• Corpus ID: 16239455

Experiments on Formal Verification of Mobile Agent Data Integrity Properties

  title={Experiments on Formal Verification of Mobile Agent Data Integrity Properties},
  author={Paolo Maggi and Riccardo Sisto},
This paper explores the possibility of applying existing verification techniques and tools to the cryptographic mechanisms specifically designed for the protection of mobile agents from their environment, with a particular emphasis on agent data integrity. In a previous paper we explored the use of the CSPbased tools FDR and Casper. Here, instead, we present our experience with a prototype of a new verification tool based on spicalculus. The symbolic techniques employed in this new tool make it… 

Figures from this paper

Agents Based e-Commerce and Securing Exchanged Information
  • R. Al-JaljouliJ. Abawajy
  • Computer Science
    Pervasive Computing, Innovations in Intelligent Multimedia and Applications
  • 2010
This chapter describes robust security techniques that ensure a sound security of information gathered throughout agent’s itinerary against various security attacks, as well as truncation attacks.
Boosting m-business using a truly secured protocol for data gathering mobile agents
  • R. Al-Jaljouli
  • Computer Science
    International Conference on Mobile Business (ICMB'05)
  • 2005
This paper presents an accurate security protocol for data gathering mobile agents, and proves its correctness by verifying the security properties: authenticity, confidentiality, and strong integrity using STA, an infinite-state exploration formal method.
The agent migration and fault-tolerance management in dynamic network security system
A novel agent fault-tolerance migration mechanism realised by integrity verification is presented, and a Combined Agent Migration and Fault-Tolerance Strategy (CAMFS) is presented according to the agent characteristics in a dynamic network security system.
Formal Methods in the Enhancement of the Data Security Protocols of Mobile Agents
This invention provides means for transferring a person from a stationary place to a movable stretcher using a flexible and foldable transfer sheet attached to such stretcher.
Mobile-agent based multi-constraint one-to-many bilateral e-Negotiation framework
A multi-constraint one-to-many bilateral e-Trade negotiation framework that deploys mobile agents in negotiation, considers trading competition between vendors and search space, accurately evaluates offers, and truly maintains the security of negotiation data is proposed.
Defend mobile agent against malicious hosts in migration itineraries
The construction of a novel agent fault-tolerant migration model
By simulation experiment, the results prove that the model provided by the paper is feasible and efficient, and can save network resource much than other relative works.
The Construction and Analysis of Agent Fault-Tolerance Model Based on pi-Calculus
The paper constructs a novel agent migration fault-tolerance model based on integrity verification (AMFIV), which can reduce the complexity degree of agent communication and agent replicas amount so that network and time resource can be much saved.


A State-Exploration Technique for Spi-Calculus Testing Equivalence Verification
This work introduces a different technique which can overcome this drawback by allowing users to carry out the verification task in a completely automatic way by bounding the replication of parallel processes to a finite number, and using an abstract representation of all explicitly allowed values in interactions between the spi process and the environment.
Verifying authentication protocols with CSP
  • S. Schneider
  • Computer Science
    Proceedings 10th Computer Security Foundations Workshop
  • 1997
A specific theory appropriate to the analysis of authentication protocols is developed, built on top of the general CSP semantic framework, to combine the ability to express protocols in a natural and precise way with the facility to reason formally about the properties they exhibit.
Casper: a compiler for the analysis of security protocols
  • G. Lowe
  • Computer Science, Biology
    Proceedings 10th Computer Security Foundations Workshop
  • 1997
Casper is described, a program that automatically produces the CSP description from a more abstract description, thus greatly simplifying the modelling and analysis process.
Using Process Algebras to Formally Specify Mobile Agent Data Integrity Properties: A Case Study
It is shown how a specification technique initially conceived only for classical cryptographic protocols can be used in the context of mobile agents as well by using spi calculus, an extension of calculus with cryptographic properties.
Using CSP to Detect Errors in the TMN Protocol
FDR (Failures Divergence Refinement), a model checker for CSP, is used to detect errors in the TMN protocol and a very general intruder as CSP processes, and test whether the intruder can successfully attack the protocol.
Mobile agents integrity in e-commerce applications
  • Antonio CorradiR. MontanariC. Stefanelli
  • Computer Science
    Proceedings. 19th IEEE International Conference on Distributed Computing Systems. Workshops on Electronic Commerce and Web-based Applications. Middleware
  • 1999
This paper focuses on how mobile shopping agents can be protected from malicious behavior of execution sites and describes a distributed multiple-hops integrity protocol integrated in SOMA, that supports secure and open e-commerce applications.
Secure Information Gathering Agent for Internet Trading
A security system to protect information gathering agent from malicious hosts is proposed and Internet trading under the framework of this system enable agent to conduct commercial information gathering among hosts freely and securely.
On the security of public key protocols
  • D. DolevA. Yao
  • Computer Science
    22nd Annual Symposium on Foundations of Computer Science (sfcs 1981)
  • 1981
Several models are formulated in which the security of protocols can be discussed precisely, and algorithms and characterizations that can be used to determine protocol security in these models are given.
A Sanctuary for Mobile Agents
The Sanctuary project at UCSD is building a secure infrastructure for mobile agents, and examining the fundamental security limits of such an infrastructure.
Formal Specification and Verification of Mobile Agent Data Integrity Properties: A Case Study
This work focuses attention on data integrity properties and shows how the techniques used for classical message-based protocols such as authentication protocols can be applied to mobile agent systems as well.