Abstract
Multi-agent systems are automated form of software technology to enhance many applications in our life. However, this technology does not come along with embedded security features which hindering its widespread usage in commercial systems such as those that depend on location-based services. This paper aims to design, develop, test and evaluate an efficient security protocol for the multi-agent system to support the secrecy of user location. At first, we have developed a new architectural approach, inspired by the well-known Kerberos protocol, that can provide a secure service for the end users. It offers the most important security requirements in this field, namely; mutual authentication, confidentiality, integrity, and authorization. The proposed security protocol so-called Multi-Agent Security using Enhanced Kerberos has been verified and validated using a formal verification tool called ProVerif. Also, we provide a comparison with the original Kerberos protocol in terms of efficiency, which tilts the balance to our protocol.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Fazziki, A. E., Benslimane, D., Sadiq, A., Ouarzazi, J., & Sadgal, M. (2017). An agent based traffic regulation system for the roadside air quality control. IEEE Access, 5, 13192–13201.
Cai, Z., Zhang, Y., Wu, M., & Cai, D. (2016). An entropy-robust optimization of mobile commerce system based on multi-agent system. Arabian Journal for Science and Engineering, 41(9), 3703–3715.
Boudriga, N., & Obaidat, M. S. (2004). Intelligent agents on the web: A review. Computing in Science Engineering, 6(4), 35–42.
Martínez, D., Clotet, E., Moreno, J., Tresanchez, M., & Palacín, J. (2016). A proposal of a multi-agent system implementation for the control of an assistant personal robot (pp. 171–179). Cham: Springer.
Chaudhari, S. S., & Biradar, R. C. (2016). Traffic and mobility aware resource prediction using cognitive agent in mobile ad hoc networks. Journal of Network and Computer Applications, 72(1), 87–103.
Niu, W., Li, G., Tong, E., Yang, X., Chang, L., Shi, Z., et al. (2014). Interaction relationships of caches in agent-based HD video surveillance: Discovery and utilization. Journal of Network and Computer Applications, 37(1), 155–169.
Metzger, M., & Polakow, G. (2011). A survey on applications of agent technology in industrial process control. IEEE Transactions on Industrial Informatics, 7(4), 570–581.
Jain, C., & Saxena, A. (2016). General study of mobile agent based intrusion detection system (IDS). Journal of Computer and Communications, 4(4), 93–98.
Geetha, G., & Jayakumar, C. (2015). Implementation of trust and reputation management for free-roaming mobile agent security. IEEE Systems Journal, 9(2), 556–566.
Muñoz, A. (2019). A review of security mechanisms for multi-agent systems: Security challenges in multi-agent systems. In Artificial intelligence and security challenges in emerging networks (pp. 38–62). IGI Global.
Al-Hamadi, H. M. N., Yeun, C. Y., Zemerly, M. J., & Al-Qutayri, M. (2011). Distributed lightweight Kerberos protocol for mobile agent systems. In IEEE GCC conference and exhibition (pp. 233–236).
Al-Hamadi, H. M. N., Yeun, C. Y., Zemerly, M. J., Al-Qutayri, M. A., & Gawanmeh, A. (2011). Formal modeling and verification of DLK protocol. In 2011 International conference for internet technology and secured transactions (pp. 578–583).
Al-Hamadi, H. M. N., Yeun, C. Y., Zemerly, M. J., Al-Qutayri, M. A., & Gawanmeh, A. (2013). Verifying mutual authentication for the DLK protocol using ProVerif tool. International Journal for Information Security Research, 3(1), 256–265.
Subburaj, V. H., & Urban, J. E. (2019). Specifying security requirements in multi-agent systems using the descartes-agent specification language and AUML. In E. Ziemba (Ed.), Information technology for management: Emerging research and applications (pp. 93–111). Cham: Springer.
Subburaj, V. H., & Urban, J. E. (2018). Applying formal methods to specify security requirements in multi-agent systems. In 2018 Federated conference on computer science and information systems (FedCSIS) (pp. 707–714). IEEE.
Board, F. (2018). The current set of standard FIPA specifications. http://www.fipa.org/repository/standardspecs.html. Accessed 1 Aug 2018.
Bellifemine, F., Trucco, T., Giovanni, C., & Rimassa, G. (2010). JADE programmer’s guide. http://jade.tilab.com/doc/programmersguide.pdf. Accessed 1 Aug 2018.
Thielscher, M. (2005). Flux: A logic programming method for reasoning agents. Theory and Practice of Logic Programming, 5, 533–565.
Winikoff, M. (2005). Jack™ intelligent agents: An industrial strength platform (pp. 175–193). Boston, MA: Springer.
