• Journal of the Korea Society of Computer and Information
• /
• v.12 no.5
• /
• pp.57-64
• /
• 2007

Mobile Agent has been known that it is an efficient communication paradigm for distributed applications and that a mobile agent provides higher flexibility and performance than existing communication paradigms. Despite these benefits, mobile agent is not used widely in the market because it is very vulnerable to a variety of attacks. To be applied to develop distributed applications, a mobile agent paradigm must consider both security and performance. In this paper, we propose and evaluate an improving method of a migration performance for a mobile agent model using ISM(Integrated Security Manager), which provides high-level security services and travel plan guide. In the proposed method. ISM offers the travel plan guide service which replies the accumulated results when a mobile agent has executed all migration plans related the trusted domain to be managed by ISM. Our method improved about $33{\sim}82%$ of total execution time than the existing method.

• Journal of Internet Computing and Services
• /
• v.6 no.3
• /
• pp.1-16
• /
• 2005

This paper propose not only MDIT(Mobile Digital Investment Trust) agent design for Trust Investment under Mobile E-commerce environment, but also the symmetric key algorithm 3BC(Bit, Byte and Block Cypher) and the public encryption algorithm F2mECC for solving the problems of memory capacity, CPU processing time, and security that mobile environment has. In Particular, the MDIT Security Agent is the banking security project that introduces the concept of investment trust in mobile e-commerce, This mobile security protocol creates a shared secrete key using F2mECC and then it's value is used for 3BC that is block encryption technique. The security and the processing speed of MDIT agent are enhanced using 3BC and F2mECC.

• Journal of KIISE:Computing Practices and Letters
• /
• v.8 no.2
• /
• pp.240-249
• /
• 2002

In the course of Internet proliferation, many network-related technologies are examined for possible growth and evolution. The use of Internet-based technologies in private networks has further fuelled the demand for network-based applications. The most promising among the new paradigms is use of mobile agents. The mobile agent is capable of migrating autonomously from node to node in the network, to perform some computation on behalf of the user. The mobile agent paradigm is attractive alternative to traditional client-server programming for a significant class of network-centric applications. It also however, suffers from a major drawback, namely, the potential for malicious attacks, abuse of resources pilfering of information, and other security issues. These issues are significantly hampering the acceptance of the mobile-agent paradigm. This paper describe the design & implementation of secure mobile agent gateway that split and merge the agent cede with security policy database. This mechanism will promote the security in mobile agent systems and mobile agent itself.

• Journal of KIISE:Information Networking
• /
• v.30 no.5
• /
• pp.614-620
• /
• 2003

As the proliferation of Internet, mobile agent related technologies are examined for possible growth and evolution. In information retrieval, network and distributed system management, and electronic commerce, mobile agent is more flexible than the traditional communication paradigm. Despite the performance benefits, mobile agent is not used widely in the market because it is very vulnerable to a variety of attacks. In many studies related the security vulnerability for a mobile agent, the high security causes the performance to degrade. In this paper, we propose and evaluate the efficient security model for mobile agent using TDGM(Trusted Domain & Guide Manager), which provides three kinds of services : the trusted domain management, the security service and the travel plan guide. The result clearly shows that this model provides high security and minimizes the performance degradation.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.42 no.3 s.303
• /
• pp.1-8
• /
• 2005

At IETF (Internet Engineering Task Force), recently RFC3775, RFC3776 documents about the mobile IPv6 were standardized by IETF (Internet Engineering Task Force). Those specifications propose that during the roaming, the mobile node sends securely the binding update to the home agent and the correspondent node after setting the security association between Mobile Node and Home Agent. But there is no secure bootstrapping method between a mobile node and a home agent at the two RFC documents. This paper proposed a method for the secure bootstrapping between a mobile node and a home agent. This makes the authentication, binding update, home agent assignment, security association distribution through the AAA-based secure channel between mobile node and home agent. And the proposed method was analyzed in the view of the procedure, round trip and security strength.

