• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.10
• /
• pp.2337-2344
• /
• 2013

Mobile Agent is an autonomous mobility technology is being applied in various fields. In particular, mobile agents execution in the Internet environment through the safe execution of the security must be guaranteed. Also, agent to run the agent, the agent's workload should be distributed. In this paper, a trust model based on the security mechanism of the agent execution is proposed. Proposed mechanism to ensure safe execution of the agent was not considered in existing relative researches for rational agent workload distribution and load balancing to improve throughput was. The proposed trust-based security mechanisms for agents to go through security analysis proved safe execution of the agent.

• Journal of Information Processing Systems
• /
• v.3 no.2
• /
• pp.43-53
• /
• 2007

The use of agent paradigm in today's applications is hampered by the security concerns of agents and hosts alike. The agents require the presence of a secure and trusted execution environment; while hosts aim at preventing the execution of potentially malicious code. In general, hosts support the migration of agents through the provision of an agent server and managing the activities of arriving agents on the host. Numerous studies have been conducted to address the security concerns present in the mobile agent paradigm with a strong focus on the theoretical aspect of the problem. Various proposals in Intrusion Detection Systems aim at securing hosts in traditional client-server execution environments. The use of such proposals to address the security of agent hosts is not desirable since migrating agents typically execute on hosts as a separate thread of the agent server process. Agent servers are open to the execution of virtually any migrating agent; thus the intent or tasks of such agents cannot be known a priori. It is also conceivable that migrating agents may wish to hide their intentions from agent servers. In light of these observations, this work attempts to bridge the gap from theory to practice by analyzing the security mechanisms available in Aglet. We lay the foundation for implementation of application specific protocols dotted with access control, secured communication and ability to detect tampering of agent data. As agents exists in a distributed environment, our proposal also introduces a novel security framework to address the security concerns of hosts through collaboration and pattern matching even in the presence of differing views of the system. The introduced framework has been implemented on the Aglet platform and evaluated in terms of accuracy, false positive, and false negative rates along with its performance strain on the system.

• Convergence Security Journal
• /
• v.4 no.3
• /
• pp.37-46
• /
• 2004

This paper presents the design of a certain highly efficient security policy negotiation of SPS(Security Policy System) using mobile agent system. The conventional IP security systems have some problems. A drawback to these systems is that the required policy between each security area is different. Another problem is not possible to guarantee whether a packet is transmitted through the same path by both directions and is protected by the same policy due to the topology of the network. Unlike conventional systems, the model developed herein can be resolved by using a mobile agent technology. If each domain needs a negotiation of security policy, a mobile agent manages the result of the negotiation in the form of a passport and guarantees the authentication and reliability each other by using the passport.

• Convergence Security Journal
• /
• v.2 no.2
• /
• pp.77-88
• /
• 2002

A mobile agent system is an infrastructure that supports the mobile agent paradigm. The main challenges encountered in designing this infrastructure are discussed in this paper. After introducing a generic mobile agent system, we discuss the design issues at two levels. System level issues like the provision of agent mobility and security, are mainly encountered in developing the runtime environments for agent execution. Language level issues, such as agent programming models and primitives, arise in providing support for mobile agent programming, mainly at the library level. This paper Identifies such system and language-level issues, and illustrates the different ways developers ate addressing them. We outline the specific challenges addressed by this dissertation, primarily in the area of mobile agent security.

• Korean Security Journal
• /
• no.16
• /
• pp.339-356
• /
• 2008

This study discusses some topics of Security License System and Security Training System in Japan. Especially, the Security License must be very influence that the growth of security industry. And it's true that a few enlightened approach to cooperation between police and private security has already begun to take place in some divisions. The most important thing of the License Test System in Japan is the method of test rule and test section. Then the training systems of the security agent have been very impressive rule and the system for security agent. Today, the market of the security industry in Korea have been going to develop and extend to the future industry. The assignments that are leaved to security industry in Korea must be that the improvement of the License & Training System of Security Agent in Korea should be made effort by the security industry and the public section that looks like the police.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.3
• /
• pp.183-188
• /
• 2004

