A = Agent - Department of Computer Science and Engineering, CUHK

Download Report

Transcript A = Agent - Department of Computer Science and Engineering, CUHK

LYU9905
Security in Mobile Agent ECommerce Systems
Prepared by : Wong Ka Ming, Caris
Wong Tsz Yeung, Ah Mole
Supervisor : LYU Rung Tsong Michael
Outline (1)
 Introduction
– What is mobile agent?
 Project Overview
– Overview of SIAS – Shopping Information Agent
System
 System Details
– Implementation of SIAS
 Security Measure of SIAS
– Security Attack and Defense Scenarios in SIAS
Outline (2)
 Agent Encryption Technique
– Diffie-Hellman Key Exchange
 Fault Tolerance of SIAS
– Monitor Program
– Connection Availability Detection
 Security Analysis of SIAS
– Trade-off between security & performance in SIAS
 Project Review & Conclusion
 Q & A Session
Introduction (1)
 What is mobile agent?
– A mobile agent is a software which can autonomously
do the job for us.
– For e-commerce, the aim of mobile agent technology is
to provide an autonomous buying and selling
environment.
– Unlike the traditional client/server paradigm, which
require continuous network connection, mobile agent
make use of the mobile code paradigm, which can
closed the connection once the agent is launched.
Introduction (2)
 What is mobile code paradigm?
– Consider the applet
– The code is downloaded from the web server to the
client side and runs in the client side through the web
browser
– Such strategy is called code on demand, which means
the code are moving across the machine passively
when demanded
– Mobile code paradigm is little bit different in which
the code will actively move from one host to another
Introduction (3)
 What is the advantage of mobile agent?
– It can be able to communicate with other agents, so it is
suitable for some system, such as Stock Broker System.
– It is mobile and able to travel from one host to another,
so it is very suitable for mobile computing, in which the
machine cannot be always connected to the network.
– It reduces the network load and it also overcome
network latency.
– It is autonomous, has control over its own actions,
which means it can adapt to changes dynamically.
– Thus, it is robust and fault-tolerant
Project Overview (1)
 Our project is aimed on designing a web-based e-




commerce system building on top of mobile agent
technology.
In the last semester, we have developed the SIAS system
SIAS is a web-based e-commerce mobile agent system
It provides users with information of products for sale in
an electronic marketplace
It is written in Java programming language and on top of
the Concordia API, which is developed by Mitsubishi
Electric Research Lab
Project Overview (2)
•What’s System does?
Implementation of SIAS (1)
 4 main objects in implementation
– Agent
– Database Server
– Launch Server
– Client Program
Implementation of SIAS (2)
 Agent
– Retrieves products information from Database
Server to clients
 Launch Server
– A gateway between Agent System and Client
Program
– Instantiates and launches Agent whenever
receives client requests
– Receives Agent whenever Agent travels back
Implementation of SIAS (3)
 Database Server
– Receives incoming Agent whenever an Agent arrives
– Retrieves product information for the incoming Agent
 Client Program
– A Java Applet runs on Web Browser
– Sends requests to Launch Server
– A Multi-threaded program, can handle multiple requests
simultaneously
Implementation of SIAS (4)
 System Configuration
– One Launch Server
– 26 Database Servers
– Client Program uses Netscape Communicator
4.5 or above
Implementation of SIAS (5)
Database
Server 1
Database
Server 2
Database
Server N
Agent
retrieves
product
information
Agent
Database
Agent
travels
retrieves
Agent
Server
through
calculates
product
2 receives
theinformation
the
network
Agent until
and
Database
Launch
Agent
Launch
arrives
goes
Server
Server
toat
initializes
Database
Database
1sends
create
out
anout
the
Server
Agent
Server
Agent
Agent
Agent
Agent
travels
tosends
Launch
Server
itAgent
arrives
retrieves
at back
Database
product
information
Server
N 11
fromDatabase
Database
Server1N
cheapest
from
price combination
Server
Launch Server
client request
return result to client
Attacks and Defenses on SIAS (1)
 Scenario 1 - Modification of query products ID
– The list of products specified by user is stored as plain
text
– Malicious host can easily spy out the data and change it
– Later hosts will response to such changes, and report
wrong information
– This violates the integrity of queries
Attacks and Defenses on SIAS (2)
 Scenario 2 - Modification of query quantities
– Similar to scenario 1
– This leads the later host to report wrong information
Attacks and Defenses on SIAS (3)
 Scenario 3 - Spying out and modification of query
results
– Agents carry query results in plain text
– Malicious hosts can spy out and modify the results that
the agent has collected from previous hosts
