Secure Mobile Multiagent Systems In Virtual Marketplaces
|
|
- Caroline Farmer
- 8 years ago
- Views:
Transcription
1 Deutsches Forschungszentrum für Künstliche Intelligenz GmbH Research Report RR Secure Mobile Multiagent Systems In Virtual Marketplaces A Case Study on Comparison Shopping Ina Schaefer March 2002 Deutsches Forschungszentrum für Künstliche Intelligenz GmbH Postfach Kaiserslautern, FRG Tel.: + 49 (631) Fax: + 49 (631) info@dfki.uni-kl.de WWW: Stuhlsatzenhausweg Saarbrücken, FRG Tel.: + 49 (681) Fax: + 49 (681) info@dfki.de
2 Deutsches Forschungszentrum für Künstliche Intelligenz DFKI GmbH German Research Center for Artificial Intelligence Founded in 1988, DFKI today is one of the largest nonprofit contract research institutes in the field of innovative software technology based on Artificial Intelligence (AI) methods. DFKI is focusing on the complete cycle of innovation from world-class basic research and technology development through leading-edge demonstrators and prototypes to product functions and commercialization. Based in Kaiserslautern and Saarbrücken, the German Research Center for Artificial Intelligence ranks among the important Centers of Excellence worldwide. An important element of DFKI s mission is to move innovations as quickly as possible from the lab into the marketplace. Only by maintaining research projects at the forefront of science can DFKI have the strength to meet its technology transfer goals. DFKI has about 165 full-time employees, including 141 research scientists with advanced degrees. There are also around 95 part-time research assistants. Revenues for DFKI were about 30 million DM in 2000, half from government contract work and half from commercial clients. The annual increase in contracts from commercial clients was greater than 20% during the last three years. At DFKI, all work is organized in the form of clearly focused research or development projects with planned deliverables, various milestones, and a duration from several months up to three years. DFKI benefits from interaction with the faculty of the Universities of Saarbrücken and Kaiserslautern and in turn provides opportunities for research and Ph.D. thesis supervision to students from these universities, which have an outstanding reputation in Computer Science. The key directors of DFKI are Prof. Wolfgang Wahlster (CEO) and Dr. Walter Olthoff (CFO). DFKI s five research departments are directed by internationally recognized research scientists: Knowledge Management (Director: Prof. A. Dengel) Intelligent Visualization and Simulation Systems (Director: Prof. H. Hagen) Deduction and Multiagent Systems (Director: Prof. J. Siekmann) Language Technology (Director: Prof. H. Uszkoreit) Intelligent User Interfaces (Director: Prof. W. Wahlster) In this series, DFKI publishes research reports, technical memos, documents (eg. workshop proceedings), and final project reports. The aim is to make new results, ideas, and software available as quickly as possible. Prof. Wolfgang Wahlster Director
3 ACaseStudyonComparisonShopping Secure Mobile Multiagent Systems In Virtual Marketplaces Ina Schaefer DFKI-RR-02-02
4 This work has been supported by a grant from The Federal Ministry of Education, Science, Research, and Technology (FKZ ITW-01 IWA 01). cdeutsches Forschungszentrum für Künstliche Intelligenz 2002 This work may not be copied or reproduced in whole or part for any commercial purpose. Permission to copy in whole or part without payment of fee is granted for nonprofit educational and research purposes provided that all such whole or partial copies include the following: a notice that such copying is by permission of the Deutsche Forschungszentrum für Künstliche Intelligenz, Kaiserslautern, Federal Republic of Germany; an acknowledgement of the authors and individual contributors to the work; all applicable portions of this copyright notice. Copying, reproducing, or republishing for any other purpose shall require a licence with payment of fee to Deutsches Forschungszentrum für Künstliche Intelligenz. ISSN X
5 SecureMobileMultiagentSystems ACaseStudyonComparisonShopping InVirtualMarketplaces InaSchaefer developmentofinternet-basedapplicationslikevirtualmarketplaces.however,thereisan mercialstructures.agentsandmultiagentsystemswillplayamajorroleinthefurther ThegrowthoftheInternethasdeeplyinuencedourdailylivesaswellasourcom- Abstract marketplacescenarioandanapplicationdomainforamobilemultiagentsystem,withrespecttoitssecurityissues.theinterestsoftheparticipantsinthescenario,merchantfuluntiltheirproblemsaresolved.thisreportexaminescomparisonshopping,avirtual increasingawarenessofthesecurityproblemsinvolved.thesesystemswillnotbesuccess- fortheactualimplementationofthesebuildingblocksaresuggested.itispointedout tivescounteractingthosethreatsareestablished.theseobjectivesarerenedintobuilding blocksasecuremultiagentsystemshouldprovide.thebuildingblocksaretransformed intofeaturesofagentsandexecutingplatforms.originatingfromthisanalysis,solutions andclients,areinvestigated.potentialsecuritythreatsareidentiedandsecurityobjec- underwhichassumptionsitispossibletoachievethesecuritygoals,ifatall.