Dastani, M., van Riemsdijk, M. B., Dignum, F., & Meyer, J.-J. C. (2004). A programming language for cognitive agents goal directed 3APL. In M. M. Dastani, J. Dix, & A. El Fallah-Seghrouchni (Eds.), Programming multi-agent systems (pp. 111–130). Berlin: Springer.
Bordini, R. H., & Hübner, J. F. (2006). BDI agent programming in agentspeak using Jason, ser. CLIMA’05 (pp. 143–164). Berlin: Springer.
Rinard, M. C., Scales, D. J., & Lam, M. S. (1993). JADE: A high-level, machine-independent language for parallel programming. Computer, 26(6), 28–38.
Fotiou, N., Machas, A., Polyzos, G. C., & Xylomenos, G. (2015). Access control as a service for the cloud. Journal of Internet Services and Applications, 6(1), 11.
Blanchet, B., Cheval, V., Smyth, B. & Sylvestre, M. (2017). ProVerif 1.97: Automatic cryptographic protocol verifier, user manual and tutorial. http://www.proverif.ens.fr/manual.pdf. Accessed 1 Aug 2018.
Backes, M., Maffei, M., & Unruh, D. (2008). Zero-knowledge in the applied pi-calculus and automated verification of the direct anonymous attestation protocol. In 2008 IEEE symposium on security and privacy (sp 2008) (pp. 202–215).
Jiang, Q., Zeadally, S., Ma, J., & He, D. (2017). Lightweight three-factor authentication and key agreement protocol for internet-integrated wireless sensor networks. IEEE Access, 5, 3376–3392.
Al-Hamadi, H., Gawanmeh, A., Baek, J., & Al-Qutayri, M. (2017). Lightweight security protocol for ECG bio-sensors. Wireless Personal Communications, 95(4), 5097–5120.
Blanchet, B. (2014). Automatic verification of security protocols in the symbolic model: The verifier ProVerif (pp. 54–87). Cham: Springer.
Needham, R. M., & Schroeder, M. D. (1978). Using encryption for authentication in large networks of computers. Communications of the ACM, 21(12), 993–999.
Woo, T. Y. C., & Lam, S. S. (1992). Authentication for distributed systems. Computer, 25(1), 39–52.
Bansal, C., Bhargavan, K., & Maffeis, S. (2012). Discovering concrete attacks on website authorization by formal analysis. In 2012 IEEE 25th computer security foundations symposium (pp. 247–262).
Leiba, B. (2012). Oauth web authorization protocol. IEEE Internet Computing, 16(1), 74–77.
Abadi, M., & Needham, R. (1994). Prudent engineering practice for cryptographic protocols. In IEEE computer society symposium on research in security and privacy (pp. 122–136).
Bellovin, S. M., & Merritt, M. (1992). Encrypted key exchange: Password-based protocols secure against dictionary attacks. In IEEE computer society symposium on research in security and privacy (pp. 72–84).
Bellovin, S. M., & Merritt, M. (1993). Augmented encrypted key exchange: A password-based protocol secure against dictionary attacks and password file compromise. In Proceedings of the 1st ACM conference on computer and communications security, ser. CCS ’93 (pp. 244–250). New York, NY: ACM.
Raji, F., & Ladani, B. T. (2010). Anonymity and security for autonomous mobile agents. IET Information Security, 4(4), 397–410.
Kuo, W.-C., Wei, H.-J., & Cheng, J.-C. (2014). An efficient and secure anonymous mobility network authentication scheme. Journal of Information Security and Applications, 19(1), 18–24.
Calvaresi, D., Appoggetti, K., Lustrissimi, L., Marinoni, M., Sernani, P., Dragoni, A. F., & Schumacher, M. (2018). Multi-agent systems’ negotiation protocols for cyber-physical systems: Results from a systematic literature review. In ICAART (1) (pp. 224–235).
Fong, C.-H., Parr, G., & Morrow, P. (2011). Security schemes for a mobile agent based network and system management framework. JJournal of Network and Systems Management, 19(2), 230–256.
Venkatesan, S., Chellappan, C., Vengattaraman, T., Dhavachelvan, P., & Vaish, A. (2010). Advanced mobile agent security models for code integrity and malicious availability check. Journal of Network and Computer Applications, 33(6), 661–671.
Garrigues, C., Migas, N., Buchanan, W., Robles, S., & Borrell, J. (2009). Protecting mobile agents from external replay attacks. Journal of Systems and Software, 82(2), 197–206.