– Such changes can favor the malicious hosts
– For example, a malicious host raises all the prices
reported from previous hosts
Attacks and Defenses on SIAS (4)
 Scenario 4 - Modification of itinerary of agent
– Itinerary of an agent is accessible to hosts
– Malicious hosts can change the itinerary of an agent
– Agents may go to hosts that are not specified in
itinerary
– Agents may skip hosts that are specified in itinerary
Attacks and Defenses on SIAS (5)
 Hybrid Attacks
– Can mix the above 4 attacks
Host 1
Malicious
Host
Launch Server
Host N
Attacks and Defenses on SIAS (6)
 Solution to Attack Scenario 1 & 2
– We introduce encryption on the whole list of product
IDs as well as the list of product quantities
• {Product ID list} changed to: EA(Product ID list)
•{Product Quantity list} changed to: EA(Product Quantity list)
Key:
Ex(Y) = CipherText of Plain Text Y encrypted by private key
of entity X;
Dx(Y) = Plain Text of CipherText Y decrypted by public key
of entity X;
A = Agent;
Attacks and Defenses on SIAS (7)
 Solution to Attack Scenario 3
– We introduce RSA encryption algorithm on the results
obtained from the Database Server
•{Query result} changed to: EH(Query result)
Attacks and Defenses on SIAS (8)
 Solution to Attack Scenario 4
– The Database Server will sign the path of the agent to
ensure the agent goes the right path
New attribute for Agent: Encrypted_Itinerary
Encrypted_Itinerary = EH1(Next Host at Host H1) + EH2(Next
Host at Host H2)+ ... + EHn(Next Host at Host Hn);
At Launch Server, we compare original itinerary to :
DH1(EH1(Next Host at Host H1)) + DH2(EH2(Next Host at
Host H2))+ ...+ DHn(EHn(Next Dost at Host Hn))
Attacks and Defenses on SIAS (9)
 Introduce 2 objects to support security measures
– RSA object ; and
– Key Server object
Attacks and Defenses on SIAS
(10)
 RSA object is the core of Secure SIAS design
 It helps to implement a public key infrastructure
(PKI)
 It can encrypt a character string to ciphertext, and
decrypt a ciphertext to a character string
Attacks and Defenses on SIAS
(11)
 Key Server object acts as a Certificate Authority
(CA) of our PKI
 It accepts public keys from agents and hosts, and
distribute them
 It uses RMI in transporting public keys
 Why not agent but RMI??
– Endless chain of security measures
Attacks and Defenses on SIAS
(12)
Host One
(Concordia
Agent Transporter)
Host Two
(Concordia
Agent Transporter)
KeyServer
(RMI Server)
Launch Server
(RMI Server)
Client Program
(Java Applet)
• A Secure SIAS
Host N
(Concordia
Agent Transporter)
Agent Encryption (1)
 For Java, the bytecode can easily be decompiled
by decompiler such as mocha and any
decompiling software.
 Therefore we should obscure a mobile agent’s
code to make it hard to reverse engineer.
 We use agent encryption to encrypt the mobile
agent before it travels to one host to another host.
 After it reaches the destination host, it will then be
decrypted as a normal mobile agent and starts its
normal execution.
Agent Encryption (2)
 Because the agent is encrypted, the ability of
traveling from host to host will then be done by an
envelope agent.
 An envelope agent is a normal agent will
encapsulate the encrypted agent.
 It travels to hosts on behalf of the buying agent. It
aims to protect the buying agent during
transmission.
Agent Encryption (3)
 Therefore before envelope agent moves to the next
host, it will encrypt the buying agent .
 When it reaches the destination host, it will
decrypt the buying agent and execution of the
agent will then be performed as normal after
decryption.
Agent Encryption (4)
 We found that our original RSA algorithm cannot
encrypt the agent object.
 Thus, we have to try another method
 we have used symmetric key approach
 We make use of the Diffie-Hellman Key Exchange
for exchanging the symmetric key between two
hosts.
Agent Encryption (5)
 Diffie-Hellman Key Exchange
– It is a key exchange technique which enables two users
to exchange a key securely without actually
transmitting the key in the network..
– Therefore attackers cannot get the symmetric key by
tapping the network.
– It can then be used for subsequent encryption of
message.
– It depends for its effectiveness on the difficulty of
computing discrete algorithm
Agent Encryption (6)
 Diffie-Hellman Key Exchange (con’t)
xknown
•Under

Each
Suppose
Host
Similarly,
Host
These
its scheme,
A
side
Atwo
selects
computes
hosts
keeps
host
calculations
there
A
aBrandom
xand
independently
the
and
areBkey
two
ywish
produce
be
integer
as
publicly
private
to
K exchange
=selects
xthe
Y<and
modn
nsame
and
makes
a random
acomputes
result
and
numbers:
keyX
host
and
and
integer
BX
act
Y
acomputes
prime
=available
as
gyx<
the
mod
n and
the
n.
yymodn.
number
compute
publicly
keynas
symmetric
and
Kto
Y=g
an
=the
key
Xinteger
modn.
other gside.
that is a primitive root of n
Agent Encryption (7)
 Thus, the two sides have exchanged a secret key.
