LYU9905 Security in Mobile Agent E- Commerce Systems Prepared by : Wong Ka Ming, Caris Wong Tsz Yeung, Ah Mole Supervisor : LYU Rung Tsong Michael
Outline (1) Introduction –What is mobile agent? Project Overview –Overview of SIAS – Shopping Information Agent System System Details –Implementation of SIAS Security Measure of SIAS –Security Attack and Defense Scenarios in SIAS
Outline (2) Agent Encryption Technique –Diffie-Hellman Key Exchange Fault Tolerance of SIAS –Monitor Program –Connection Availability Detection Security Analysis of SIAS –Trade-off between security & performance in SIAS Project Review & Conclusion Q & A Session
Introduction (1) What is mobile agent? –A mobile agent is a software which can autonomously do the job for us. –For e-commerce, the aim of mobile agent technology is to provide an autonomous buying and selling environment. –Unlike the traditional client/server paradigm, which require continuous network connection, mobile agent make use of the mobile code paradigm, which can closed the connection once the agent is launched.
Introduction (2) What is mobile code paradigm? –Consider the applet –The code is downloaded from the web server to the client side and runs in the client side through the web browser –Such strategy is called code on demand, which means the code are moving across the machine passively when demanded –Mobile code paradigm is little bit different in which the code will actively move from one host to another
Introduction (3) What is the advantage of mobile agent? –It can be able to communicate with other agents, so it is suitable for some system, such as Stock Broker System. –It is mobile and able to travel from one host to another, so it is very suitable for mobile computing, in which the machine cannot be always connected to the network. –It reduces the network load and it also overcome network latency. –It is autonomous, has control over its own actions, which means it can adapt to changes dynamically. –Thus, it is robust and fault-tolerant
Project Overview (1) Our project is aimed on designing a web-based e- commerce system building on top of mobile agent technology. In the last semester, we have developed the SIAS system SIAS is a web-based e-commerce mobile agent system It provides users with information of products for sale in an electronic marketplace It is written in Java programming language and on top of the Concordia API, which is developed by Mitsubishi Electric Research Lab
Project Overview (2) What’s System does?
Implementation of SIAS (1) 4 main objects in implementation –Agent –Database Server –Launch Server –Client Program
Implementation of SIAS (2) Agent –Retrieves products information from Database Server to clients Launch Server –A gateway between Agent System and Client Program –Instantiates and launches Agent whenever receives client requests –Receives Agent whenever Agent travels back
Implementation of SIAS (3) Database Server –Receives incoming Agent whenever an Agent arrives –Retrieves product information for the incoming Agent Client Program –A Java Applet runs on Web Browser –Sends requests to Launch Server –A Multi-threaded program, can handle multiple requests simultaneously
Implementation of SIAS (4) System Configuration –One Launch Server –26 Database Servers –Client Program uses Netscape Communicator 4.5 or above
Database Server 2 receives Agent and Agent retrieves product information Agent travels through the network until it arrives at Database Server N Implementation of SIAS (5) Database Server 1 Database Server 2 Database Server N Launch Server client request Launch Server create an Agent return result to client Agent goes to Database Server 1Launch Server sends out AgentLaunch Server initializes the AgentAgent arrives at Database Server 1 Agent retrieves product information from Database Server 1 Database Server 1 sends out Agent Agent retrieves product information from Database Server N Agent travels back to Launch Server Agent calculates the cheapest price combination
Attacks and Defenses on SIAS (1) Scenario 1 - Modification of query products ID –The list of products specified by user is stored as plain text –Malicious host can easily spy out the data and change it –Later hosts will response to such changes, and report wrong information –This violates the integrity of queries
Attacks and Defenses on SIAS (2) Scenario 2 - Modification of query quantities –Similar to scenario 1 –This leads the later host to report wrong information
Attacks and Defenses on SIAS (3) Scenario 3 - Spying out and modification of query results –Agents carry query results in plain text –Malicious hosts can spy out and modify the results that the agent has collected from previous hosts –Such changes can favor the malicious hosts –For example, a malicious host raises all the prices reported from previous hosts