6 Contents 1Introduction 2Relatedwork 2.1Relatedwork{ComparisonShopping VirtualMarketplaceSystems ConstructionandWorkingPrinciplesofComparisonShoppingAgents TheEconomicPerspective Relatedwork{SecurityMechanismsforMobileAgents ComparsonShoppingintheSecurityLiterature...6 3ComparisonShopping{ACaseStudy 2.2.1ProtectionofHostsfromMaliciousAgents TheScenario ProtectioninBothDirections ProtectionofAgentsagainstMaliciousHosts SecurityAnalysis DierentInstancesoftheScenario RolesandtheirInterests TowardsaSecureSystem 3.3OverallSecurityThreatsandSecurityObjectives RemarksontheSecurityThreatsandObjectives TowardsaTechnicalRealisation FeaturesoftheAgentsandPlatforms BuildingBlocks ATechnicalRealisationoftheMultiagentSystem GeneralRemarksontheAchievabilityofSecurityObjectives...24 References 5ConclusionandFuturework 4.4.2AspectsofTechnicalRealisationsfortheProposedBuildingBlocks
7 1 Introduction ThesuccessoftheInternetandtheWorldWideWebhasdeeplyinuencedoureverydaylives aswellasourcommercialstructures.agenttechnologiesandmultiagentsystemswillplaya majorpartinthefurtherdevelopmentofwww-basedapplications:virtualmarketplaceswith customerandselleragents,chatroomsandavatars,personalassistantagentsaswellasnon benevolentagentsdesignedtoattackasite,arejustsomeofmanyapplications.whilethere isstillaconsiderablehypeconcerningagenttechnologies,thereisalsoanincreasingawareness oftheproblemsinvolved.thegrowthofinternet-basedcommerceistemperedbylegitimate concernsonthesecurityofsuchsystems.inparticular,theseapplicationswillnotbesuccessful unlesssecurityissuescanbeadequatelyhandled.oneofthemajorconcernsforbothcustomers andmerchantsparticipatinginecommerceisthepotentiallossofassetsandprivacydueto thebreachesinthesecurityofcorporatecomputersystems.althoughthereisalargebodyof workoncryptographictechniquesthatprovidebasicbuildingblockstosolvespecicsecurity problems,relativelylittleworkhasbeendoneininvestigatingsecurityinamultiagentsystem context.theintroductionofmobilesoftwareagentssignicantlyincreasestherisksinvolvedin InternetandWeb-basedapplications. MobileagentshaveseveraladvantagesinasystemliketheInternet.Mobileagentstraveltoa platformtobeexecutedandgowheretherequireddataisstored.sotheoverallcommunication tracoverlow-bandwidth,high-latencyandhigh-costaccessnetworksisreduced.alsoifthe connectiontotheagentownerisinterrupted,theagentcanstillgoonworking.itreturnsthe resultswhentheconnectionisre-established.theownerdoesnothavetobeonlineallthe timeforhisagenttoperformhistask.thisisparticularlyusefulincasetheconnectionismade viamobilephone.therefore,thetrade-obetweenperformanceandsecurityissueshastobe considered. TheresearchpresentedinthisreportwasdoneasapartoftheSEMAS(SecurityinMobile MulitagentSystems)projectfundedbytheGermanMinistryforEducationandResearch.It investigatesthefundamentalsecuritythreatsinthedesignofmobilemultiagentsystemswithin virtualmarketplaces.thesethreatscanbeclassiedaccordingtowhethertheyareinherentto theapplicationscenariotobeimplemented,inherenttothemultiagentsystemleveldesign,a consequenceofthedesignoftheindividualagentoraresultofusingmobilecomputing.semas thereforeinvestigatesintohowthedesignoftheapplication,thedesignoftheagentsociety