Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

An Architecture for Authentication and Authorization of Mobile Agents in E-Commerce

An Architecture for Authentication and Authorization of Mobile Agents in E-Commerce
View Sample PDF
Author(s): Wee Chye Yeo (National University of Singapore, Singapore), Sheng-Uei Guan (National University of Singapore, Singapore) and Fangming Zhu (National University of Singapore, Singapore)
Copyright: 2003
Pages: 14
Source title: Architectural Issues of Web-Enabled Electronic Business
Source Author(s)/Editor(s): V.K. Murthy (University of New South Wales at Australian Defence Force Academy, Australia) and Nansi Shi (University of South Australia, Australia)
DOI: 10.4018/978-1-59140-049-3.ch023


View An Architecture for Authentication and Authorization of Mobile Agents in E-Commerce on the publisher's website for pricing and purchasing information.


Agent-based e-commerce is a new technology being researched extensively by many academic and industrial organizations. The mobility and autonomy properties of agents have offered a new approach of doing business online. To fully exploit the advantages of this new technology, a secure system to authenticate and authorize mobile agents must be in place. In this chapter, an architecture to ensure a proper authentication and authorization of agents has been proposed. The Public Key Infrastructure (PKI) is used as the underlying cryptographic scheme. An agent is digitally signed by the Agent Factory and its signature is authenticated at hosts using the corresponding public key. Agents can also authenticate the hosts to make sure that they are not heading to a wrong place. When an agent visits a host, agent’s expiry date, host trace, and the factory’s trustworthiness are checked during the authentication process. According to the level of authentication that the incoming agent has passed, the agent will be categorized and associated with a relevant security policy during the authorization phase. The corresponding security policy will be enforced on the agent to restrict its operations at the host. The prototype has been implemented with Java.

Related Content

Emrah Arğın. © 2022. 16 pages.
Ebru Gülbuğ Erol, Mustafa Gülsün. © 2022. 17 pages.
Yeşim Şener. © 2022. 18 pages.
Salim Kurnaz, Deimantė Žilinskienė. © 2022. 20 pages.
Dorothea Maria Bowyer, Walid El Hamad, Ciorstan Smark, Greg Evan Jones, Claire Beattie, Ying Deng. © 2022. 29 pages.
Savas S. Ates, Vildan Durmaz. © 2022. 24 pages.
Nusret Erceylan, Gaye Atilla. © 2022. 20 pages.
Body Bottom