed with little
security considerations
Secret Agents
is clear that it is impossible to protect an agent
from the machine on which the agent is
executing…it is equally clear that it is impossible
to protect an agent from a resource that willfully
provides false information.
(Gray, 1997)
…seeks to implement a verification mechanism so
that each machine can check whether an agent
was modified unexpectedly after it left the home
machine.
(Gray, 1997)
General message format
• In SAFE, agent transport is achieved via a series of message
exchanges. The format of a general message is as follows:
SAFE Message = Message Content + Timestamp + Sequence
Number + MD(Message Content + Timestamp + Sequence
Number) + Signature(MD)
• If the message content is sensitive, it can be encrypted
using a symmetric key algorithm (e.g., Triple DES). SAFE
does not provide a general key exchange protocol for
general messages.
• To cater for different application concerns, three transport
protocols are proposed:
– supervised agent transport
– unsupervised agent transport,
– bootstrap agent transport.
Supervised Agent Transport
Supervised Agent Transport
• Agent receptionists are processes running
at every host to facilitate agent transport
• To initiate supervised agent transport, an
agent needs to request an entry permit
from a destination receptionist
• Communication between visiting agent and
foreign parties (other agents outside the
host, agent owner, etc.) is done using an
agent receptionist as a proxy
• The request for entry permit is first sent to
the source receptionist.
Supervised Agent Transport
• Once the source receptionist receives
the entry permit from the destination
receptionist, it simply forwards it to the
requesting agent.
• The next step is for the agent to receive
a roaming permit from its owner/butler.
• The agent owner/butler can decide
whether the roaming permit should be
issued based on its own criteria
Supervised Agent Transport
• With the roaming permit and entry permit,
the agent is now able to request for
roaming from the source receptionist.
• In order to protect the agent during its
roaming, sensitive function and codes
inside the agent ‘body’ will be frozen.
• Once frozen, the agent is ready for
transmission over the Internet.
• To activate roaming, the agent sends a
request containing the roaming permit to
the source receptionist
Supervised Agent Transport
• When the frozen agent reaches the destination
receptionist, it will inspect the agent’s roaming
permit and the entry permit (contained in the
roaming permit) carefully. By doing so, the
destination receptionist can establish the
following:
1. The agent has been granted permission to enter the
destination.
2. The entry permit carried by the agent has not expired.
3. The agent has obtained sufficient authorization from
its owner/butler for roaming.
4. The roaming permit carried by the agent has not
expired.
Supervised Agent Transport
• Although the agent has been activated, it is still
unable to perform any operation since all
sensitive codes/data are frozen.
• To unfreeze the agent, it has to request the
unfreeze key from its owner/butler.
• To prove the authenticity of the destination, the
destination receptionist is required to sign the
random challenge in the roaming permit. The
request for unfreeze key contains the session
number, the certificate of destination, and the
signature on the random challenge.
Unsupervised Agent Transportation
Unsupervised Agent Transportation
• Request for Entry Permit
• Pre-Roaming Notification
• Agent Freeze
• Agent Transport
• Request for Unfreeze Key
• Agent Activation
• Post-Roaming Notification

More Related Content

DOCX
Inside front office dept
PPT
PDF
P0704085089
PDF
An enhanced approach for securing mobile agents from
PDF
APPLICATION OF MOBILE AGENTS FOR SECURITY USING MULTILEVEL ACCESS CONTROL
PPTX
Agent discovery& registration
PDF
Performance of Various Mobile IP Protocols and Security Considerations
PDF
IT6601 Mobile Computing Unit II
Inside front office dept
P0704085089
An enhanced approach for securing mobile agents from
APPLICATION OF MOBILE AGENTS FOR SECURITY USING MULTILEVEL ACCESS CONTROL
Agent discovery& registration
Performance of Various Mobile IP Protocols and Security Considerations
IT6601 Mobile Computing Unit II

Similar to Lecture 5. Secure agent roaming for mobile business (16)

PDF
PDF
Mobile ip group_3
PPTX
Mobile ip presented by nafiz
DOCX
PPT
PPT
Mobility And Mobile I Pv4
PPT
Mobile IP 1
PPTX
Mobile Agents
PPTX
Tushar mobile i-pv6
PPT
Mobile ip
PPT
Edwin Hernandez Presentation for Local Computer Networks n 2004
PPTX
Mobile IP
PDF
Mobileip 161105154557
PDF
Mobileip 161105154557
PPTX
Mobile Agents
Mobile ip group_3
Mobile ip presented by nafiz
Mobility And Mobile I Pv4
Mobile IP 1
Mobile Agents
Tushar mobile i-pv6
Mobile ip
Edwin Hernandez Presentation for Local Computer Networks n 2004
Mobile IP
Mobileip 161105154557
Mobileip 161105154557
Mobile Agents
Ad