andtheselectionofthecomputationalparadigminuencesthecharacteristicsofthesecurity threatsandhowsecuritymeasurescanbecombinedtoanall-embracingsecurityinfrastructure. Accordingly,theSEMASmethodologyandalsotheresearchworkisorganisedintothreelayers: rstlytheapplicationlayer,secondlythesystemarchitectureandthirdlythecomputational architecture.theaimofthesemasprojectistocomeupwithamethodologyforthedesign andimplementationofsecuremobilemultiagentsystems,particularlyforvirtualmarketplaces. SinceSEMAScoverstheapplicationorienteddesignphaseaswell,thereisaneedtofocuson afamilyofscenarios.guidedbytheeconomicalimportanceandscienticsignicance,semas exploresconcreteinstancesofvirtualmarketplacesbasedonauctionsandfreenegotiation.the casesconsideredinsemasareauctionsandcomparisonshoppingasimportantapplications formobileagentsinvirtualmarketplaces.theyarealsoimportantinstancesofnegotiationon marketsfromaneconomicperspective. Thisreportfocusesonthecomparisonshoppingscenario,oneoftheSEMAScasesonthe applicationlayer.itinvestigatessecurityrequirementsandpossiblesolutionsforthisconcrete scenario.in[dew96],thecomparisonshoppingproblemisdescribedasfollows:givenarea domaindescriptionwithusefulattributestodierentiatebetweendierentproducts,asetof URLsforthehomepagesofpossiblevendors,anattributeAbywhichtheuserwantstocompare thevendors(e.g.theprice)andnallyaspecicationofthedesiredproductintermsofdesired valuesfortheproduct'sattributes.thetaskofacomparisonshoppingagentistodetermine thesetofstoreswherethedesiredproductisavailablesortedbytheattributea. Inthisreport,adetailedmodelforthecomparisonshoppingscenariowillbeestablished.With respecttoitsdierentphasesandinstances,itwillbeexploredwhichinterestsandexpectations theparticipantshave.theinterestsandpossibilitiesofanattackerandtheresultingsecurity threatsfortheapplicationwillbeconsidered.fromthatanalysis,theoverallsecurityobjectives counteractingthosethreatsareidentied.thesecurityobjectivesspecifytherequirementsthe 3
8 systemhastosatisfyforconsideringitassecure.havingsketchedapotentialmobilemultiagent systemtorealisethescenario,theobjectivesarebrokendownintomoredetailedfeaturesof thesystemtobeconstructed,i.e.buildingblocksorinterfacesthesystemarchitecturehasto provideattheapplicationlevel.thebuildingblocksarefurtherrenedintofeaturesofsingle agentsroaminginthesystemandofexecutingplatforms.finally,concretetechnicalmeansare proposedtoimplementthebuildingblocksonthelevelofthesystemarchitecture. Furthermore,thisreportgivesanoverviewofresearchoncomparisonshoppingfromdierent pointsofview,i.e.theconstructionofshopbots,virtualmarketplaces,economicimpactand securityissues.additionally,anoverviewofexistingsecuritymechanismsformobileagentsand platformsispresented.itisshownwhichofthoseareapplicableinthiscasestudy. Theremainderofthisreportisstructuredasfollows:Insection2,wediscussrelatedworkwith respecttocomparisonshoppingandsecurityofmobileagents.insection3,adetailedmodel ofthecomparisonshoppingscenarioisestablishedanditsdierentphasesandinstancesare analysed.insection4,wemovetowardsasecuresystemandshowwhichbuildingblocksare neededtoconstructasecuremobilemultiagentsystemforthisapplicaionscenarioandhow theycanberealisedtechnically.section5nishesthereportwithabriefsummaryofthemain resultsandanoutlooktofuturework. 