Advertisement

Ensuring the integrity of agent-based computations by short proofs

  • Ingrid Biehl
  • Bernd Meyer
  • Susanne Wetzel
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1477)

Abstract

Mobile code technology is gaining growing importance for example for electronic commerce applications. To come to a widespread use of mobile agents a lot of security aspects have to be seriously considered and security problems have to be solved to convince potential users of this technology. So fax, most work concerning security in the area of mobile code was done to protect hosts from malicious agents. However, in the very recent literature approaches are discussed which lead to different levels of security for the mobile agent against attacks by dishonest hosts. A central problem consists in the integrity of computation: In order to profit from mobile agent technology, techniques have to be used which guarantee the correctness of the results returned by a mobile agent to its originator. In this paper we explain a general approach to cope with the integrity problem by supplementing computation results with very short proofs of correctness which can a posteriori be checked by the originator of the mobile code to verify whether the result is reliable or not.

Keywords

Mobile Agent Execution Trace Query String Cryptographic Hash Function Private Information Retrieval 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    M. Abadi, J. Feigenbaum, J. Kilian, On Hiding Information from an Oracle, Journal of Computer and System Science, vol. 39, n. 1, pp. 21–50, 1989.zbMATHMathSciNetCrossRefGoogle Scholar
  2. 2.
    S. Arora, C. Lund, R. Motwani, M. Sudan, M. Szegedy, Proof Verification and Hardness of Approximation Problems, Proc. of the 33rd IEEE FOCS, pp. 14–23, 1992.Google Scholar
  3. 3.
    D. Beaver, Secure Multiparty Computation Protocols and Zero-Knowledge Proof Systems Tolerating a Faulty Minority, Journal of Cryptology, Springer, pp. 75–122, 1991.Google Scholar
  4. 4.
    B. N. Bershad, S. Savage, P. Pardyak, E. G. Sirer, M. E. Fiuczynski, D. Becker, C. Chambers, S. Eggers, Extensibility, Safety and Performance in the Spin Operating System, Proc. of the 15th Symposium on Operating Systems Principles, 1995.Google Scholar
  5. 5.
    M. Blum, P. Feldman, S. Micali, Non-Interactive Zero-Knowledge and Its Application (Extended Abstract), Proc. of the 20th ACM STOC, pp. 103–112, 1988.Google Scholar
  6. 6.
    C. Cachin, M. Stadler, Efficient Private Information Retrieval and Oblivious Transfer, unpublished, 1997.Google Scholar
  7. 7.
    J. Feigenbaum, P. Lee, Trust Management and Proof-Carrying Code in Secure Mobile-Code Applications, DARPA Workshop on Foundations for Secure Mobile Code, Monterey, CA, USA, 1997, Position Paper.Google Scholar
  8. 8.
    J. S. Fritzinger, M. Müller, Java Security, httpwwwjavasoftcom securitywhitepaperps, 1996.Google Scholar
  9. 9.
    F. Hohl, An Approach to Solve the Problem of Malicious Hosts, Universität Stuttgart, Fakultät Informatik, Fakultätsbericht Nr. 1997/03.Google Scholar
  10. 10.
    F. Hohl, Time Limited Blackbox Security: Protecting Mobile Agents From Malicious Hosts, in: Giovanni Vigna (Ed.), Mobile Agents and Security, Lecture Notes in Computer Science, Springer, 1997.Google Scholar
  11. 11.
    W. C. Hsieh, M. E. Fiuczynski, C. Garrett, D. Becker, B. N. Bershad, Language Support for Extensible Operating Systems, Proc. of the Workshop on Compiler Support for System Software, 1996.Google Scholar
  12. 12.
    E. Kushilevitz, R. Ostrovsky, Replication is Not Needed: Single Database, Computationally-Private Information Retrieval, Proc. of the 29th ACM STOC, 1997.Google Scholar
  13. 13.
    P. Lee, G. Necula, Research on Proof-Carrying Code For Mobile-Code Security, DARPA Workshop on Foundations for Secure Mobile Code, Monterey, CA, USA, 1997, Position Paper.Google Scholar
  14. 14.
    S. McCanne, V. Jacobson, The bsd Packet Filter: A New Architecture for User-level Packet Capture, Proc. of the USENIX Technical Conference, pp. 259–269, 1993.Google Scholar
  15. 15.
    C. Meadows, Detecting Attacks on Mobile Agents, DARPA Workshop on Foundations for Secure Mobile Code, Monterey, CA, USA, 1997, Position Paper.Google Scholar
  16. 16.
    A. J. Menezes, P. C. van Oorschot, S. A. Vanstone, Handbook of Applied Cryptography, CRC Press Inc., 1997.Google Scholar
  17. 17.
    G. Necula, Proof Carrying Code, Proc. of the 24th Annual Symposium on Principles of Programming Languages, 1997.Google Scholar
  18. 18.
    T. Sander, C. T. Tschudin, Protecting Mobile Agents Against Malicious Hosts, in: Giovanni Vigna (Ed.), Mobile Agents and Security, Lecture Notes in Computer Science, Springer, 1997.Google Scholar
  19. 19.
    A. Polishchuk, D. A. Spielman, Nearly-linear Size Holographic Proofs, Proc. of the 26th ACM STOC, 1994.Google Scholar
  20. 20.
    G. Vigna, Protecting Mobile Agents through Tracing, to appear in the Proc. of the ECOOP Workshop on Mobile Object Systems’97.Google Scholar
  21. 21.
    R. Wahbe, S. Lucco, T. E. Anderson, S. L. Graham, Efficient Software-based Fault Isolation, Proc. ACM SIGCOMM Symposium 1996, 1996.Google Scholar
  22. 22.
    B. S. Yee, A Sanctuary for Mobile Agents, DARPA Workshop on Foundations for Secure Mobile Code, Monterey, CA, USA, 1997, Position Paper.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • Ingrid Biehl
    • 1
  • Bernd Meyer
    • 2
  • Susanne Wetzel
    • 3
  1. 1.Fachbereich InformatikTechnische Universität DarmstadtDarmstadtGermany
  2. 2.Siemens Corporate TechnologyMünchenGermany
  3. 3.FTK/ADaimler Benz AGStuttgartGermany

Personalised recommendations