More from Vitaliy Pak (20)

PPTX
Trend of 4th induatrial revolution linked application service technology base...
PPTX
Ai in farming
PPTX
Lecture 4. information delivery for mobile business
PPTX
Lecture 3. A methodology for M-Tansformation of small and medium enterprises
PPTX
Lecture 2. mobile business strategy
PPTX
Lecture 1. the definition of mobile business
PPT
Базы данных лекция №7
PPT
Базы данных лекция №6
PPT
Базы данных лекция №5
PPT
Базы данных лекция №12
PPT
Базы данных лекция №11
PPT
Базы данных лекция №10
PPT
Базы данных лекция №9
PPT
Базы данных лекция №8
PPTX
Difference between Chinese and Korean
PDF
IT in Korea
PPTX
лекция 1. введение в веб технологии
PPTX
Двухфакторная аутентификация
PPT
Базы данных лекция №4
PPT
Базы данных лекция №3
Trend of 4th induatrial revolution linked application service technology base...
Ai in farming
Lecture 4. information delivery for mobile business
Lecture 3. A methodology for M-Tansformation of small and medium enterprises
Lecture 2. mobile business strategy
Lecture 1. the definition of mobile business
Базы данных лекция №7
Базы данных лекция №6
Базы данных лекция №5
Базы данных лекция №12
Базы данных лекция №11
Базы данных лекция №10
Базы данных лекция №9
Базы данных лекция №8
Difference between Chinese and Korean
IT in Korea
лекция 1. введение в веб технологии
Двухфакторная аутентификация
Базы данных лекция №4
Базы данных лекция №3
Ad

Recently uploaded (20)

PDF
Ôn tập tiếng anh trong kinh doanh nâng cao
PDF
How to Get Funding for Your Trucking Business
PDF
Katrina Stoneking: Shaking Up the Alcohol Beverage Industry
PPTX
New Microsoft PowerPoint Presentation - Copy.pptx
PPTX
Belch_12e_PPT_Ch18_Accessible_university.pptx
PPTX
Board-Reporting-Package-by-Umbrex-5-23-23.pptx
PDF
Roadmap Map-digital Banking feature MB,IB,AB
PPTX
ICG2025_ICG 6th steering committee 30-8-24.pptx
PPTX
svnfcksanfskjcsnvvjknsnvsdscnsncxasxa saccacxsax
PDF
Unit 1 Cost Accounting - Cost sheet
PDF
Deliverable file - Regulatory guideline analysis.pdf
PDF
NewBase 12 August 2025 Energy News issue - 1812 by Khaled Al Awadi_compresse...
PDF
Stem Cell Market Report | Trends, Growth & Forecast 2025-2034
PPT
340036916-American-Literature-Literary-Period-Overview.ppt
PDF
kom-180-proposal-for-a-directive-amending-directive-2014-45-eu-and-directive-...
PDF
How to Get Business Funding for Small Business Fast
PDF
Cours de Système d'information about ERP.pdf
PPTX
job Avenue by vinith.pptxvnbvnvnvbnvbnbmnbmbh
DOCX
unit 2 cost accounting- Tender and Quotation & Reconciliation Statement
PPT
Chapter four Project-Preparation material
Ôn tập tiếng anh trong kinh doanh nâng cao
How to Get Funding for Your Trucking Business
Katrina Stoneking: Shaking Up the Alcohol Beverage Industry
New Microsoft PowerPoint Presentation - Copy.pptx
Belch_12e_PPT_Ch18_Accessible_university.pptx
Board-Reporting-Package-by-Umbrex-5-23-23.pptx
Roadmap Map-digital Banking feature MB,IB,AB
ICG2025_ICG 6th steering committee 30-8-24.pptx
svnfcksanfskjcsnvvjknsnvsdscnsncxasxa saccacxsax
Unit 1 Cost Accounting - Cost sheet
Deliverable file - Regulatory guideline analysis.pdf
NewBase 12 August 2025 Energy News issue - 1812 by Khaled Al Awadi_compresse...
Stem Cell Market Report | Trends, Growth & Forecast 2025-2034
340036916-American-Literature-Literary-Period-Overview.ppt
kom-180-proposal-for-a-directive-amending-directive-2014-45-eu-and-directive-...
How to Get Business Funding for Small Business Fast
Cours de Système d'information about ERP.pdf
job Avenue by vinith.pptxvnbvnvnvbnvbnbmnbmbh
unit 2 cost accounting- Tender and Quotation & Reconciliation Statement
Chapter four Project-Preparation material

