Thomas Kunkelmann

An approach for mobile agent security and fault tolerance using distributed transactions

Mobile agents are no longer a theoretical issue since different architectures for their realization have been proposed. With the increasing market of electronic commerce it becomes an interesting aspect to use autonomous mobile agents for electronic business transactions. Being involved in money transactions, supplementary security features for mobile agent systems have to be ensured. In this paper we present an architecture for a mobile agent system which guarantees security for the host as well as security for the agent. This architecture additionally offers fault tolerance for the whole agent system at a high level. To handle these issues for mobile agents we use various encryption mechanisms and we apply a novel method for mobile agent systems by using distributed transactions processing based on the OMG Object Transaction Service in our architecture. With this security architecture an agent will be enabled to do money transactions.

A scalable security architecture for multimedia communication standards

In multimedia conferencing systems the need for confidentiality gains in importance. This goal can be achieved by encryption. In real-time video processing systems there is a special need for partial data encryption. Existing methods and their weaknesses are investigated. We present a new approach for partial encryption of video data, which allows a security level of nearly every granularity. It can be applied to all JPEG-based video compression methods.

Video Encryption Based on Data Partitioning and Scalable Coding - A Comparison

Many of todays multimedia applications require confidential video transmission over the Internet. Appropriate encryption methods require a high computational complexity and are likely to become a performance bottleneck within software-only applications. To reduce the computational encryption effort, partial video encryption methods have been proposed in the past. Promising approaches are based on data partitioning where the encoded video stream is partitioned into two streams, one containing the most important data, the other one containing the least important data. Encrypting the most important data only can reduce the required computational complexity to 10 – 50 % compared to encryption of the whole data stream. Besides the known standardized DCT based video codecs, scalable codecs become more and more popular. Scalable codecs have the advantage that no additional effort is needed to obtain the required data partitioning. In this paper, a novel approach to partial video encryption based on data partitioning applicable to every DCT-based video codec is presented. It is compared to base layer encryption of a video stream encoded with a scalable codec based on a spatio-temporal resolution pyramid. Besides partial encryption, transparent encryption is discussed as well.

Distributed transaction processing as a reliability concept for mobile agents

Mobile agents offer a new possibility for the development of applications in distributed systems and are no longer a theoretical issue since different architectures for their implementations have been proposed. With the increasing market of electronic commerce it becomes an interesting idea to use autonomous mobile agents for electronic business transactions. Being involved in money transactions, supplementary security features for mobile agent systems have to be ensured. We present an architecture for a mobile agent system which offers fault tolerance for the whole agent system at a high level. This architecture additionally guarantees security for the host as well as security for the agent. To handle these issues for mobile agents we use various encryption mechanisms and we apply a novel method for mobile agent systems by using distributed transactions in our architecture. Due to this security architecture an agent will be enabled to carry out money transactions.

The Transaction Internet Protocol in practice: reliability for WWW applications

One of the most interesting domains of future Internet applications will be located in the area of electronic commerce, where online products and services are offered. Products of value are accounted by monetary transactions, involving a bank or credit card service to handle the electronic cash flow. To achieve a reliable and consistent flow of information in these applications, the concept of transactions has been proven to be the right choice. With the standardization of Transaction Internet Protocol (TIP) there is now a protocol available for the synchronization of distributed Internet applications dealing with transactions. We give a detailed overview of TIP and how it can be integrated in electronic commerce applications on the WWW. We have implemented the current version of TIP (3.0) in Java. Based on this TIP implementation we developed an electronic shopping mall application for the usage in the WWW.

Enhancing Mobile Agents with Electronic Commerce Capabilities

The paradigm of mobile agents offers a powerful and flexible opportunity to develop distributed applications on a high-level of abstraction. One of the most interesting tasks for mobile agents is an active search for relevant information in non-local domains on behalf of their users. A mobile agent will be sent out on behalf of an user to various host servers in the Internet and to find information. In the future this information might not be freely accessible, so the agent may have to pay for them. Thus the mobile agent has to be equipped with electronic commerce capabilities. This implies a fault tolerant and secure infrastructure for the mobile agent. In this paper we present a system which offers electronic commerce capabilities for mobile agents. These capabilities a part of an architecture which guarantees different security issues and fault tolerance for mobile agents. Security for the partners involved is handled by encryption methods based on a public key authentication mechanism and by secret key encryption of the communication. To achieve fault tolerance for the agent system, especially for the agent transfer to a new host, we use Distributed Transaction Processing (DTP). This architecture can be used on top of existing mobile agent systems, e.g. as an enhancement of the “GO-Statement”, and offers a high reliability because the implementation is based on standardized components.

Evaluation of Different Video Encryption Methods for a Secure Multimedia Conferencing Gateway

In multimedia conferencing systems the need for confidentiality and privacy gains more and more in importance, particularly in open networks like the Internet. In this paper we give an overview of the security requirements of multimedia conferencing systems and of applicable security functions. For real-time video transmissions there is a special need for selective encryption of the transmitted data. Existing methods are investigated and their strengths and weaknesses will be shown.

Scalable Security Mechanisms in Transport Systems for Enhanced Multimedia Services

Data confidentiality is a very important issue for communication in open networks. Secure communication usually will be achieved by encryption mechanisms. For distributed multimedia applications the usage of encryption in real-time can cause a performance problem due to the time complexity of the cryptographic algorithms. In these cases partial encryption is a solution to satisfy real-time demands.

STDL as a High-Level Interoperability Concept for Distributed Transaction Processing Systems

The Structured Transaction Definition Language (STDL) is a language-based programming interface to transactional protocols and runtime systems. STDL isolates within the language transaction processing features, allowing an implementation to hide underlying communications mechanisms, like TxRPC and CORBA/OTS, from the programmer. Because of its design centre in distributed processing, STDL already includes many features of object-oriented systems. Completing the transformation to an object-oriented language provides a migration path from procedure-oriented TP to object-oriented TP and simplifies the substitution of object-oriented communication managers.