Filters








499 Hits in 8.0 sec

(How) can mobile agents do secure electronic transactions on untrusted hosts? A survey of the security issues and the current solutions

Joris Claessens, Bart Preneel, Joos Vandewalle
2003 ACM Transactions on Internet Technology  
This article investigates if and how mobile agents can execute secure electronic transactions on untrusted hosts. An overview of the security issues of mobile agents is first given.  ...  In particular, a state-of-the-art survey of mobile agent-based secure electronic transactions is presented.  ...  However, in practice and in an open environment this might not be realistic. Obviously, mobile agents can still be safely sent to untrusted hosts if they do not include payment capability.  ... 
doi:10.1145/643477.643479 fatcat:uix6hvsrf5hdfo5wgredip6xpi

Smart keys for cyber-cars

Christoph Busold, Ahmed Taha, Christian Wachsmann, Alexandra Dmitrienko, Hervé Seudié, Majid Sobhani, Ahmad-Reza Sadeghi
2013 Proceedings of the third ACM conference on Data and application security and privacy - CODASPY '13  
Further, we support the algorithmic proofs of the security of the underlying protocols with automated formal verification tools.  ...  We discuss various approaches to instantiate our security architecture based on different hardware-based trusted execution environments, and elaborate on their security properties.  ...  We assume that each mobile platform P consists of an untrusted host H and a trusted execution environment (TrEE) S.  ... 
doi:10.1145/2435349.2435382 dblp:conf/codaspy/BusoldTWDSSS13 fatcat:voqekmljrbc5hg53pkmdvfrycq

Reliable OSPM schema for secure transaction using mobile agent in micropayment system

N. Chitra Kiran, G. Narendra Kumar
2013 2013 Fourth International Conference on Computing, Communications and Networking Technologies (ICCCNT)  
The paper introduces a novel offline payment system in mobile commerce using the case study of micro-payments.  ...  However, the current work has attempted to provide much more light weight secure offline payment system in micro-payments by designing a new schema termed as Offline Secure Payment in Mobile Commerce (  ...  The proposed protocol now termed as Offline Secure Payment in Mobile Commerce or OSPM deploys the authority that has to be signed by mobile agent and m-token key authorized by merchant.  ... 
doi:10.1109/icccnt.2013.6726503 fatcat:ug6ibosv4rcqfdcgwtcfrz4hgi

Mutual Protection of Co-operating Agents [chapter]

Volker Roth
1999 Lecture Notes in Computer Science  
Security is a fundamental precondition for the acceptance of mobile agent systems.  ...  In this paper we discuss protocols to improve agent security by distributing critical data and operations on mutually supporting agents which migrate in disjunct host domains.  ...  Quoting from [3] :"It is difficult to exaggerate the value and importance of security in an itinerant agent environment.  ... 
doi:10.1007/3-540-48749-2_13 fatcat:ryweqv4rjbeavnz3kmzuukv5ye

A Three-dimensional Framework for Security Implementation in Mobile Environments [chapter]

Bethuel Roberto Vinaja
2001 Advances in Information Security Management & Small Systems Security  
This paper describes a framework that can be used to identify security requirements for a specific mobile environment.  ...  Specific security measures for mobile hardware, mobile users and mobile software are also discussed. Security, Mobility, Mobile Agents, Mobile Computers, Wireless  ...  User friendly payment scheme supporting micropayments CONCLUSION This paper has described a proposed framework that can be used to identify security requirements for a specific mobile environment.  ... 
doi:10.1007/0-306-47007-1_3 fatcat:j6fbt3rvzjb3lfqyxc5jcuxsgi

A Security Framework Model with Communication Protocol Translator Interface for Enhancing NFC Transactions

Lishoy Francis, Gerhard Hancke, Keith Mayes, Konstantinos Markantonakis
2010 2010 Sixth Advanced International Conference on Telecommunications  
We then designed and implemented a secure Communications Protocol Translator Interface (CPTI), which allows an NFC enabled mobile phone to access and use, over a contactless interface, any additional smart  ...  By using CPTI, it is now possible to have communication and interaction between passive security tokens as well as to use external contact based security tokens in the NFC environment, such as a contact  ...  In the 'untrusted' PC environment, the transaction is secured with end-to-end security between the NFC enabled mobile phone and the smart card or between two smart cards.  ... 
doi:10.1109/aict.2010.52 dblp:conf/aict/FrancisHMM10 fatcat:rvxyxa3qs5g7djx6dul42xduua

Secure Transactions with Mobile Agents in Hostile Environments [chapter]

Panayiotis Kotzanikolaou, Mike Burmester, Vassilios Chrissikopoulos
2000 Lecture Notes in Computer Science  
A major problem of mobile agents is their apparent inability to authenticate transactions in hostile environments.  ...  In this paper, we consider a framework for the prevention of agent tampering without compromising the mobility or autonomy of the agent. Our approach uses encrypted functions.  ...  In this paper we prove that it is possible for mobile agents to conduct private and binding transactions in a hostile environment, by using cryptographic primitives.  ... 
doi:10.1007/10718964_24 fatcat:rodffn4lo5cmlboq5dkcgbgyhu

