• The KIPS Transactions:PartC
• /
• v.10C no.5
• /
• pp.525-532
• /
• 2003

This paper describes intrusion detection rule management using mobile agents. Intrusion detection can be divided into anomaly detection and misuse detection. Misuse detection is best suited for reliably detecting known use patterns. Misuse detection systems can detect many or all known attack patterns, but they are of little use for as yet unknown attack methods. Therefore, the introduction of mobile agents to provide computational security by constantly moving around the Internet and propagating rules is presented as a solution to misuse detection. This work presents a new approach for detecting intrusions, in which mobile agent mechanisms are used for security rules propagation. To evaluate the proposed approach, we compared the workload data between a rules propagation method using a mobile agent and a conventional method. Also, we simulated a rules management using NS-2 (Network Simulator) with respect to time.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.787-792
• /
• 2003

Telecommunication network are becomming bigger and more complex. Its difficult to manage efficiently the networks, because these networks usually have heterogeneous and inompatoble compinents. Nevertheless, current approaches to network management have focused on centralized managementstrategies based on client-server architecture. These approaches have resulted in much weakness in the real-time management, the service extensibility, and the network scalability. In thispaper, we applied the mobile agent technology to solve the above problems. Jave is a promising technology for developing mobile agent system. But, there are several problems like the service extensibility in using the Java. To solve these problems, a new approach using digital signature is suggested to authenticate mobile agent in network management environments. This approach can solve the conflict between security of the system and extensibility of the mobile code. Moreover, the system suggested in this paper show the decentralized and flexible network management solutions.

• The KIPS Transactions:PartA
• /
• v.11A no.6
• /
• pp.439-450
• /
• 2004

Mobile agents are autonomous and dynamic entities that can migrate among various nodes in the network. Java's Jini framework facilitates mobile agent system development, providing hey features for distributed network programming. However, due to the security weakness, Jinil.0 service has a fundamental limitation on developing mobile agent systems which support secure remote communications. In this paper, we describe a Jini2.0-based secure mobile agent system named SecureJMoblet. On the top of Jini2.0, the system provides basic functionalities of a mobile agent system such as creation, transfer and control. In addition, with the SeureJS developed for secure JavaSpace service, SecureJMoblet supports a secure object repository and a reliable communication among mobile agents.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.10 no.3
• /
• pp.11-28
• /
• 2000

In these days it is rapidly increasing that multi-user, multi-layered commercial software developments for companies or public institutions. Security services are necessary for most of systems and the access control service is the essential of security services. Current access control methods that are used as access control policies are classified as Discretionary Access Control Mandatory Access Control and Role Based Access Control. However there are some inefficiencies when those methods are applied to current multi-user, multi-layered systems. Therefore it is required that a new access control method that takes complex system resources into account from the side of policy. In this paper extending previous Role Based of 'Behavior' and a basic model of the method. And we simply implement the method on the mobile agent based workflow management system that is a representative example of multi-user. multi-layered softwares and shows implementation results to tap possibilities of real-world application.

• Journal of Information Processing Systems
• /
• v.6 no.2
• /
• pp.185-196
• /
• 2010

This paper proposes a personal information protection model that allows a user to regulate his or her own personal information and privacy protection policies to receive services provided by a service provider without having to reveal personal information in a way that the user is opposed to. When the user needs to receive a service that requires personal information, the user will only reveal personal information that they find acceptable and for uses that they agree with. Users receive desired services from the service provider only when there is agreement between the user's and the service provider's security policies. Moreover, the proposed model utilizes a mobile agent that is transmitted from the user's personal space, providing the user with complete control over their privacy protection. In addition, the mobile agent is itself a self-destructing program that eliminates the possibility of personal information being leaked. The mobile agent described in this paper allows users to truly control access to their personal information.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.8
• /
• pp.781-790
• /
• 2004

This paper describes intrusion detection rule mangement using mobile agents. Intrusion detection can be divided into anomaly detection and misuse detection. Misuse detection is best suited for reliably detecting known use patterns. Misuse detection systems can detect many or all known attack patterns, but they are of little use for as yet unknown attack methods. Therefore, the introduction of mobile agents to provide computational security by constantly moving around the Internet and propagating rules is presented as a solution to misuse detection. This work presents a new approach for detecting intrusions, in which mobile agent mechanisms are used for security rules propagation. To evaluate the proposed appraoch, we compared the workload data between a rules propagation method using a mobile agent and a conventional method. Also, we simulated a rules management using NS-2(Network Simulator) with respect to time.

• Convergence Security Journal
• /
• v.7 no.4
• /
• pp.115-121
• /
• 2007

Due on failures of communication nodes for the wireless and wired networks, mobile agents may be blocked even if there is available service in the networks. To solve it, we propose migration policy with reordering of the paths to guarantee the migration of mobile agents and the paper will provide the extension with the autonomous migration of mobile agents.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.4B
• /
• pp.191-199
• /
• 2007

Mobile node has to register its current location to Home Agent when it moves to another network while away from home. However, the registration procedure cannot be completed successfully when Home Agent is protected by the VPN gateway which guards MN's home network and discards the unauthorized packets incoming from outside as a lack of security association(SA) between the Care-of address and security policy of the home network so that the binding registration message without SA is discarded smoothly by the VPN gateway. This paper presents the authentication and key exchange scheme using the AAA infrastructure for a user in Internet to access the home network behind the VPN gateway. By defining the role of authentication and tunnel processing for each agent or relay entity, this paper presents the procedure to register the current location to its Home Agent with secure manner. Performance result shows cost improvement up to 40% comparing with existing scheme in terms of the packet loss cost, the property of mobility and traffic.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.2
• /
• pp.371-378
• /
• 2004

As an agent is applied into various fields, it is suggested as the paradigm of new application technology in the area of computer communication. However, the mobile agent brines the problem of security on an agent due to mobility. This study proposals the mobile agent protection protocol framework for more effective protection and safety. The designed Framework of protocol uses the public ky, the private key and the digital signature in PKI environment based on JAVA. This is the mechanism accomplishing safely the work of an agent by tracking the pattern of execution and the mobility plan through the VS(verification server). This also secures the suity and the flawlessness of an agent through the VS guaranteeing safety from malicious attacks.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.05a
• /
• pp.439-441
• /
• 2012

The use of a mobile agent in hospital environment offers an opportunity to deliver better services for patients and staffs. Furthermore, medical errors will be reduced because M-health system helps to verify the medical process. Optimized security protocols and mechanisms are employed for the high performance and security. Finally, a challenge in the near future will be converge the integration of Ubiquitous Sensor Network (USN) with security protocols for applying the hospital environment. We proposed secure authentication and protocol with Mobile Agent for ubiquitous sensor network under healthcare system surroundings.