Security and Privacy Issues in Agent-Based Location-Aware Mobile Commerce

  • Athanasios Karygiannis
  • Emmanouil Antonakakis
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4324)


Mobile commerce and location-aware services promise to combine the conveniences of both online and offline bricks-and-mortar services. Just as agent-enabled desktop computers can be used to improve a user’s e-commerce experience, so can agent-enabled mobile devices be used to improve a user’s mobile commerce experience. Agent-enabled mobile devices can perform complex and time-consuming tasks not well-suited for the small and cumbersome user interfaces available on most mobile devices, can interact with other mobile devices over more than one interface, and can accompany users under circumstances in which the desktop computers cannot. Agent-enabled mobile devices, however, present new security challenges and risks. While e-commerce agents run the risk of disclosing one’s identity in cyberspace, agent-enabled mobile devices running location-aware applications, run the risk of disclosing one’s actual physical location in addition to other personal information. This paper outlines security and privacy issues and provides security guidelines for agent-based location-aware mobile commerce.


Mobile Device Smart Card Multiagent System Privacy Issue Malicious User 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Gritzalis, D., Kyrloglou, N.: Consumer Online-Privacy and Anonymity Protection using Infomediary Schemes. In: Computer Science Society, 2001, SCCC 2001 Proceedings, XXI Internatinal Conference of the Chilean, November 7-9 (2001)Google Scholar
  2. 2.
    Geissler, T., Berlin, O.: Applying Security Standards to Multi Agent Systems. In: W21 Safety & Security in Multiagent Systems held at AAMAS 2004 (2004)Google Scholar
  3. 3.
    Patrick, A.S.: Building Trustworthy Software Agents. IEEE Internet Computing (November-December 2002), NRC 44958Google Scholar
  4. 4.
    Padovan, B., Sackmann, S., Eymann, T., Pippow, I.: A Prototype for an Agent-based Secure Electronic Marketplace including Reputation Tracking Mechanisms. In: 2001 Proceedings of the 34th Annual Hawaii International Conference on System Sciences, January 3-6 (2001)Google Scholar
  5. 5.
    Younas, M., Chao, K.M., Anane, R.: M-Commerce Transaction Management with Multi-Agent Support, Advanced Information Networking and Applications. In: 17th International Conference on Advanced Information Networking and Applications, AINA 2003, March 27-29 (2003)Google Scholar
  6. 6.
    Soriano, M., Ponce, D.: A Security and Usability Proposal for Mobile Electronic Commerce. IEEE Communications Magazine 40(8) (August 2002)Google Scholar
  7. 7.
    Park, N.J., Song, Y.J.: M-Commerce Security Platform based on WTLS and J2ME. In: IEEE International Symposium on Industrial Electronics, Proceedings ISIE 2001, June 12-16, vol. 3 (2001)Google Scholar
  8. 8.
    Ahluwalia, P., Varshney, U.: A Link and Network Layer Approach to Support Mobile Commerce Transactions. In: IEEE 58th Vehicular Technology Conference, VTC 2003-Fall 2003 , October 6-9, vol. 5 (2003)Google Scholar
  9. 9.
    Grosche, S.S., Knospe, H.: Secure mobile commerce. Electronics & Communication Engineering Journal 14(5) (October 2002)Google Scholar
  10. 10.
    Li, X., Kou, W.: A Secure M-Commerce Model Based On Wireless Local Area Network. In: 18th International Conference on Advanced Information Networking and Applications, 2004, AINA 2004, March 29-31, vol. 2 (2004)Google Scholar
  11. 11.
    Wang, Y.H., Wang, C.A., Chiang, J.S., Lo, W.H.: Tamsui: A Secure Model in Agent-Based Marketplace. In: 17th International Conference on Advanced Information Networking and Applications (AINA 2003), Xian, China, March 27-29 (2003)Google Scholar
  12. 12.
    Laclavik, M., Hluchy, L.: Secure inter-agent negotiation and communication. In: ICETA 2001.International Conference on Emerging Telecommunications Technologies and Applications - Kosice ELFA (2001)Google Scholar
  13. 13.
    Bergenti, F., Poggi, A., Burg, B., Caire, G.: Deploying FIPA-compliant systems on mobile devices. IEEE Internet Computing 5(4) (July-August 2001)Google Scholar
  14. 14.
    Datasheet Security Trust Services APIs For the Java 2 Platform, Micro Edition: Security and Trust Services APIs For the Java 2 Platform, Micro Edition (January 2005),
  15. 15.
    Gavrila, S., Iorga, M., Jansen, W., Karygiannis, A., Korolev, V.: Security Policy Management for Handheld Devices. In: The 2003 International Conference on Security and Management, Las Vegas, Nevada, June 23-26 (2003)Google Scholar
  16. 16.
    Borselius, N.: Security in multi-agent systems. In: Proceedings of the 2002 International Conference on Security and Management (SAM 2002). Las Vegas, Nevada, June 2002, CSREA Press (2002)Google Scholar
  17. 17.
    Hristova, N., O’Hare, G.M.P.: Ad-me: wireless advertising adapted to the user location, device and emotions. In: 2004 Proceedings of the 37th Annual Hawaii International Conference on System Sciences, January 5-8 (2004)Google Scholar
  18. 18.
    Hattangady, S., Davis, C.: Reducing the Security Threats to 2.5G and 3G Wireless Applications. White Paper SWPY003 (January 2002)Google Scholar
  19. 19.
    Chari, S., Kermani, P., Smith, S.W., Tassiulas, L.: Security Issues in M-Commerce: A Usage-Based Taxonomy. In: Liu, J., Ye, Y. (eds.) E-Commerce Agents. LNCS (LNAI), vol. 2033, pp. 264–283. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  20. 20.
    Ahonen, J.: PDA OS Security: Application Execution. Telecommunications Software and Multimedia TML-C7 ISSn 145597Google Scholar
  21. 21.
    Spinellis, D., Moulinos, K., Iliadis, J., Gritzalis, D., Gritzalis, S., Katsikas, S.: Deploying a Secure Cyberbazaar by adding Trust on Commercial Transactions. eJETA: The eJournal for Electronic Commerce Tools and Applications 1(2) (November 2002)Google Scholar
  22. 22.
    Nokia Developer’s Suites for J2METM and PersonalJavaTM, Location API for J2METM, JSR-179 (January 2005),,6673,3551,00.html
  23. 23.
    Labrou, Y., Agre, J., Ji, L., Molina, J., Chen, W.L.: Wireless Wallet. In: Proceedings of the 1st International Conference on Mobile and Ubiquitous Systems: Networking and Services (Mobiquitous 2004), Boston, Massachusetts, USA, August 22-25 (2004)Google Scholar
  24. 24.
    Owens, L., Karygiannis, A.: NIST Special Publication on Wireless Network Security: 802.11, Bluetooth, and Handheld Devices, SP 800-48 (October 2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Athanasios Karygiannis
    • 1
  • Emmanouil Antonakakis
    • 1
  1. 1.National Institute of Standards and TechnologyGaithersburg

Personalised recommendations