mobile agent for secure web-service debashis roy katayoon moazzami rachita singh







OutlineOutlineIntroductionSecurity issues in mobile agent &

web service integrationSelected PapersAgent-based Delegation ModelBilinear Diffie-Hellman Public Key

SystemBoneh-Franklin ID-based Public Key


Introduction
Web services

◦ Based on XML,SOAP,WSDL ◦ Enables communication between software &

client◦ Invokes services from service provider◦ Information retrieval, online calculation and

Mobile agent

◦ Mobile executable object◦ Dispatched from owner/agent service

provider◦ Migrates autonomously in the network

Why Mobile Agent?
Mobile agent can migrate in the network independently

network independentlyReturns back to the owner after

finishing the taskDoes not need continuous

network connection as the conventional RPC

Applicable to devices with limited bandwidth and resources

Security Issues 
Non-repudiation

◦Verify the sender & the recipient are the parties who claim to send or receive the message

Authentication
◦Verify digital identity of the


◦Decide the access to data or function◦Use traditional ACL (Access Control List)

or RBAC (Role Based Access Control)

Selected PapersSelected Papers H. S. Hwang, H. J. Ko, K. I. Kim, U. M. Kim, D. S. Park,

“Agent-Based Delegation Model for the Secure Web Service in Ubiquitous Computing Environments”, International Conference on Hybrid Information Technology, ICHIT '06, Volume 1, pp.51-57, Nov. 2006.

J. Zhang, Y. Wang, V. Varadharajan, “Mobile Agent and Web Service Integration Security Architecture”, IEEE International Conference on Service-Oriented Computing and Applications, SOCA '07, pp.172-179, June 2007.

J. Zhang, Y. Wang, V. Varadharajan, “A New Security Scheme for Integration of Mobile Agents and Web Services”, Second International Conference on Internet and Web Applications and Services (ICIW'07), pp.43-48, May 2007.

Agent-based Delegation Model

All the communication are done with the help of agents.

User gives his/her credentials to his/her agents, the agents transfer user’s credentials to web service providers.

Extends from SAML 1.1/2.0 (Security Assertion Markup Language) specification to transfer the delegation information among the user and the agents

Components of Delegation Model
Web-Service Management Server (WSMS)

(WSMS)◦Based on XACML (eXtensible Access

Control Markup Language) model.◦Mediator between the users and the

web service providers◦Manages the web services and the

policies registers by the web service providers

◦Assigns appropriate roles to the user.

Components of Delegation Model (contd.)
Principal (P)

◦The user who delegates his/her rights to agents

Principal Agent (PA)◦Communicates with other agents on

behalf of PCarrier Agent (CA)

◦PA delegates its rights to CA◦CA can communicates with other agents if

requiredService Agent (SA)

◦Verifies the validity of delegation assertion◦Processes P’s service request

Components of Delegation Model (contd.)
Authentication Authority (AA)

◦Authenticates Ps or agentsDelegation Authority (DA)

◦Issues delegation assertions to authenticated agents

The Delegation Model

Delegation Assertion
Indicates whether P or agent is capable of delegating their rights or not.

of delegating their rights or not.Based on the SAML (Security Assertion

Markup Language) specificationDigitally signed by DAP’s information is encrypted with AA’s

public keyContains additional information such as

◦ Service provider’s URL◦ Inputs to the WSDL◦ Least role,◦ Recipient agent PA◦ Encrypted with service provider’s public key

Delegation Interaction

DiscussionDiscussionAgents can delegate their rights to

other agents without any privacy disclosure

Principal agent PA has the complete control over all delegation operations

No agent can delegate its rights to other agent without PA’s approval

The communication between any two components is encrypted with public key cryptosystem

Requires a considerable amount of time and resource for encryption and decryption

Bilinear Diffie-Hellman Public Key System
ID-based authentication instead of the certification authority (CA)

of the certification authority (CA) One key required for encrypting a

service available to a group of users

based on the computational Diffe-Hellman and the Bilinear Diffe-Hellman assumption

AssumptionsAssumptionsWeb service provider consists of

different web services to which users can be assigned

Each of these users has a mobile agentThe users that are assigned to a

specific web service resource form a group

Web service provider acts as a key distribution centre (KDC)

Keys allocated to each group of usersThe users are free to join any web

service resource and leave any one

Steps
System setup
Subscription
Signature scheme
Authentication scheme
Encryption
Decryption 
Re-keying