2 Relatedwork 2.1Relatedwork{ComparisonShopping Researchoncomparisonshoppingcanbedividedintodierentareasaccordingtoitsfocus.The rstmainareaofresearchisconcernedwiththefunctionalityandconstructionofcomparison shoppingagentsorso-calledshopbots.itisinvestigatedhowacomparisonshoppingagent hastowork,howwrappersfortheretrievedinformationareconstructedandhowthendings willberanked.asecondfocusarevirtualmarketplaces,mostofwhichcontainacomparison shoppingphase.athirdareaofresearchistheeconomicperspectiveoncomparisonshopping. Researchersinvestigatewhichimpactshopbotshavetotheeconomyanddevelopmethodsto analyseeconomieswithcomparisonshoppingagents.finally,comparisonshoppingisoftenused asexampleinliteratureconsideringsecurityofmobileagents.manyauthorsusecomparison shoppingtoillustratethesecurityissueslinkedtomobileagents.inthefollowing,wehavea closerlookatthesefourareasofcomparisonshoppingresearch ConstructionandWorkingPrinciplesofComparisonShoppingAgents Therstareaofcomparisonshoppingresearchisconcernedwiththeconstructionofcomparison shoppingagentsthataresentouttondthebestmatchforagivenproductdescription. AndresenConsulting'sBargainFinder[Kru96]istherstevermodelofamerchantbrokering shoppingagentorcomparisonshoppingagent.givenaspecicmusiccdnamebargainfinder requestsitsprice(includingdelivery)fromeachofninedierentonlinemusiccatalogsusing thesamerequestsasawebbrowser.itpresentsitsresultstotheconsumerthatmakesthe naldecisionwheretobuyfrom.severalmerchantsdecidednottoparticipateorblocked BargainFinder.BargainFinderworksinahard-wiredwayandishand-codedforthespecic productdomain.itemploysmanualruleextractionanddoesnotconstructwrappersitself. ThismeansthatitisexplicitlyencodedintheBargainFinderagenthowtheinformationfrom aspecicvisitedwebsiteisextracted.exite'sjangowasanothermerchantbrokeringshopping assistantsimilartobargainfinder,butwithmoreproductfeaturesandshoppingcategoriesto searchacross. Shopbot[DEW96]iscomparabletoBargainFinderandJango.ItisinspiredbyBargainFinder's feasibilitydemonstrationandpopularity.however,shopbotisproductindependentandtakes adescriptionofaproductdomainasaninput.allinformationitneedsaboutashopisits URL.ShopbotlearnshowtoextractinformationfromthestoreandreliesonAItechniques likeheuristicsearch,patternmatching,orinductivelearningincontrasttothehand-coded BargainFinder.Shopbotsuggestsanautomaticruleextractiontechniquebyanalysingand learninginshoppingmalls.inordertointegratespecicproductinformation,shopbotremoves irrelevantinformationsuchasadvertismentsbyusinginductivelearningmechanismsandthen 4
9 extractsnecessaryproductinformation.however,shopbotusesstrongassumptionsaboutthe structureofhtmllesandthedisplayformatofproductsforlearning.moreaboutthe technicaldetailscanbefoundin[pdew95]. [JCK+00]proposesamorescalablecomparisonshoppingagentasanimprovementtoShopbot.Theypresentarobustandautomaticshoppingmalllearningalgorithmandanontology generationmethod.themainideaoftheproposedalgorithmistodeterminethepositionof aproductdescriptionunitfromthehtmlsourceofasearchresultpagebyrecognizinga repeatedpatternoflogicallineinformation.thepositionalinformationisconvertedintoan