Maximizing Utility of Mobile Agent Based E-Commerce Applications with Trust Enhanced Security
Utility has become an important consideration for information security. In this paper, we show that decisions by security mechanisms, such as the authorization decisions in a mobile agent based e-commerce system, have a direct impact on the utility of the underlying system. While benevolent behaviors contribute to the utility, malicious behaviors are the causes for lost of utility. Furthermore we show that a trust enhanced security framework can be deployed to maximize the utility of the mobile agent based e-commerce systems. This is due to one of the unique features of trust enhanced security solutions – the ability to use trust evaluation to “weed out” malicious entities. This paper presents a qualitative solution for utility maximization, and paves the way for future development of quantitative solutions. Finally, we study the properties of the proposed framework through simulation and present the results of the simulated studies which confirm our intuitions about utility maximization.
KeywordsTrust Model Mobile Agent Utility Maximization System Utility Malicious Behavior
Unable to display preview. Download preview PDF.
- 1.Beth, T., Borcherding, M., Klein, B.: Valuation of trust in open networks. In: Gollmann, D. (ed.) ESORICS 1994. LNCS, vol. 875, pp. 3–18. Springer, Heidelberg (1994)Google Scholar
- 3.Gong, L., Ellison, G., Dageforde, M. (eds.): Inside Java 2 Platform Security: Architecture, API Design, and Implementation, 2nd edn. Addison-Wesley PublishingCo., Inc., Reading (May 2003)Google Scholar
- 4.IEEE Security and Privacy, Vol. 3(1), Economics of Information Security. IEEE Computer Society (2005)Google Scholar
- 5.Jansen, W.: Countermeasures for mobile agent security. Comupter Communications, Special Issue on Advances of Network Security (November 2000)Google Scholar
- 7.Lange, D.B., Oshima, M.: Programming and Deploying Java Mobile Agents with Aglets. Addison-Wesley, Reading (1998)Google Scholar
- 9.Lin, C., Varadharajan, V., Wang, Y., Pruthi, V.: Trust enhanced security for mobile agents. In: To appear in 7th International IEEE Conference on E-Commerce Technology 2005, Technische Universität München, Germany, July 19-22, IEEE Computer Society Press, Los Alamitos (2005)Google Scholar
- 10.Marsh, S.: Formalising trust as a computational concept. PhD thesis, University of Stirling (1994)Google Scholar
- 12.Rasmusson, L., Jansson, S.: Simulated social control for secure internet commerce: Position paper at the new security paradigms workshop (1996)Google Scholar
- 15.Varadharajan, V.: Security enhanced mobile agents. In: Proc. of 7th ACM Conference on Computer and Communication Security (2000)Google Scholar
- 17.Wilhelm, U.G., Staamann, S., Buttyán, L.: On the problem of trust in mobile agent systems. In: Proceedings of 1998 Network and Distributed Security Symposium, San Diego, California, Internet Society (March 11-13, 1998)Google Scholar