Attacks and Defenses on SIAS (4) Scenario 4 - Modification of itinerary of agent –Itinerary of an agent is accessible to hosts –Malicious hosts can change the itinerary of an agent –Agents may go to hosts that are not specified in itinerary –Agents may skip hosts that are specified in itinerary
Attacks and Defenses on SIAS (5) Hybrid Attacks –Can mix the above 4 attacks
Attacks and Defenses on SIAS (6) Solution to Attack Scenario 1 & 2 –We introduce encryption on the whole list of product IDs as well as the list of product quantities {Product ID list} changed to: E A (Product ID list) {Product Quantity list} changed to: E A (Product Quantity list) Key: E x (Y) = CipherText of Plain Text Y encrypted by private key of entity X; D x (Y) = Plain Text of CipherText Y decrypted by public key of entity X; A = Agent;
Attacks and Defenses on SIAS (7) Solution to Attack Scenario 3 –We introduce RSA encryption algorithm on the results obtained from the Database Server {Query result} changed to: E H (Query result)
New attribute for Agent: Encrypted_Itinerary Encrypted_Itinerary = E H1 (Next Host at Host H1) + E H2 (Next Host at Host H2) E Hn (Next Host at Host Hn); At Launch Server, we compare original itinerary to : D H1 (E H1 (Next Host at Host H1)) + D H2 (E H2 (Next Host at Host H2))+...+ D Hn (E Hn (Next Dost at Host Hn)) Attacks and Defenses on SIAS (8) Solution to Attack Scenario 4 –The Database Server will sign the path of the agent to ensure the agent goes the right path
Attacks and Defenses on SIAS (9) Introduce 2 objects to support security measures –RSA object ; and –Key Server object
Attacks and Defenses on SIAS (10) RSA object is the core of Secure SIAS design It helps to implement a public key infrastructure (PKI) It can encrypt a character string to ciphertext, and decrypt a ciphertext to a character string
Attacks and Defenses on SIAS (11) Key Server object acts as a Certificate Authority (CA) of our PKI It accepts public keys from agents and hosts, and distribute them It uses RMI in transporting public keys Why not agent but RMI?? –Endless chain of security measures
Attacks and Defenses on SIAS (12) A Secure SIAS
Agent Encryption (1) For Java, the bytecode can easily be decompiled by decompiler such as mocha and any decompiling software. Therefore we should obscure a mobile agent’s code to make it hard to reverse engineer. We use agent encryption to encrypt the mobile agent before it travels to one host to another host. After it reaches the destination host, it will then be decrypted as a normal mobile agent and starts its normal execution.
Agent Encryption (2) Because the agent is encrypted, the ability of traveling from host to host will then be done by an envelope agent. An envelope agent is a normal agent will encapsulate the encrypted agent. It travels to hosts on behalf of the buying agent. It aims to protect the buying agent during transmission.
Agent Encryption (3) Therefore before envelope agent moves to the next host, it will encrypt the buying agent. When it reaches the destination host, it will decrypt the buying agent and execution of the agent will then be performed as normal after decryption.
Agent Encryption (4) We found that our original RSA algorithm cannot encrypt the agent object. Thus, we have to try another method we have used symmetric key approach We make use of the Diffie-Hellman Key Exchange for exchanging the symmetric key between two hosts.
Agent Encryption (5) Diffie-Hellman Key Exchange –It is a key exchange technique which enables two users to exchange a key securely without actually transmitting the key in the network.. –Therefore attackers cannot get the symmetric key by tapping the network. –It can then be used for subsequent encryption of message. –It depends for its effectiveness on the difficulty of computing discrete algorithm
Agent Encryption (6) Diffie-Hellman Key Exchange (con’t) Under its scheme, there are two publicly known numbers: a prime number n and an integer g that is a primitive root of n Suppose hosts A and B wish to exchange a key Host A selects a random integer x < n and computes X = g x mod n. Similarly, host B independently selects a random integer y < n and compute Y=g y modn. Each side keeps x and y be private and makes X and Y available publicly to the other side. Host A computes the key as K = Y x modn and host B computes the key as K = X y modn. These two calculations produce the same result and act as the symmetric key
Agent Encryption (7) Thus, the two sides have exchanged a secret key. Furthermore, because x and y are private, an opponent only has the following ingredients to work with: g, n, X and Y. Thus, the opponent is forced to take a discrete logarithm to determine the key. For example, attacking the secret key of host B, the opponent must compute y using Y, g and n which is computationally difficult to do so.