In the course of Internet proliferation. many network-related technologies are examined for possible growth and evolution. The use of Internet-based technologies in private networks has further fuelled the demand for network-based applications. The most Promising among the new paradigms is use of mobile agents. It also however, suffers from a major drawback, namely the potential for malicious attacks, abuse of resources pilfering of information, and other security issues. These issues are significantly hampering the acceptance of the mobile-agent paradigm. This paper proposed the design of strong and safe mobile agent gateway that split and merge the agent code with security policy database. This mechanism will promote the security in mobile agent systems and mobile agent itself.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.1
• /
• pp.406-434
• /
• 2019

In general, an information security approach estimates the risk, where the risk is to occur due to an unusual event, and the associated consequences for cloud organization. Information Security and Risk Management (ISRA) practices vary among cloud organizations and disciplines. There are several approaches to compare existing risk management methods for cloud organizations but their scope is limited considering stereo type criteria, rather than developing an agent based task that considers all aspects of the associated risk. It is the lack of considering all existing renowned risk management frameworks, their proper comparison, and agent techniques that motivates this research. This paper proposes Agent Based Information Security Framework for Hybrid Cloud Computing as an all-inclusive method including cloud related methods to review and compare existing different renowned methods for cloud computing risk issues and by adding new tasks from surveyed methods. The concepts of software agent and intelligent agent have been introduced that fetch/collect accurate information used in framework and to develop a decision system that facilitates the organization to take decision against threat agent on the basis of information provided by the security agents. The scope of this research primarily considers risk assessment methods that focus on assets, potential threats, vulnerabilities and their associated measures to calculate consequences. After in-depth comparison of renowned ISRA methods with ABISF, we have found that ISO/IEC 27005:2011 is the most appropriate approach among existing ISRA methods. The proposed framework was implemented using fuzzy inference system based upon fuzzy set theory, and MATLAB(R) fuzzy logic rules were used to test the framework. The fuzzy results confirm that proposed framework could be used for information security in cloud computing environment.

• Journal of Information Processing Systems
• /
• v.12 no.4
• /
• pp.688-710
• /
• 2016

Our approach permits to capitalize the expert's knowledge as business rules by using an agent-based platform. The objective of our approach is to allow experts to manage the daily evolutions of business domains without having to use a technician, and to allow them to be implied, and to participate in the development of the application to accomplish the daily tasks of their work. Therefore, the manipulation of an expert's knowledge generates the need for information security and other associated technologies. The notion of cryptography has emerged as a basic concept in business rules modeling. The purpose of this paper is to present a cryptographic algorithm based approach to integrate the security aspect in business rules modeling. We propose integrating an agent-based approach in the framework. This solution utilizes a security agent with domain ontology. This agent applies an encryption/decryption algorithm to allow for the confidentiality, authenticity, and integrity of the most important rules. To increase the security of these rules, we used hybrid cryptography in order to take advantage of symmetric and asymmetric algorithms. We performed some experiments to find the best encryption algorithm, which provides improvement in terms of response time, space memory, and security.

• Journal of The Korean Association of Information Education
• /
• v.2 no.2
• /
• pp.302-308
• /
• 1998

The goal of this study is to survey a mobile agent technology and apply it to security management system. A tool for implementing mobile agent is introduced and a prototype model for sedcrity management system IS proposed. This study suggest the possiblity of security management system using mobile agent.

• Proceedings of the IEEK Conference
• /
• 1999.06a
• /
• pp.993-996
• /
• 1999

A mobile agent is a program which is capable of migrating autonomously from host to host in the heterogeneous network, to perform some computation on behalf of the user. Mobile agents have many advantages in the distributed computing environment. But they are likely to suffer many attacks on the security due to the mobility. In order to make use of a mobile agent in the real applications, the security issues must be addressed. We deal with the problem which is concerned with protecting a mobile agent in transit and detecting a mobile agent clone. In this paper we propose a trust center based secure mobile agent transfer protocol. This protocol transfers a mobile agent securely from host to host and detects a mobile agent clone. We further show the security of the protocol against many attacks.