• Journal of Internet Computing and Services
• /
• v.3 no.1
• /
• pp.61-69
• /
• 2002

Big-bang growth of Internet and World Wide Web is supplying much information and resources to network. However, use of internet resources is receiving many limitations by bandwidth for most users. But, through Applet way, can solve degradation problem that follow on static side and bandwidth of CGI that HTML has. Mobile Agent starts in user's computer to accomplish user's specification purpose and achieves work rooving network. Because code that can perform so is transmitted, and is achieved in network through network, important problem happens to mobile code's security naturally. In computing environment that this research uses this Mobile Agent way that can protect host and agent groping report, describe problem that happen composing Mobile Agent relationship concept and Mobile Agent, and do so that may present method that is studying to solve these problem, and use method that application is possible actually among presented method and design transfer agent's security system.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.10
• /
• pp.1873-1879
• /
• 2007

As the mobile terminal which uses P2P service increases and it comes to be applied to many fields, mobile agent technology has been applied to P2P and its innovative services has been offered to various fields. However, free mobility of mobile agent technology works like worm, the problem which is contaminated by malicious attacker's attack quickly has appeared and fundamental solution has not been developed yet. This paper proposes STAS (Security Tracking and Auditing Server) system which can offer verification for security of mobile agent in structured P2P environments. Mobile Agent will send data value to STAS via peer so that STAS can verify secure audit and integrity and Mobile agent initiator will obtain the final value of the data from STAS. It can minimize overload of mobile terminal which is occurred by verification of mobile agent and its accomplishment.

• Journal of Digital Convergence
• /
• v.7 no.1
• /
• pp.175-183
• /
• 2009

With the development of enabling technologies such as wireless networking and various types of hand held-mobile devices, Mobile intelligent agent has been widely applied to various fields. Different views on capabilities, advantages, and disadvantages of mobile intelligent agent providing an ubiquitous access are brought by field researchers and practitioners recently. The purpose of this paper is thus to provide the discussion of the comtemporary development of mobile intelligent agent in the contexts of the Infosphere, focusing especially on developing and nurturing the future research grounds such as information scalability, and information security. The results of this study would improve the applications of mobile intelligent agents in web transaction, especially mobile business surroundings where many interest groups have to adjust their point of issues rapidly due to the changing business environment, i.e., customer's change the order item in web.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2001.06a
• /
• pp.477-480
• /
• 2001

무선 정보 환경의 변화에 따라 다양한 정보에 대한 풍족함이 요구되면서 양질의 정보를 정확하고 빠르게 선별하여 획득하는 기술이 점점 중요하게 되었으며, 이러한 페러다임의 요구에 Mobile Agent는 중요한 연구가 된다. 본 논문에서는 Mobile Agent가 가져야 할 보안적 요구사항 중 신뢰할 수 있는 Proxy Server를 이용한 인증을 통해 Sever와 Mobile Agent간의 안전한 통신 방법을 제시하며, Server나 Mobile Agent의 부정이 발견되었을 경우 DSS(Digital Signature Standard) 방식의 서명값을 이용하여 이를 증명함으로써 보다 안전하고 효율적인 상호인증 방식을 제안하였다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.9
• /
• pp.1573-1581
• /
• 2006

To utilize actively the agent which is one of the elements of revitalization of Agro-Foods Mobile I-commerce, an essential prerequisite is agent security. IF using partial PKI(Public Key Infrastructure)-based confirmation mechanism providing security for the agent, the size of agent is becoming larger, the result of the transmission speed is slow, and the confirmation speed is tardy as well because of performing calculation of public keys such as RSA and needing linkage with the CA for the valid examination of certificates. This paper suggests a mechanism that can cross certification and data encryption of each host in the side of improving the problems of key distribution on agent by shaping key chain relationship. This mechanism can guarantee the problem of ky distribution by using agent cipher key(ACK) module and generating random number to fit mobile surroundings and to keep the secret of the agent. Suggested mechanism is a thing that takes into consideration security and efficiency to secure agent for the revitalization of M-Commerce, and is a code skill to make the agent solid and is a safe mechanism minimizing the problems of memory overflow.