Mobile agents integrity for electronic commerce applications

The Mobile Agent (MA) paradigm proposes a new approach for designing applications in open and heterogeneous distributed environments. Several application areas can benefit from the adoption of the MA technology, because it can support electronic commerce transactions and help in information gathering, filtering, and negotiation. MA solutions provide mobility, autonomy and easy personalisation, but still lack a comprehensive and widely accepted security framework. Only a full answer to the requirement of protection for both execution sites and mobile shopping agents can leverage the adoption of MA solutions in the electronic commerce area. This paper proposes an MA environment to support secure and open electronic commerce applications. In particular, the paper focuses on how mobile shopping agents carl be protected from malicious behaviour of execution sites and presents a range of solution strategies. The first solution makes use of a Trusted Third Party entity, while the second one is based on a distributed approach that does not assume the presence of trusted entities. In addition, these two solutions are integrated in a combined one. The paper compares the different approaches and describes their implementation performance. (C) 1999 Published by Elsevier Science Ltd. All rights reserved.