Agent Encryption (8) Using Diffie-Hellman Key Exchange technique, we can use the symmetric key to encrypt the agent. We use the bitwise XOR to encrypt and decrypt the agent When the agent wants to travel to next host, it first get the public key of the next host and generate the symmetric key using the private key of the host that it resides. Then it will encrypt itself using the symmetric key. When the agent reaches the destination host, it will get the public key of the previous host and decrypt itself using the secret key the destination host.
Agent Encryption (9) To implement agent encryption for our system SIAS, we have introduce three more objects to our system, namely the Encrypt Agent which is the envelope agent encapsulating the buying agent, the DHKey, and the DHKey Server. The Encrypt Agent is an agent which contains the encrypted buying agent. It acts as an envelope agent and travel to hosts on behalf of the buying agent. It aims to protect the buying agent during transmission.
Agent Encryption (10) Why use Encrypt Agent to enclose buying agent? –Since the buying agent is encrypted during transmission, the agent would then be unable to travel to the next host. –It is because the sending host is unable to recognize the encrypted code of the agent and therefore the agent is not executable at all after encryption. –Encrypt Agent will act on behalf of the buying agent to travel around the hosts. It encapsulates the buying agent and move to the next host. –Hosts will recognize the Encrypt Agent and do the execution (i.e. encryption and decryption).
Agent Encryption (11) The DHKey contains the private key and the pubic key for Diffie-Hellman Key Exchange. It has two methods, namely encrypt and decrypt for agent encryption and decryption. These two methods perform their operation by making use of two internal method – toByteArray and toObject. The method toByteArray can change the object into byte array which can then be used for symmetric encryption algorithm. The method toObject can change the byte array back to object which is the decrypted agent.
Agent Encryption (12) DHKey Server is similar to the Key Server. Instead of storing RSA public keys, it stores the public keys of Diffie-Hellman Key Exchange Algorithm. When the system start up, each host and server will send a public key to the DHKey Server. The keys are then store in it.
Agent Encryption (13) When an Encrypt Agent reach a host, it needs the public key of the previous host for agent decryption. It will invoke the method of the DHKey Server for the public key. Similarly, when an Encrypt Agent want to moved to the next host, it will invoke the same method to get the public key of the next host for agent encryption. The connection between the Database Servers or Launch Server and the DHKey Server is done by Java RMI.