 Furthermore, because x and y are private, an
opponent only has the following ingredients to
work with: g, n, X and Y.
 Thus, the opponent is forced to take a discrete
logarithm to determine the key.
 For example, attacking the secret key of host B,
the opponent must compute y using Y, g and n
which is computationally difficult to do so.
Agent Encryption (8)
 Using Diffie-Hellman Key Exchange technique, we can
use the symmetric key to encrypt the agent.
 We use the bitwise XOR to encrypt and decrypt the agent
 When the agent wants to travel to next host, it first get the
public key of the next host and generate the symmetric key
using the private key of the host that it resides. Then it will
encrypt itself using the symmetric key.
 When the agent reaches the destination host, it will get the
public key of the previous host and decrypt itself using the
secret key the destination host.
Agent Encryption (9)
 To implement agent encryption for our system
SIAS, we have introduce three more objects to our
system, namely the Encrypt Agent which is the
envelope agent encapsulating the buying agent, the
DHKey, and the DHKey Server.
 The Encrypt Agent is an agent which contains the
encrypted buying agent. It acts as an envelope
agent and travel to hosts on behalf of the buying
agent.
 It aims to protect the buying agent during
transmission.
Agent Encryption (10)
 Why use Encrypt Agent to enclose buying agent?
– Since the buying agent is encrypted during transmission, the
agent would then be unable to travel to the next host.
– It is because the sending host is unable to recognize the
encrypted code of the agent and therefore the agent is not
executable at all after encryption.
– Encrypt Agent will act on behalf of the buying agent to
travel around the hosts. It encapsulates the buying agent and
move to the next host.
– Hosts will recognize the Encrypt Agent and do the execution
(i.e. encryption and decryption).
Agent Encryption (11)
 The DHKey contains the private key and the pubic
key for Diffie-Hellman Key Exchange.
 It has two methods, namely encrypt and decrypt
for agent encryption and decryption.
 These two methods perform their operation by
making use of two internal method – toByteArray
and toObject.
 The method toByteArray can change the object
into byte array which can then be used for
symmetric encryption algorithm.
 The method toObject can change the byte array
back to object which is the decrypted agent.
Agent Encryption (12)
 DHKey Server is similar to the Key Server.
Instead of storing RSA public keys, it stores the
public keys of Diffie-Hellman Key Exchange
Algorithm.
 When the system start up, each host and server
will send a public key to the DHKey Server. The
keys are then store in it.
Agent Encryption (13)
 When an Encrypt Agent reach a host, it needs the
public key of the previous host for agent
decryption. It will invoke the method of the
DHKey Server for the public key.
 Similarly, when an Encrypt Agent want to moved
to the next host, it will invoke the same method to
get the public key of the next host for agent
encryption.
 The connection between the Database Servers or
Launch Server and the DHKey Server is done by
Java RMI.
Agent Encryption (14)
Host One
(Concordia Agent
Transporter)
Step (11)
Host Two
(Concordia Agent
Transporter)
Step (13)
Host N
(Concordia Agent
Transporter)
Step (12)
Database Server
executes Step (7) - (10)
Step (14)
DHKey Server
(RMI Server)
Step (16)
Launch Server exeutes
Step (2), (3), (4) & (5)
Step (6)
Launch Server
(RMI Server & Concordia
Agent Transporter)
Step (1)
Step (17)
Client Program
(Java Applet with RMI)
Step (15)
Reliability of SIAS (1)
 Our system is highly dependent on Concordia API
 Faults occur in Concordia API cannot be avoided
 In Concordia architecture, an agent will lose if
anyone of the destinations of agent does not exist
 This introduces data loss
 To prevent data loss, fault-tolerance design is
needed
Reliability of SIAS (2)
 Whenever a component fails, we restart it
 Component restart strategy:
– Database Server fails
• restart the failed host
– Launch Server fails
• A whole system recovery
• Launch Server loses backups for security measures
– Key / DHKey Server fails
• A whole system recovery
• Public keys lost due to failures cannot be recovered
Reliability of SIAS (3)
 We design two strategies in our fault-
tolerance design
– Logging System
– Connection Availability Detection, CAD
Reliability of SIAS (4)
 Logging System
– Maintain Log File of each component
– Each line of a log file contains state as well as
message of the component
State
......
[initialization] Listening to Incoming Agents
[handle agent] Agent arrived
[handle agent] Error in connecting to SQL Server
......