extractionrulethatbecomesthemainpartofthewrapper.thisalgorithmissimple,butrobust becausenostrongbiasesareassumed.consequently,thesuccessrateishigherforconstructing acorrectwrapper.furthermore,amechanismissuggestedthatgeneratestheontologyfrom thewell-structuredoutputs.theexistingontologyisautomaticallyextendedbyapplyingitto unstructuredsearchresults.moredetailsontheconstructionofthesewrapperscanbefound in[ylc00]. In[BG99],Brodyetal.introducethePocketBargainFinderdevice.Acustomerentersa bookshopandndsaninterestingbook.hetakesthepocketbargainfinderandscansthe book'sbarcode.pocketbargainfinderconnectstotheinternetandevaluatesthebook'sprice atdierentonlineretailers.thecustomerseeswhetherhecouldorderthebookontheinternet forbetterconditionstakingdeliverycostsanddeliverytimeintoaccount.theusedhardware isapdaandabarcodereaderaswellaswirelesscommunication.pocketbargainfinderis proposedforuseinaugmentedcommerce,i.e.commerceintherealworldenhancedwith electroniccommercecomponents. [GM98]stressesthenecessityofincludingmultipleattributesintheproductrankingdoneby agentsduringcomparisonshopping.anonline-merchantwould,asinthephysicalworld,prefer hiscustomersonlytoshopathissitebecausecross-merchantcomparisonisseenasathreatto hisownprotability.however,consumerswanttocompareproductoeringsacrossmerchants. Cross-merchantcomparisonisacharacteristicofretailmarketplaces.Thus,merchantsenhance theirproductswithproduct-addedvalueslikeextendedwarranties,superiorcustomerservice andsoontodistinguishthemselvesfromothermerchants.cross-merchantcomparisonismuch easierandlesscostlyifitisdonebycomparisonshoppingagents.therstgenerationof comparisonshoppingagentsmakestheirrecommendationsonlyonthepriceoftheproductignoringotherproduct-addedvalues.thatresultsininappropriatelycompetativemarkets.that maymisleadcustomerssincethecheapestproductisnotalwaysthebesttobuy.comparison shoppingagentshavetobeimprovedinsofarastheyshouldemployintegrativenegotiation techniques,i.e.theytrytoresolveaconictovermultiple,butnotmutuallyexclusivegoals [GM98].Thisdecisionprocessinvolvingmultipleattributescanbedescribedandanalysed usingmulti-attributedecisiontheory VirtualMarketplaceSystems Manyoftheexistingvirtualmarketplacesystemsimplementastagesimilartocomparison shopping.kashbah[cm96]isaweb-basedmulti-agentclassiedadsystemwhereuserscreatebuyingandsellingagentshelpingtotransactgoods.theseagentsautomatecomparison shoppingandnegotiationbetweenbuyersandsellers.auserwantingtobuyorsellagood createsanagentandsendsittoacentralisedmarketplace.anagent'sgoalistocompletean acceptabledealsatisfyingitsowner'spreferences.however,thereareothermoresophisticated marketswhichimplementmoremarketmechanismsandmoreadvancednegotiation. MAGMA[TMGW97]issuchamoresophisticatedvirtualmarketplacesystemwhichcomprises allstagesfromtheproductbrokeringtotheactualpurchase.magma,asarealvirtual marketplace,comprisesbanking,communicationinfrastructure,mechanismsfortransportation andstorageofgoods,facilitiesforadvertising,economicmechanismsandtransactionprotocols. MAGMAalsocontainsacomparisonshoppingstage.Anothervirtualmarketplacesystemof thiskindincludingcomparisonshoppingcalledtete-a-tetewasdevelopedatthemit. In[GMM98]asurveyofexistingvirtualandagent-basedmarketplacesystemsisgiven.The classicationofsuchvirtualmarketplacesismadeaccordingtowhichstagesoftheconsumer BuyingBehaviour(CBB)modelareimplemented.TheCBBmodeldividesapurchaseprocess intodierentphases.intheproductbrokeringstage,acustomerdecideswhathewantstobuy. 5
