• Journal of The Korean Association of Information Education
• /
• v.2 no.1
• /
• pp.130-137
• /
• 1998

An agent is a computer program that acts autonomously on a computer system. A mobile agent is not bound to the system where it begins execution. It has an ability to transport itself from on e system in a network to another. Mobile agent system solve the network traffic problem. Moreover, the agent may utilize the object services of the destination agent system. In this study the mobile agent system is introduced to support security service.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.9
• /
• pp.1573-1581
• /
• 2006

To utilize actively the agent which is one of the elements of revitalization of Agro-Foods Mobile I-commerce, an essential prerequisite is agent security. IF using partial PKI(Public Key Infrastructure)-based confirmation mechanism providing security for the agent, the size of agent is becoming larger, the result of the transmission speed is slow, and the confirmation speed is tardy as well because of performing calculation of public keys such as RSA and needing linkage with the CA for the valid examination of certificates. This paper suggests a mechanism that can cross certification and data encryption of each host in the side of improving the problems of key distribution on agent by shaping key chain relationship. This mechanism can guarantee the problem of ky distribution by using agent cipher key(ACK) module and generating random number to fit mobile surroundings and to keep the secret of the agent. Suggested mechanism is a thing that takes into consideration security and efficiency to secure agent for the revitalization of M-Commerce, and is a code skill to make the agent solid and is a safe mechanism minimizing the problems of memory overflow.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.5S
• /
• pp.1657-1665
• /
• 2000

Mobile agents based e-commerce system has many advantage than traditional e-commerce-information gathering on goods, price settlement and payment, delivery of the goods purchased, and so on. However, due to the security vulnerability that stems from mobile agent's mobility, mobile agents based e-commerce system has additional security problems. Therefore, in order to do e-commerce securely in th system, first of al the security issues on mobile agents must be addressed. It this paper, we propose a mobile agent transfer protocol that provides confidentiality and integrity of mobile agent in transit and mutual authentication for communicating hosts. We further show the security of the protocol against many possible attacks. Also, we suggest the location management mechanism of mobile agents based on the trust center. This mechanism is capable of finding their locations transparently and detecting mobile agent clones.

• Journal of KIISE:Information Networking
• /
• v.30 no.5
• /
• pp.614-620
• /
• 2003

As the proliferation of Internet, mobile agent related technologies are examined for possible growth and evolution. In information retrieval, network and distributed system management, and electronic commerce, mobile agent is more flexible than the traditional communication paradigm. Despite the performance benefits, mobile agent is not used widely in the market because it is very vulnerable to a variety of attacks. In many studies related the security vulnerability for a mobile agent, the high security causes the performance to degrade. In this paper, we propose and evaluate the efficient security model for mobile agent using TDGM(Trusted Domain & Guide Manager), which provides three kinds of services : the trusted domain management, the security service and the travel plan guide. The result clearly shows that this model provides high security and minimizes the performance degradation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.3
• /
• pp.3-12
• /
• 2001

In this course of Internet proliferation, many network-related technologies are examined for possible growth and evolution. The use of Internet-based technologies is private networks has further fuelled the demand for network-based applications. The most promising among the new paradigms is the use of mobile agents. The mobile agent is capable of migrating autonomously form node to node in the network, to perform some computations on behalf of the user. The mobile agent paradigm is attractive alternative to traditional client-server programming for a significant class of network-centric applications. It does however, suffer. from a major drawback namely, the potential for malicious attacks, abuse of resources, pilfering of information, and other security issues. These issues are significantly hampering the acceptance of the mobile-agent paradigm. This paper describes the design of a secure mobile agent gateway 7hat can split and merge the agent code with security policy database on the VPN. This mechanism will promote security in the mobile agent systems.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.5
• /
• pp.57-64
• /
• 2007

Mobile Agent has been known that it is an efficient communication paradigm for distributed applications and that a mobile agent provides higher flexibility and performance than existing communication paradigms. Despite these benefits, mobile agent is not used widely in the market because it is very vulnerable to a variety of attacks. To be applied to develop distributed applications, a mobile agent paradigm must consider both security and performance. In this paper, we propose and evaluate an improving method of a migration performance for a mobile agent model using ISM(Integrated Security Manager), which provides high-level security services and travel plan guide. In the proposed method. ISM offers the travel plan guide service which replies the accumulated results when a mobile agent has executed all migration plans related the trusted domain to be managed by ISM. Our method improved about $33{\sim}82%$ of total execution time than the existing method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.3
• /
• pp.71-78
• /
• 2001

In this paper, we describe the vulnerabilities against mobile agent and analyze existing schemes to cope with them. Also we propose a new scheme which protects the executed information by mobile agent and simultaneously traces the executions of mobile agent. The proposed scheme provides non-repudiation between participations for the executions of mobile agent, forward integrity against modification and protection against code insertion or deletion attack.

• Convergence Security Journal
• /
• v.11 no.4
• /
• pp.77-83
• /
• 2011

In addition to the rapid development of health information technology services for the development of new medical information, a lot of research is underway. Improve health care services for patients are many ways to help them. However, no information about the security, if only the technology advances in health care systems will create an element of risk and threat. Today's issues and access issues are stable over a public network. Ad hocsensor network using secure, non-integrated health information system's security vulnerabilities does not solve the security vulnerabilities. In the development and utilization of health information systems to be subject to greater restrictions. Different security policies in an environment with a medical information system security policy mechanism that can be resolved if people get here are needed. Context-aware and flexible policy of integration and confidential medical information through the resistance should be guaranteed. Other cross-domain access control policy for telecommunications should be protected. In this paper, that the caller's medical information system, diversification, diversification Security agent in the environment, architecture, design, plan, role-based security system are proposed. The proposed system architecture, design work in the field and in the utilization of one model are expected to be.

• Journal of Internet Computing and Services
• /
• v.6 no.3
• /
• pp.1-16
• /
• 2005

This paper propose not only MDIT(Mobile Digital Investment Trust) agent design for Trust Investment under Mobile E-commerce environment, but also the symmetric key algorithm 3BC(Bit, Byte and Block Cypher) and the public encryption algorithm F2mECC for solving the problems of memory capacity, CPU processing time, and security that mobile environment has. In Particular, the MDIT Security Agent is the banking security project that introduces the concept of investment trust in mobile e-commerce, This mobile security protocol creates a shared secrete key using F2mECC and then it's value is used for 3BC that is block encryption technique. The security and the processing speed of MDIT agent are enhanced using 3BC and F2mECC.

• Journal of KIISE:Computing Practices and Letters
• /
• v.8 no.2
• /
• pp.240-249
• /
• 2002

In the course of Internet proliferation, many network-related technologies are examined for possible growth and evolution. The use of Internet-based technologies in private networks has further fuelled the demand for network-based applications. The most promising among the new paradigms is use of mobile agents. The mobile agent is capable of migrating autonomously from node to node in the network, to perform some computation on behalf of the user. The mobile agent paradigm is attractive alternative to traditional client-server programming for a significant class of network-centric applications. It also however, suffers from a major drawback, namely, the potential for malicious attacks, abuse of resources pilfering of information, and other security issues. These issues are significantly hampering the acceptance of the mobile-agent paradigm. This paper describe the design & implementation of secure mobile agent gateway that split and merge the agent cede with security policy database. This mechanism will promote the security in mobile agent systems and mobile agent itself.