A free-roaming mobile agent security protocol against colluded truncation attack

Abstract

To secure the free-roaming mobile agent's data protection, especially to resist the colluded truncation attack, we made a tentative analysis on the current solutions of these problems and proposed a new security mechanism, which is called Signature Trust Chain Mechanism (STCM). In STCM, data is encrypted into a divisible whole for protection. When reaching a host, agent concatenates the data carried by it with data generated on this host then encrypts them and sending identity information to trusted third party. When agent comes back to trusted third party, it will compare path from passing data with path from identity information each hop gives trust third party to find out if there exists attack. Then trust third party sends corresponding data to task sponsor. Analysis shows the mechanism can defend the colluded truncation attack effectively.