10 Inthefollowingmerchantbrokeringorcomparisonshoppingstagethecustomerevaluatesthe oersforthisproductofdierentmerchantstondoutwhomtobuyfrom.thisincludesthe evaluationofmerchantalternatives,basedoncustomerprovidedcriteria(e.g.price,warranty, availability,deliverytime,repudiation).afterthemerchantbrokeringstage,thenegotiation phasefollows.theprocessendswithpurchaseanddeliveryofaproduct.inthissurvey,itcan beseenwhichexistingsystemsimplementacomparisonshoppingstageandwhichdonot TheEconomicPerspective KephartandGreenwaldin[KG99,GK99]explorethepotentialimpactofshopbotsonmarket dynamicsbyproposing,analysingandsimulatingamodelofshopboteconomicswhichincorporatessoftwareagentrepresentationsofbuyersandsellers.theystatethatthereductionof economicfrictionduetothedecreasedsearchcostscoulddramaticallyaltermarketbehaviour inthefutureasshopbotsbecomemorefrequentlyused.theirmainobjectiveistounderstand thedynamicsofthefutureinformationeconomyinwhichsoftwareagents,ratherthanhumans, playthekeyroleandtodesignutilitymaximisationalgorithmsforeconomicallymotivated software-agents.inthelatterpaper,theyalsoexaminetheimpactofpricebots,i.e.software agentsthatsetpricesaccordingtosupplyanddemand. In[MU01],theauthorsfocusontheimpactofsoftwareagent-basedshopbotsandpricebots onelectronicmarkets.shopbotsandpricebotschangethecapabilitiesavailabletobuyersand sellersonthemarket.ashopbotisattachedtoasinglebuyerandabletoqueryseveralsellers aboutadesiredproduct.inthissense,shopbotsaresimilartocomparisonshoppingagents. Apricebotisattachedtoasinglesellerandhastheabilitytochangethepriceofaservice dynamicallytomaximizetheseller'sprot.thepaperproposesamodelinwhichdierent situations,e.g.nopriceandnoshopbot,onlyshopbotsorbothofthemareanalysed.one mainresultofthisinvestigationisthatsellersarealwaysbetterocolludingwithshopbotsby xingpricesandpermittingthemtoevaluatethose.asecondresultisthattheuseofpricebots mayresultinaprice-warwhichinthelongrunleadstoprotdecline ComparsonShoppingintheSecurityLiterature Alsointhesecurity-relatedliteraturecomparisonshoppingiswidelyspreadasamotivating example.[yee97]proposesmeanstoprotectthecomputationresultsoffree-roamingmobile agents.thisismotivatedbythefollowingexampleofcomparisonshopping.asoftwareagent issentouttondtheleastexpensivefareforaightfromsandiegotowashingtond.c. takingintoaccountvarioustriptiming,seatpreferenceandroutingconstraints.oneofthe queriedairlines,fly-by-night.com,runsawebserverwww.ybynight.com,wheretheagent's codeisautomaticallyrecognizedandbrainwashed.theagent'smemoryaboutcollectedoers ofotherairlinesismodiedsuchthatitendsuprecommendingaightbyfly-by-nightairlines althoughalessexpensivedaytimeighthasbeenoeredbyanotherairline.thisexampleis alsoquotedbyotherauthors,e.g.