Efficient access control and key management schemes for mobile agents

Lin, Iuon-Chang; Ou, Hsia-Hung; Hwang, Min‐Shiang

doi:10.1016/j.csi.2003.11.010

Cited by 22 publications

(9 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Upper level class is a representation of the user who possess the highest authority for access, defined as SC i . For lower classes, it is defined as SC j [18,19]. If we use the statement of SC j ≤SC i , SC i is the predecessor of SC j , and then SC j is the succesor of SC i .…”

Section: Methodsmentioning

confidence: 99%

Mobile Agent Application and Integration in Electronic Anamnesis System

et al. 2010

View full text Add to dashboard Cite

Electronic anamnesis is to transform ordinary paper trails to digitally formatted health records, which include the patient's general information, health status, and follow-ups on chronic diseases. Its main purpose is to let the records could be stored for a longer period of time and could be shared easily across departments and hospitals. Which means hospital management could use less resource on maintaining ever-growing database and reduce redundancy, so less money would be spent for managing the health records. In the foreseeable future, building up a comprehensive and integrated medical information system is a must, because it is critical to hospital resource integration and quality improvement. If mobile agent technology is adopted in the electronic anamnesis system, it would help the hospitals to make the medical practices more efficiently and conveniently. Nonetheless, most of the hospitals today are still using paper-based health records to manage the medical information. The reason why the institutions continue using traditional practices to manage the records is because there is no well-trusted and reliable electronic anamnesis system existing and accepted by both institutions and patients. The threat of privacy invasion is one of the biggest concerns when the topic of electronic anamnesis is brought up, because the security threats drag us back from using such a system. So, the medical service quality is difficult to be improved substantially. In this case, we have come up a theory to remove such security threats and make electronic anamnesis more appealing for use. Our theory is to integrate the mobile agent technology with the backbone of electronic anamnesis to construct a hierarchical access control system to retrieve the corresponding information based upon the permission classes. The system would create a classification for permission among the users inside the medical institution. Under this framework, permission control center would distribute an access key to each user, so they would only allow using the key to access information correspondingly. In order to verify the reliability of the proposed system framework, we have also conducted a security analysis to list all the possible security threats that may harm the system and to prove the system is reliable and safe. If the system is adopted, the doctors would be able to quickly access the information while performing medical examinations. Hence, the efficiency and quality of healthcare service would be greatly improved.

show abstract

Section: Methodsmentioning

confidence: 99%

Mobile Agent Application and Integration in Electronic Anamnesis System

et al. 2010

View full text Add to dashboard Cite

show abstract

“…Also, the frequent exchange of data between the host and the clients requires a large amount of network bandwidth. Thus, it causes the system to work inefficiently [2]. The mobile agents are useful when we want to reduce the flow of raw data in the network.…”

Section: Introductionmentioning

confidence: 98%

DMAMA: Dynamic Migration Access Control Mechanism for Mobile Agents in Distributed Networks

Odelu

Das

Goswami

2015

Wireless Pers Commun

View full text Add to dashboard Cite

In real-life applications, ensuring secure transmission of data over public network channels to prevent malicious eavesdropping of the data is an important issue in distributed network environment. There are several potential security risks in protecting data and providing access control over the data. It is a challenging problem to manage dynamically the access rights to the resources and protect them from unauthorized access. Several migration access control mechanisms have been proposed in the literature using hierarchical structure to manage the cryptographic keys to prevent from unauthorized access of resources. However, most of them suffer from some known attacks and they do not efficiently support all required dynamic properties for mobile agent environment. Since, in practical scenarios, from time to time changing of decryption key of a confidential file provides maximum security for the system, it affects significantly the performance of the key management mechanism. In this paper, we propose a novel dynamic migration access control mechanism for the mobile agents (DMAMA) in a distributed network environment using symmetric-key cryptosystem. Further, we provide an elliptic curve cryptography based signature (El-Gamal type) on the decryption key assigned to the confidential file to avoid unauthorized modifications by an attacker. Moreover, DMAMA provides an efficient solution to the dynamic property such as changing decryption key of a confidential file, whereas other schemes do not provide. In addition, DMAMA is efficient in computation and storage overheads as compared to the other related existing schemes. Through the informal and formal security analysis, we show that DMAMA is secure against possible known attacks including man-in-the-middle attack as well as DMAMA provides backward secrecy to the decryption key of a confidential file when adding a new node or creating a new relationship in the existing hierarchy. As a result, higher security, low computational and storage overheads along with efficient access control properties make DMAMA more suitable for practical applications compared to the other related schemes.

show abstract

“…The scheme proposed by Lin et al (7) requires the storage of k private keys under/static/sctx/ acl/. According to the Rivest-Shamir-Adleman (RSA) algorithm, the scheme proposed by Lin et al requires storage with 1024k b for all private keys.…”

Section: External Attacksmentioning

confidence: 99%

“…In 2004, Lin et al (7) proposed a hierarchical key management scheme to filter out the demands of repeatedly storing cryptographic keys in a mobile agent. Compared with Volker and Mehrdad's scheme, Lin et al's scheme offers fewer public key computations.…”

Section: Previous Workmentioning

confidence: 99%

See 1 more Smart Citation

Efficient and Scalable Access Management Scheme Based on Chinese Remainder Theorem

2018

Sensors and Materials

View full text Add to dashboard Cite

We introduce access management methods and their disadvantages after reviewing previous papers. On the basis of the Chinese remainder theorem (CRT), we have developed a mobile agent novel key management scheme that solves some of the defects. We demonstrate a mobile agent that can secure and collect information across different places. We also illustrate the mathematical computation of our proposed method. Moreover, our proposed method is flexible since the whole system is considered.

show abstract

Efficient access control and key management schemes for mobile agents

Cited by 22 publications

References 12 publications

Mobile Agent Application and Integration in Electronic Anamnesis System

Mobile Agent Application and Integration in Electronic Anamnesis System

DMAMA: Dynamic Migration Access Control Mechanism for Mobile Agents in Distributed Networks

Efficient and Scalable Access Management Scheme Based on Chinese Remainder Theorem

Contact Info

Product

Resources

About