A Novel Key Management and Access Control Scheme for Mobile Agent

  • Jen-Yi Pan
  • Tzer-Long Chen
  • Tzer-Shyong Chen
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4114)


The speed and convenience of the Internet facilitated the development of electronic commerce (e-commerce). E-commerce research and technologies have always drawn the attention of researchers. Among them, the application of mobile agent on e-commerce has drawn much attention in recent years. Mobile agents can roam freely over different execution environments to execute tasks assigned to them. However, a mobile agent may be attacked when it requests services from other servers or when comes in contact with and exchange information with another agents while roaming on the internet. Hence, a mobile agent user may be concerned that his mobile agent could be corrupted or private information tapped and pirated by other agents. To ensure the security of mobile agents in public network environment, this paper proposes a security scheme that is suitable for mobile agents. The scheme includes access control and key management; it is also an improvement on the key management and access control for mobile agent scheme of Volker and Mehrdad. The proposed scheme corrects the drawback in Volker and Mehrdad’s scheme which is the need of a large amount of storage for storing the secret keys. Security and performance analysis of our scheme proves the proposed scheme to be more efficient and secure.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Akl, S.G., Taylor, P.D.: Cryptographic Solution to a Problem of Access Control in A Hierarchy. ACM Transactions on Computer Systems 1(3), 239–248 (1983)CrossRefGoogle Scholar
  2. 2.
    Chess, D., Grosof, B., Harrison, C., Levine, D., Parris, C., Tsudik, G.: Itinerant Agents for Mobile Computing. IEEE Personal Communications 2(5), 34–49 (1995)CrossRefGoogle Scholar
  3. 3.
    Corradi, A., Montanari, R., Stefanelli, C.: Security Issues in Mobile Agent Technology. In: Proceedings of the 7th IEEE Workshop on Future Trends of Distributed Computing Systems, Cape Town, South Africa, pp. 3–8 (1999)Google Scholar
  4. 4.
    Hohl, F.: A Model of Attacks Malicious Hosts Against Mobile Agents. In: Proceedings of the 4th Workshop on Mobile Object Systems: Secure Internet Mobile Computations, Brussels, Belgium, July 21, pp. 105–120 (1998)Google Scholar
  5. 5.
    Karmouch, A.: Mobile Software Agents for Telecommunications, Guest Editorial. IEEE Communications Magazine 36(7), 24–25 (1998)CrossRefGoogle Scholar
  6. 6.
    Karnik, N.M., Tripathi, A.R.: A Security Architecture for Mobile Agents in Ajanta. In: Proceedings of The 20th International Conference on Distributed Computing Systems (ICDCS 2000), Taipei, Taiwan, April 2000, pp. 402–409 (2000)Google Scholar
  7. 7.
    Lange, D.B., Oshima, M.: Programming and Deploying Java Mobile Agents with Aglets. Addison-Wesley Press, Massachusetts (1998)Google Scholar
  8. 8.
    Lin, I.C., Ou, H.H., Hwang, M.S.: Two Secure Transportation Schemes for Mobile Agents, Agent-Based Technologies- Information & Security. International Relations and Security Network ISN 8(1), 87–97 (2002)Google Scholar
  9. 9.
    Lin, I.C., Ou, H.H., Hwang, M.S.: Efficient Access Control and Key Management Schemes for Mobile Agents. Computer Standards & Interfaces 26(5), 423–433 (2004)CrossRefGoogle Scholar
  10. 10.
    Maes, P., Guttman, R.H., Moukas, A.G.: Agents that Buy and Sell. Communications of the ACM 42(3), 81–91 (1999)CrossRefGoogle Scholar
  11. 11.
    Lin, I.C., Ou, H.H., Hwang, M.S.: Efficient Access Control and Key Management Schemes for Mobile Agents. Computer Standards & Interfaces 26(5), 423–433 (2004)CrossRefGoogle Scholar
  12. 12.
    Schneier, B.: Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd edn. John Wiley & Sons, New York (1996)zbMATHGoogle Scholar
  13. 13.
    Volker, R., Mehrdad, J.S.: Access Control and Key Management for Mobile Agents. Computer Graphics 22(4), 457–461 (1998)CrossRefGoogle Scholar
  14. 14.
    Miller, V.S.: Uses of Elliptic Curves in Cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)Google Scholar
  15. 15.
    Koblitz, N.: Elliptic Curve Cryptosystems. Mathematics of Computation 48, 203–209 (1987)zbMATHCrossRefMathSciNetGoogle Scholar
  16. 16.
    Koblitz, N., Menezes, A., Vanstone, S.A.: The State of Elliptic Curve Cryptography, Designs. Codes and Cryptography 19(2-3), 173–193 (2000)zbMATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Jen-Yi Pan
    • 1
    • 2
    • 3
  • Tzer-Long Chen
    • 1
  • Tzer-Shyong Chen
    • 4
  1. 1.Department of Communications EngineeringNational Chung Cheng UniversityTaiwan
  2. 2.Department of Electrical EngineeringNational Chung Cheng UniversityTaiwan
  3. 3.Center for Telecommunication ResearchNational Chung Cheng UniversityTaiwan
  4. 4.Department of Information ManagementTung Hai UniversityTaiwan

Personalised recommendations