Agent Encryption (14)
Reliability of SIAS (1) Our system is highly dependent on Concordia API Faults occur in Concordia API cannot be avoided In Concordia architecture, an agent will lose if anyone of the destinations of agent does not exist This introduces data loss To prevent data loss, fault-tolerance design is needed
Reliability of SIAS (2) Whenever a component fails, we restart it Component restart strategy: –Database Server fails restart the failed host –Launch Server fails A whole system recovery Launch Server loses backups for security measures –Key / DHKey Server fails A whole system recovery Public keys lost due to failures cannot be recovered
Reliability of SIAS (3) We design two strategies in our fault- tolerance design –Logging System –Connection Availability Detection, CAD
Reliability of SIAS (4) Logging System –Maintain Log File of each component –Each line of a log file contains state as well as message of the component [initialization] Listening to Incoming Agents [handle agent] Agent arrived [handle agent] Error in connecting to SQL Server State Error Message
Reliability of SIAS (5) With Logging System, we can successfully restart failed components However, we cannot prevent data loss Agent can still reach failed components We need additional features to prevent data loss
Reliability of SIAS (6) Connectivity Availability Detection, CAD –A mechanism analogous to PING
Reliability of SIAS (7) Weakness in our design –Data loss if failures occur at Launch Server, Key Server or DHKey Server because of a whole system recovery –Data loss if the component that the agent resides fails
Reliability of SIAS (8) Implementation I –We introduce a Monitor Program to our system –The Monitor Program is responsible for Logging System as well as CAD
server Reliability of SIAS (9) Monitor Program server If a server fails ping server ping It does not response to ping signal server restart signal server Server restarts ping A forever loop is used to check the servers
Reliability in SIAS (10) A Ping signal is a combination of two kinds of inspections –A Log File inspection It looks for Error Messages in a log file –A RMI binding detection It looks for a RMI address binding Each component has to bind a RMI address Failure will unbind a RMI address
Reliability in SIAS (11) Implementation II –Modify Launch Server and Database Servers –Embed CAD features in Launch Server and Database Servers
Reliability in SIAS (12) Server AServer B Agent arrives at Server A RMI binding check on Server B Server B responses Agent travels to Server BAgent arrives at Server BIf Server B is down RMI binding check on Server B Agent sends checking signals to Server B until it replies restart signal Restart signal sent by Monitor Program Server B responses Agent travels to Server BAgent arrives at Server B This can guarantee that agent can travel to its destination without any data loss
Security Analysis on SIAS (1) The security of the additional measures lies mainly on the introduction of a Key Server that facilitates the use of public key cryptography. Assuming the Key Server as well as communication channel with the Key Server are secure enough, and the keys are managed properly, the prevention of modification of the signed product and quantity lists of an agent by a malicious host is supported by the security of the RSA encryption algorithm.
Security Analysis on SIAS (2) Time complexity for breaking the RSA cryptosystem depends on the length of the key in number of bits. The longer the key is, the more secure the system would be. In our implementation, we have chosen a key length of 128 bits. This would be sufficiently secure for our security purpose.
Security Analysis on SIAS (3) We have tested the times for SIAS to launch a single agent before and after implementation of the security mechanisms. To evaluate the performance overhead introduced, we have tested the times for SIAS to launch a single agent with and without security measures. Round trip times (RTTs) required for an agent to travel around an electronic market, consisting of 26 hosts, are measured under different situations. We will measure the performance overhead of the security measure, such as encrypting the agent, see the trade-off between performance and security for SIAS.
Security Analysis on SIAS (4) RTT for an agent to travel in SIAS changes more or less linearly over the number of hosts. This is due to the additional time to travel an additional host, and the overhead for each additional host is more or less the same. RTT is also linearly increasing as the number of products of the query increases because of the increases in number of database transactions and time to transport an agent.
Security Analysis on SIAS (5) When security is enforced, the RTT increases. For the maximum number of hosts of 26, and maximum size of query of 90 products, the RTT increases by 100 seconds, from 230 sec to 350 sec. This can be explained by the extensive use of the RSA algorithm to encrypt and decrypt each item. We see a trade-off between security and performance in SIAS.
Conclusion (1) We studied the technology of autonomous mobile agents and discussed the problems of malicious hosts in a mobile agent system. We implemented SIAS as a sample application of mobile agents, which reduces communication cost and allows delegation of tasks. We found that security problems of malicious hosts in SIAS is a main concern. Therefore, we had developed a primitive approach to protect the agents such as data encryption and agent encryption.
Conclusion (2) We analyzed the security of our approach, and believe it is strong enough for domestic purpose. We had measured the performance overhead of the security measures and we saw a trade-off between performance and security for SIAS. We learnt that it takes time for a malicious host to attack an agent. Therefore we can set a time limit for detecting the malicious host attacking the agent. If the agent returns back in a time longer than the time limit, it is probably that the agent was attacked by the malicious host.
Conclusion (3) We analyzed the reliability of SIAS and implement a fault- tolerance design of SIAS. We believe that mobile agent technology will be a new trend in electronic commerce technology.
Thank You!