[fgs96b],[mea97],[kag98]. In[CMS01],aframeworkforasecuremarketplaceontheInternetisproposed.Acomparison shoppingagent,dispatchedtondthemostconvenientoerforaightticketamongseveral airtravelagencies,isfacingthefollowingsecurityrisks:theshoppingagentcouldtrytoaccess privilegedinformation,reduceresourceavailabilityofthecurrenthostingsiteorperformacoordinateattackwithotheragents.theotherwayround,amalicioushostcoulddiscloseagent's privateinformation,tamperwiththeagent'scodeormodifyordeletepreviouslycollected prices,therebygainingeconomicadvantage. [Hoh97]usesacomparisonshoppingexampleasillustrationofthecodemessupmechanism proposedtoprotectagentsfromdirectmanipulationoftheircode.thecodeofthecomparison shoppingagentisalteredsuchthatthesemanticoftheagentcannotbefoundouteasily. In[Vig98],Vignaproposestheconceptofcryptographictraceswhereexecutiontracesofthe mobileagentsareusedtocheckwhetheragentshavebeenexecutedcorrectly.attheendof hispaperheillustrateshisconceptatacomparisonshoppingscenario.heshowsthatusinghis approachitispossibletondoutthatpreviouslycollectedoerswheremodied. Moredetailsabouttheproposedmechanismscanbefoundinthenextsection. 6
11 Researchonthesecurityofmobileagentsisdividedintotwodierentcategories,rstlythe protectionofhostsfrommaliciousagents,theeasierpart,andsecondlytheprotectionofagents 2.2Relatedwork{SecurityMechanismsforMobileAgents canbeusedforprotectioninbothdirections.inthefollowing,wewillillustratesometechniques whichwemayuselaterinoursystem. frommalicioushostswhichismuchharder.someapproaches,however,havecomponentswhich agents.weorderthetechniquesaccordingtoincreasingstrictness.thenalapproachinthis 2.2.1ProtectionofHostsfromMaliciousAgents Inthissection,wefocusontheprotectionofhostsfrommaliciousoperationsperformedby partconcentratesonresourcecontrolathosts. withhissecretkeyandcertiesthatthisishisobject.thesignaturecanbeveriedwiththe betweentheauthorandhiscode.theauthororthedispatcherofamobileobjectsignsit SignedCodeThemainideaofsigningthecodedigitallyistocreateanunforgeablelink signer'spublickeyassumingapkiexists.ifthereexistsatrustmodelthetrustintheauthor cansobetransferredtothemobileobjectthatworksonhisbehalf.aplatformthattruststhe theopennessofthesystemsinceparticipantshavetoregistertheirkeyswithacentralauthority. authorofthecodeassumesthatthecodeisnotmaliciousandexecutesit.thisapproachis portabletoalmostanysystem,whereapublickeyinfrastructureexists.thishoweverrestricts Adrawbackcouldbethatanauthorcanalsosignmaliciouscodeandharmsomeonethattrusts Itcanbeaddressedbyshiftingtotheinterpretationofsomeintermediarycodeonavirtual him. machine.thesecurityproblemisreducedtothesecuritypolicyimplementedbytheinterpreter. ExamplesforthisapproachareSafe-TclandJava1. SafeInterpreters[Moo98]Runningalreadycompiledexecutablesisaseveresecurityrisk. 1.Safe-Tcl InSafe-Tcl,theagentisexecutedinsideapaddedcell,whichoperatesinadierentname space.thecontrolovertheenvironmentbelongstoamasterinterpreterwhichprevents thecallofunsafefunctions.theproblemisthatithastobedeterminedwhetherafunction isunsafeornot.sofunctionsthatareessentialfortheagentmaynotbeexecuted.in 2.Java1 rightstogettheleastcommonaccess. additiontothat,anaccesscontrollistismaintainedforthesystemresources.thisuses InJava1,theJavaVirtualMachinehasseveralcomponentstoensuresecurity.Thesecuritymanagerapprovestheaccesstounsafeoperations.TheByteCodeVerierchecksthe