Dhanalakshmi, K., & Nawaz, G. K. (2012). Matrix hop mobile agent (MHMA) system for e-service applications. Procedia Engineering, 30(Supplement C), 1171–1178.
Albelaihy, A., & Cazalas, J. (2017). A survey of the current trends of privacy techniques employed in protecting the location privacy of users in LBSs. In 2017 2nd international conference on anti-cyber crimes (ICACC) (pp. 19–24).
Niu, B., Li, Q., Zhu, X., & Li, H. (2014). A fine-grained spatial cloaking scheme for privacy-aware users in location-based services. In 2014 23rd international conference on computer Communication and networks (ICCCN) (pp. 1–8).
Chen, J., He, K., Yuan, Q., Chen, M., Du, R., & Xiang, Y. (2018). Blind filtering at third parties: An efficient privacy-preserving framework for location-based services. IEEE Transactions on Mobile Computing, 17(11), 2524–2535.
Ghaffari, M., Ghadiri, N., Manshaei, M. H., & Lahijani, M. S. (2017). \(p^4qs\): A peer-to-peer privacy preserving query service for location-based mobile applications. IEEE Transactions on Vehicular Technology, 66(10), 9458–9469.
Pfitzmann, B., & Waidner, M. (2003). Analysis of liberty single-sign-on with enabled clients. IEEE Internet Computing, 7(6), 38–44.
Bellovin, S. M., & Merritt, M. (1990). Limitations of the Kerberos authentication system. ACM SIGCOMM Computer Communication Review, 20(5), 119–132.
Sulaiman, R., Huang, X., & Sharma, D. (2009). E-health services with secure mobile agent. In 2009 seventh annual communication networks and services research conference (pp. 270–277).
Srivastava, S., & Nandi, G. (2014). Self-reliant mobile code: A new direction of agent security. Journal of Network and Computer Applications, 37, 62–75.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Appendix: ProVerif Outputs for Our Case Study
Appendix: ProVerif Outputs for Our Case Study
1.1 Mutual Authentication Verification Result
Process name | The queries | ProVerif output |
|---|---|---|
SP login | BeginAS() ==> BeginSA() | All true |
EndSA() ==> EndAS() | ||
EndSA()==>BeginSA()&&BeginAS() | ||
Client login | BeginAC() ==> BeginAC() | All true |
EndCA() ==> EndAC() | ||
EndCA()==>BeginCA()&& BeginAC() | ||
Change SP password | BPchgAS() ==> BPchgSA() | All true |
EPchgSA() ==> EPchgAS() | ||
EPchSA()==> BPchgSA()&& BPchgAS() | ||
Change client password | BPchgAC() ==> BPchgCA() | All true |
EPchgCA() ==> EPchgAC() | ||
EPchgCA() ==> BPchgCA()&& BPchgAC()) | ||
Update SP agent location | BuLTS() ==> BuLST() | All true |
EuLST() ==> EuLTS() | ||
EuLST()==>BuLST()&& BuLTS() | ||
A request from the client agent | BeginTC() ==> BeginCT() | All true |
EndCT() ==> EndTC() | ||
EndCT()==> BeginCT()&& BeginTC() | ||
A response from the SP agent | BeginSC() ==> BeginCS() | All true |
EndCS() ==> EndCS() | ||
EndCS() ==> BeginCS()&& BeginSC() | ||
Communication between the client and SP agents | BcomSC() ==> BcomCS() | All true |
EcomCS() ==> EcomSC() | ||
EcomCS()==> BcomCS())&& BcomSC() |
1.2 Confidentiality Verification Result
Process name | Parameters | ProVerif output |
|---|---|---|
SP login | N6, t6, \(K_{SP,TGS}\), N7 and location) | All secure |
Client login | N1, t1, \(K_{C,TGS}\) | All secure |
Change SP password | H(new password), N8 | All secure |
Change client password | H(new password), N2 | All secure |
Update SP agent location | Location and N9 | All secure |
A request from the client agent | N3, \(t_C\), t2, \(K_{C,TGS}\), location and request | All secure |
A response from the SP agent | N3, t2, U(\(t_C\)), \(K_{C,SP}\) and result | All secure |
Communication between the client and SP agents | Request, result and N4 | All secure |
Client agent logout | N5, t4 and t5 | All secure |
SP agent logout | N10 and t7 | All secure |
Rights and permissions
About this article
Cite this article
Al-Hamadi, H., Yeun, C.Y., Zemerly, M.J. et al. A Novel Protocol for Security of Location Based Services in Multi-agent Systems. Wireless Pers Commun 108, 1841–1868 (2019). https://doi.org/10.1007/s11277-019-06499-4
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-019-06499-4