Abstract
Mobile code technology is gaining growing importance for example for electronic commerce applications. To come to a widespread use of mobile agents a lot of security aspects have to be seriously considered and security problems have to be solved to convince potential users of this technology. So fax, most work concerning security in the area of mobile code was done to protect hosts from malicious agents. However, in the very recent literature approaches are discussed which lead to different levels of security for the mobile agent against attacks by dishonest hosts. A central problem consists in the integrity of computation: In order to profit from mobile agent technology, techniques have to be used which guarantee the correctness of the results returned by a mobile agent to its originator. In this paper we explain a general approach to cope with the integrity problem by supplementing computation results with very short proofs of correctness which can a posteriori be checked by the originator of the mobile code to verify whether the result is reliable or not.
This work was done while the author was a member of the Graduiertenkolleg Informatik at the University of Saarbrücken, a fellowship program of the DFG (Deutsche Forschungsgemeinschaft).
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
References
M. Abadi, J. Feigenbaum, J. Kilian, On Hiding Information from an Oracle, Journal of Computer and System Science, vol. 39, n. 1, pp. 21–50, 1989.
S. Arora, C. Lund, R. Motwani, M. Sudan, M. Szegedy, Proof Verification and Hardness of Approximation Problems, Proc. of the 33rd IEEE FOCS, pp. 14–23, 1992.
D. Beaver, Secure Multiparty Computation Protocols and Zero-Knowledge Proof Systems Tolerating a Faulty Minority, Journal of Cryptology, Springer, pp. 75–122, 1991.
B. N. Bershad, S. Savage, P. Pardyak, E. G. Sirer, M. E. Fiuczynski, D. Becker, C. Chambers, S. Eggers, Extensibility, Safety and Performance in the Spin Operating System, Proc. of the 15th Symposium on Operating Systems Principles, 1995.
M. Blum, P. Feldman, S. Micali, Non-Interactive Zero-Knowledge and Its Application (Extended Abstract), Proc. of the 20th ACM STOC, pp. 103–112, 1988.
C. Cachin, M. Stadler, Efficient Private Information Retrieval and Oblivious Transfer, unpublished, 1997.
J. Feigenbaum, P. Lee, Trust Management and Proof-Carrying Code in Secure Mobile-Code Applications, DARPA Workshop on Foundations for Secure Mobile Code, Monterey, CA, USA, 1997, Position Paper.
J. S. Fritzinger, M. Müller, Java Security, httpwwwjavasoftcom securitywhitepaperps, 1996.
F. Hohl, An Approach to Solve the Problem of Malicious Hosts, Universität Stuttgart, Fakultät Informatik, Fakultätsbericht Nr. 1997/03.
F. Hohl, Time Limited Blackbox Security: Protecting Mobile Agents From Malicious Hosts, in: Giovanni Vigna (Ed.), Mobile Agents and Security, Lecture Notes in Computer Science, Springer, 1997.
W. C. Hsieh, M. E. Fiuczynski, C. Garrett, D. Becker, B. N. Bershad, Language Support for Extensible Operating Systems, Proc. of the Workshop on Compiler Support for System Software, 1996.
E. Kushilevitz, R. Ostrovsky, Replication is Not Needed: Single Database, Computationally-Private Information Retrieval, Proc. of the 29th ACM STOC, 1997.
P. Lee, G. Necula, Research on Proof-Carrying Code For Mobile-Code Security, DARPA Workshop on Foundations for Secure Mobile Code, Monterey, CA, USA, 1997, Position Paper.
S. McCanne, V. Jacobson, The bsd Packet Filter: A New Architecture for User-level Packet Capture, Proc. of the USENIX Technical Conference, pp. 259–269, 1993.
C. Meadows, Detecting Attacks on Mobile Agents, DARPA Workshop on Foundations for Secure Mobile Code, Monterey, CA, USA, 1997, Position Paper.
A. J. Menezes, P. C. van Oorschot, S. A. Vanstone, Handbook of Applied Cryptography, CRC Press Inc., 1997.
G. Necula, Proof Carrying Code, Proc. of the 24th Annual Symposium on Principles of Programming Languages, 1997.
T. Sander, C. T. Tschudin, Protecting Mobile Agents Against Malicious Hosts, in: Giovanni Vigna (Ed.), Mobile Agents and Security, Lecture Notes in Computer Science, Springer, 1997.
A. Polishchuk, D. A. Spielman, Nearly-linear Size Holographic Proofs, Proc. of the 26th ACM STOC, 1994.
G. Vigna, Protecting Mobile Agents through Tracing, to appear in the Proc. of the ECOOP Workshop on Mobile Object Systems’97.
R. Wahbe, S. Lucco, T. E. Anderson, S. L. Graham, Efficient Software-based Fault Isolation, Proc. ACM SIGCOMM Symposium 1996, 1996.
B. S. Yee, A Sanctuary for Mobile Agents, DARPA Workshop on Foundations for Secure Mobile Code, Monterey, CA, USA, 1997, Position Paper.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Biehl, I., Meyer, B., Wetzel, S. (1998). Ensuring the integrity of agent-based computations by short proofs. In: Rothermel, K., Hohl, F. (eds) Mobile Agents. MA 1998. Lecture Notes in Computer Science, vol 1477. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0057658
Download citation
DOI: https://doi.org/10.1007/BFb0057658
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64959-5
Online ISBN: 978-3-540-49817-9
eBook Packages: Springer Book Archive