Security in mobile agent system

Yang Kun, Guo Xin, Liu Dayou
2000 ACM SIGOPS Operating Systems Review  
Despite its many practical benefits, mobile agent technology results in significant new security threats from both malicious agents and hosts.  ...  This paper investigates the problems and approaches of mobile agent system, which shows that bi-directional and layered security model may be a good idea to resolve the security problems in mobile agent  ...  Again, there are a number of security techniques agent or a mobile agent system can use. Authentication is also used here to check the validation of host the mobile agent migrates to.  ... 
doi:10.1145/506128.506131 fatcat:dovlnrei55byrfe7dnk4r5gnvi

TAMAP: a new trust-based approach for mobile agent protection

Salima Hacini, Zahia Guessoum, Zizette Boufaida
2007 Journal in Computer Virology  
This paper introduces a trust-based mechanism to improve the security of mobile agents against malicious hosts and to allow their execution in various environments.  ...  Mobile agents are the most suited technology. They must therefore be prepared to execute on different hosts with various environmental security conditions.  ...  In our approach, the trust estimation is dynamic and it is used to enable the mobile agent to adapt its execution in untrusted environments.  ... 
doi:10.1007/s11416-007-0056-y fatcat:fuzfonio7zcc5lmt5m53ozmdqq

Design issues in mobile agent programming systems

N.M. Karnik, A.R. Tripathi
1998 IEEE Concurrency  
In a broad sense, an agent is any program that acts on behalf of a (human) user.  ...  A mobile agent then is a program that represents a user in a computer network and can migrate autonomously from node to node, to perform some computation on behalf of the user.  ...  Acknowledgments We thank the anonymous referees, whose comments were very helpful in improving our presentation.  ... 
doi:10.1109/4434.708256 fatcat:gepwlbd7sjb7zl26fjwjoglbxq

A pessimistic approach to trust in mobile agent platforms

U.G. Wilhelm, S.M. Staamann, L. Buttyan
2000 IEEE Internet Computing  
The problem of protecting an execution environment from possibly malicious mobile agents has been studied extensively, but the reverse problem-protecting the agent from malicious execution environments-has  ...  The authors propose an approach that relies on trusted and tamper-resistant hardware to prevent breaches of trust, rather than correcting them after the fact.  ...  In a conventional mobile agent system, when an executor receives a mobile agent, the owner loses all control over the agent's code and data.  ... 
doi:10.1109/4236.877485 fatcat:4qm426tstjhrhpqv2oh6sete4e

Protecting Consumer Data in Composite Web Services [chapter]

Craig Pearce, Peter Bertok, Ron Van Schyndel
2005 IFIP Advances in Information and Communication Technology  
A semi-trusted processor is introduced for safe execution of sensitive customer information in a protected environment and provides accountability in the case of disputed transactions.  ...  We propose a service-oriented technically enforceable system that preserves privacy and security for customers transacting with untrusted online vendors.  ...  ACKNOWLEDGEMENTS We would like to thank Formal Systems for providing a license to freely use FDR2. We would also like to thank the anonymous reviewers for their useful suggestions.  ... 
doi:10.1007/0-387-25660-1_2 fatcat:tovljzmvtbgwrcbvhfe7kobpoy

TGVisor: A Tiny Hypervisor-Based Trusted Geolocation Framework for Mobile Cloud Clients

Sungjin Park, Jae Nam Yoon, Cheoloh Kang, Kyong Hoon Kim, Taisook Han
2015 2015 3rd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering  
As mobile cloud tenants use cloud services everywhere, trusted geolocation of cloud users arises a new security issue.  ...  The key mechanism of TGVisor is providing a trusted channel between the geolocation server and the GPS module in each mobile client device.  ...  After loading the untrusted legacy OS, the Cloud Agent is executed in the user mode and performs an initialization for the attestation protocol.  ... 
doi:10.1109/mobilecloud.2015.17 dblp:conf/mobilecloud/ParkYKKH15 fatcat:estvi5iv7ze25kjvuddvlaseti

Review of Considerations for Mobile Device based Secure Access to Financial Services and Risk Handling Strategy for CIOs, CISOs and CTOs [article]

Amal Saha, Sugata Sanyal
2015 arXiv   pre-print
These articulations should be captured in information security policy document or other suitable document of financial services organization like banks, payment service provider, etc.  ...  The information technology and security stakeholders like CIOs, CISOs and CTOs in financial services organization are often asked to identify the risks with mobile computing channel for financial services  ...  However, the fundamental features of root-of-trust may be leveraged in a mobile device even when it is not used in enterprise environment.  ... 
arXiv:1502.00724v1 fatcat:y6ywdrnyazgn7iiv7q42boojq4

Protecting mobile-agent data collection against blocking attacks

Min-Hua Shao, Jianying Zhou
2006 Computer Standards & Interfaces  
Full-scale adoption of mobile agent technology in untrustworthy network environment, such as Internet, has been delayed due to several security complexities.  ...  The protection of mobile agents against the attacks of malicious hosts is considered a very challenging security problem.  ...  not discussed in previous mobile agent protocols.  ... 
doi:10.1016/j.csi.2005.02.002 fatcat:3i3ovhyecfagdlvn3i6ibxv7re
« Previous Showing results 1 — 15 out of 499 results