Mobile-agent´s self-reliant host security examination

Mobile agent brings new concept on programming, especially on distributed computing paradigm. It attracts great interest because of its mobility, autonomy and persistence. But it also brings security issues i.e. insecure networks, malicious agents, malicious hosts and malicious users. One most difficult issues is protecting mobile agent from malicious host because mobile agent execute its code on host so that host can do many things to manipulate data, code and control flow of mobile agent. This paper proposes mobile-agent´s self-reliant host security examination so that mobile agent is able to identify malicious host. In this proposed scheme, every hosts must have signature in blinded form in order to ensure unauthorized host cannot use this signature. This signature serves to distinguish malicious hosts with trusted host. When mobile agent arrives at new host, it will check validation of host´s signature. Mobile agent also gives challenge to host, and host has to give a valid response. If host cannot give valid signature and response, mobile agent will identify this host as malicious host and return to its previous host. Zero knowledge proof of knowledge is used on challenge-response phase so that private keys cannot be revealed.