Lecture 5. Secure agent roaming for mobile business

  • 2. Introduction • Despite its many advantages over traditional commerce, M-Commerce has not taken off successfully. • One of the main hindrances is security. • When it comes to online transactions, security becomes the primary concern. • The Internet was developed without too much security in mind.
  • 3. Introduction • Besides concerns on security, current M- Commerce lacks intelligence. • The intelligent agent is one solution to providing intelligence in M-Commerce and it is important to equip intelligent agents with roaming capability. • Unfortunately, with the introduction of roaming capability, more security issues arise.
  • 4. Security issues about roaming Agent • As the agent needs to move among external hosts to perform its tasks, the agent itself becomes a target of attack. – The data collected by agents may be modified – The credit carried by agents may be stolen – The mission statement on the agent may be changed. • As a result, transport security is an immediate concern to agent roaming • SAFE transport protocol is designed to provide a secure roaming mechanism for intelligent agents
  • 5. Intelligent Agents • In the area of knowledge representation and exchange, one of the most widely accepted standards is KQML (Knowledge Query and Manipulation Language) • KQML is designed as a high-level language for runtime exchange of information between heterogeneous systems. • Unfortunately, KQML is designed with little security considerations
  • 6. Secret Agents is clear that it is impossible to protect an agent from the machine on which the agent is executing…it is equally clear that it is impossible to protect an agent from a resource that willfully provides false information. (Gray, 1997) …seeks to implement a verification mechanism so that each machine can check whether an agent was modified unexpectedly after it left the home machine. (Gray, 1997)
  • 7. General message format • In SAFE, agent transport is achieved via a series of message exchanges. The format of a general message is as follows: SAFE Message = Message Content + Timestamp + Sequence Number + MD(Message Content + Timestamp + Sequence Number) + Signature(MD) • If the message content is sensitive, it can be encrypted using a symmetric key algorithm (e.g., Triple DES). SAFE does not provide a general key exchange protocol for general messages. • To cater for different application concerns, three transport protocols are proposed: – supervised agent transport – unsupervised agent transport, – bootstrap agent transport.
  • 9. Supervised Agent Transport • Agent receptionists are processes running at every host to facilitate agent transport • To initiate supervised agent transport, an agent needs to request an entry permit from a destination receptionist • Communication between visiting agent and foreign parties (other agents outside the host, agent owner, etc.) is done using an agent receptionist as a proxy • The request for entry permit is first sent to the source receptionist.
  • 10. Supervised Agent Transport • Once the source receptionist receives the entry permit from the destination receptionist, it simply forwards it to the requesting agent. • The next step is for the agent to receive a roaming permit from its owner/butler. • The agent owner/butler can decide whether the roaming permit should be issued based on its own criteria
  • 11. Supervised Agent Transport • With the roaming permit and entry permit, the agent is now able to request for roaming from the source receptionist. • In order to protect the agent during its roaming, sensitive function and codes inside the agent ‘body’ will be frozen. • Once frozen, the agent is ready for transmission over the Internet. • To activate roaming, the agent sends a request containing the roaming permit to the source receptionist
  • 12. Supervised Agent Transport • When the frozen agent reaches the destination receptionist, it will inspect the agent’s roaming permit and the entry permit (contained in the roaming permit) carefully. By doing so, the destination receptionist can establish the following: 1. The agent has been granted permission to enter the destination. 2. The entry permit carried by the agent has not expired. 3. The agent has obtained sufficient authorization from its owner/butler for roaming. 4. The roaming permit carried by the agent has not expired.
  • 13. Supervised Agent Transport • Although the agent has been activated, it is still unable to perform any operation since all sensitive codes/data are frozen. • To unfreeze the agent, it has to request the unfreeze key from its owner/butler. • To prove the authenticity of the destination, the destination receptionist is required to sign the random challenge in the roaming permit. The request for unfreeze key contains the session number, the certificate of destination, and the signature on the random challenge.
  • 15. Unsupervised Agent Transportation • Request for Entry Permit • Pre-Roaming Notification • Agent Freeze • Agent Transport • Request for Unfreeze Key • Agent Activation • Post-Roaming Notification