Error Message
Reliability of SIAS (5)
 With Logging System, we can successfully
restart failed components
 However, we cannot prevent data loss
 Agent can still reach failed components
 We need additional features to prevent data
loss
Reliability of SIAS (6)
 Connectivity Availability Detection, CAD
– A mechanism analogous to PING
Reliability of SIAS (7)
 Weakness in our design
– Data loss if failures occur at Launch Server,
Key Server or DHKey Server because of a
whole system recovery
– Data loss if the component that the agent
resides fails
Reliability of SIAS (8)
 Implementation I
– We introduce a Monitor Program to our system
– The Monitor Program is responsible for
Logging System as well as CAD
Reliability of SIAS (9)
Monitor Program
If a server
Server
restarts
fails
ping restart
ping
signal
server
server
ping
server
It doesloop
not response
ping the
signal
• A forever
is used totocheck
servers
Reliability in SIAS (10)
 A Ping signal is a combination of two kinds
of inspections
– A Log File inspection
• It looks for Error Messages in a log file
– A RMI binding detection
• It looks for a RMI address binding
• Each component has to bind a RMI address
• Failure will unbind a RMI address
Reliability in SIAS (11)
 Implementation II
– Modify Launch Server and Database Servers
– Embed CAD features in Launch Server and
Database Servers
Reliability in SIAS (12)
restart signal
RMIBbinding
Server
responses
check on Server B
Server A
Server B
Agent
sends
signals
Restart
Agent
signal
If Server
travels
arrives
sentchecking
Bby
to
atisMonitor
Server
down
A
BProgram
to Server B until it replies
This can guarantee that agent can travel to its destination
without any data loss
Security Analysis on SIAS (1)
 The security of the additional measures lies mainly on the
introduction of a Key Server that facilitates the use of
public key cryptography.
 Assuming the Key Server as well as communication
channel with the Key Server are secure enough, and the
keys are managed properly, the prevention of modification
of the signed product and quantity lists of an agent by a
malicious host is supported by the security of the RSA
encryption algorithm.
Security Analysis on SIAS (2)
 Time complexity for breaking the RSA cryptosystem
depends on the length of the key in number of bits.
 The longer the key is, the more secure the system would be.
 In our implementation, we have chosen a key length of 128
bits.
 This would be sufficiently secure for our security purpose.
Security Analysis on SIAS (3)
 We have tested the times for SIAS to launch a single agent
before and after implementation of the security
mechanisms.
 To evaluate the performance overhead introduced, we have
tested the times for SIAS to launch a single agent with and
without security measures.
 Round trip times (RTTs) required for an agent to travel
around an electronic market, consisting of 26 hosts, are
measured under different situations.
 We will measure the performance overhead of the security
measure, such as encrypting the agent, see the trade-off
between performance and security for SIAS.
Security Analysis on SIAS (4)
Average Agent Travelling Time
milliseconds
10 products
300000
250000
200000
150000
100000
50000
0
20 products
30 products
40 products
50 products
60 products
70 products
1
3
5
7
9 11 13 15 17 19 21 23 25
No. of Hosts
80 products
90 products
 RTT for an agent to travel in SIAS changes more or less linearly over
the number of hosts.
 This is due to the additional time to travel an additional host, and the
overhead for each additional host is more or less the same.
 RTT is also linearly increasing as the number of products of the query
increases because of the increases in number of database transactions
and time to transport an agent.
Security Analysis on SIAS (5)
Average Agent Travelling Time (with Security)
millseconds
10 products
350000
300000
250000
200000
150000
100000
50000
0
20 products
30 products
40 products
50 product
60 products
1
3
5
7
9 11 13 15 17 19 21 23 25
No. of Hosts
70 products
80 products
90 products
 When security is enforced, the RTT increases. For the maximum
number of hosts of 26, and maximum size of query of 90 products, the
RTT increases by 100 seconds, from 230 sec to 350 sec. This can be
explained by the extensive use of the RSA algorithm to encrypt and
decrypt each item.
 We see a trade-off between security and performance in SIAS.
Conclusion (1)
 We studied the technology of autonomous mobile agents
and discussed the problems of malicious hosts in a mobile
agent system.
 We implemented SIAS as a sample application of mobile
agents, which reduces communication cost and allows
delegation of tasks.
 We found that security problems of malicious hosts in
SIAS is a main concern.
 Therefore, we had developed a primitive approach to
protect the agents such as data encryption and agent
encryption.
Conclusion (2)
 We analyzed the security of our approach, and believe it is
strong enough for domestic purpose.
 We had measured the performance overhead of the security
measures and we saw a trade-off between performance and
security for SIAS. We learnt that it takes time for a
malicious host to attack an agent.
 Therefore we can set a time limit for detecting the
malicious host attacking the agent. If the agent returns
back in a time longer than the time limit, it is probably that
the agent was attacked by the malicious host.
Conclusion (3)
 We analyzed the reliability of SIAS and implement a fault-
tolerance design of SIAS.
 We believe that mobile agent technology will be a new
trend in electronic commerce technology.
Thank You!