System setup
p=2q+1 G1 , G2 of order p(BDH assumption )

assumption )Master key sZq


P belonging to the additive group G1

H1:{0,1}*G1,H2:{0,1}*G2 Ppub=sP sID=sQID(QID=H1(ID)) private key

SubscriptionSubscription If there are n users using l web

service resources a n×l matrix is set where the ij th element is 1 if user i is a part of user group j and 0 otherwise

Signature is a triple (Ri,Si,m) m messageRi=rQi


AuthenticationAuthentication Signed message can be

authenticated using the public key and the user ID

Should check e(Si,P)=e(H2(Mr,Ri)H1(IDi)

+Ri,Ppub) e is a computable bilinear

map,for some a,bZq and P,QG1


EncryptionEncryption considering the kth service provider , tk

the number of users using this service resource, Qt be the user’s public key and Mk a session key or a message for this group of users

and matrices denoted by aik are set up thus

The ciphertext (Uik,Vk) obtained byU1k=rkP,Uik=rQVik (2≤ik≤tk)Vk=MkH2(e(Ppub,rkQV1k)) ( rkZq* a

random number)




ikikv QQ


kk ttl )1(iktkkv aQQQ

ik ),...,( 1

Decryption
Qv1k calculated
Mk calculated using

)),((12 kvkpubkk QrPeHvM

Re-keying 
Member changes

◦Re-keying of the group session key is done by the WSP

◦changing the group registration matrix S adding a new row when a member joins removing a row when a member leaves

◦ recalculating the values of U,V Web-service changes

◦adding a new column in the matrix S and recalculating all the parameters

Boneh-Franklin ID-based Public Key Scheme
Security scheme employs an Identity-based public key system

Identity-based public key system New authentication protocol

without using the username/password pair

Alternative method for security mechanism without using the Certification Authorities (CA)

System Description
Web Service provider (WSP) acts as a Key Distribution Centre (KDC)

as a Key Distribution Centre (KDC) Have secure channels to distribute

keys to the users Registered users with same web

service resource form a groupGroups denoted as G[1],G[2],

…….G[l], resources as r1,r2,….,rl and l as cardinality of web services

New Scheme Setup
Based on ID based encryption algorithm

Ppub=sP and sends to all registered users

User has to provide his/her identity whenever he/she joins the group

WSP authorize the user by sending user’s private key SID=sQID where QID=H1(ID)

H1:{0,1}*G1 and H2:G1{0,1}* are two one way hash functions

New Scheme Setup (cont)
For n users and l services,WSP provides matrix S as

provides matrix S as

Where Smk=1 if user um is a member of web service G[k]

Authentication Scheme
User Ui has a unique identification IDi

Random number rZq

Generator PG1 Public hash function H2:{0,1}*q Computes Ri←rQi and Si←(H2(m,Ri)


Signature is the triple (Ri,Si,Mr)WSP verifies the signature using

public key and the senders IDi.

Secure Web Service Scheme

Describes about web service data encryption

Assumes one encryption key for each service

Data can be encrypted depending on its size

If data set is not large then it is directly encrypted with the service encryption key

For large data set, data is first encrypted with a session key and then the session key is encrypted with the service encryption key

Receiver decrypts the session key with its private key then uses session key to decrypt the data

Re-keying for member changes and service changes
Three cases for re-keying

◦New member joins◦Existing member leaves◦Member switches from one group to

anotherMember switches from group

G[k] to G[k’] where k≠k’ ,WSP updates the registration matrix S

Re-keying for member Re-keying for member changes and service changes and service changes (cont)changes (cont)WSP recomputed the polynomial

function fk(x) to revoke the member Um from G[k], and then recomputes another polynomial function fk’(x) to add the member Um to the data group G[k’].

The function fk(x) is given as


Discussion Discussion New ID-based public key management

scheme for securing the integration of mobile agents and web services

Without use of Certification Authorities (CA), also does not use the username/password pair.

Simplifies the key management Drawbacks

◦ users must have their private key pair based on PKI

◦ calculate the username/password token◦ use different keys for different user's

ConclusionConclusionAll communications among the users, agents

or service providers needed to be encryptedSymmetric encryption cannot be usedAsymmetric encryption based on the public

key infrastructure (PKI) is most suitable for agent-based web service integration

PKI also has some drawbacks◦ All users must have his/her public/private key

pair◦ A server has to manage and verify all the public

keys◦ Server has to search the user’s public key and

use different keys to encrypt different messages for different users

◦ Requires a considerable amount of resource for encryption and decryption