JavaByteCodeforviolationsinthenamespacerestrictions,forstack-overorunder-ow andforillegaltypecasts.theclassloaderkeepsseparatenamespacesforlocaltrusted classesandfordownloaded,untrustedclasses.aproblemisthatthesecuritymanager cryptographicauthentication,congurablesecuritypoliciesandtheintersectionofaccess FaultIsolation/Sandboxing[Moo98]Sandboxingisanothermechanismtomonitorthe perbrowserwhichdisablestohavedierentrightsforappletsinthesamebrowser. andtheclassloadercanbecheated.additionally,thereisonlyonesecuritymanager onlypermittedinsidethefaultdomain.thisisimplementedbyconditionaladdresschecksor overwritingupperaddressbitssuchthateachaddressfallsintothefaultdomain.sandboxing separatedomainorsandbox,theso-calledfaultdomain.eachload,storeorjumpcommandis hasabetterperformancethaninterpretersandischeaperintermsofcodeoverhead.however, executionofagentsandtorestrictsafetycriticaloperations.theuntrustedcoderunsina mappedintothefault-domain. thedownloadedcodeisnolongerplatform-independent,becausetheaddresseshavetobe 7
12 CodeVerication/ProofCarryingCode(PCC)[Moo98,Nec97]Inthisapproach, theauthorofthecodecompilesaproofthathiscodesatisesasecuritypolicygiveninsome logicalframeworkbythehost.thisproofissentwiththeagent.atthearrivaloftheagent,the hostveriestheprooftoguaranteethatthecodehasindeedthedesiredproperties.however, thequestionremainsinwhichlogicalframeworkthesecuritypropertiesshouldbeformulated tohavethenecessaryexpressiveness.furthermore,thecodeisnolongerplatformindependent andportingisnotstraightforward. Market-basedResourceControl[BKR98]Thisapproachisconcernedwiththerestrictionofresourcesanagentcanallocateatahost.Ifagentsusetoomanyresourcesforatoo longtimetheycanpreventtheserverfrombeingavailabletootherusers.themainideais thatagentshavearestrictedamountofe-cashtopayaresourcemanagerfortheallocationof resources.becauseoftherestrictedamountofe-cash,agentscanonlyallocatealimitednumber ofresourcesatatime.thisenablesagentstousetheserver'sresourcesinanequalproportion. Alsoitpreventsdenialofserviceattackscausedbyasmallnumberofagentsblockingallavailableresources.Additionally,thepriceforresourcescanbesetdynamicallydependingonthe demandforresourcestoreducebottlenecks.however,agentscantrytocheatduringpayment, e.g.acquireresourceswithoutpayingfor.thiscouldbepreventedbyintroducinganarbiter agentwhereadepositisleftthatislostifanagentmisbehaves ProtectionofAgentsagainstMaliciousHosts Protectioninthisdirectionismoredicultsincethehostorplatformcertainlyneedsaccessto theagent'scodeandcontrolstateinordertoexecuteit.therefore,itcanreadandalterthe agent'sdatainplaintext.importantquestionsherearehowsensitivedatacanbekeptsecret andhowthehonestexecutionoftheagentcanbeguaranteed.thefollowingtwoapproaches focusontheprotectionofdatatheagentscollectsorcomputesonhisway,whereasthelastthree techniquesconcentrateonensuringacorrectexecution.theapproachesareorderedaccording totheirstrictness. DetectionObjects[Mea97]Detectionobjectsareawaytodetectintensionalmodications ofthedataanagentcarrieswithitself.therefore,detectionobjects,whicharedummydata itemsnotusedbytheagent,areadded.thesedetectionobjectswillnotbemodiedduring acorrectexecutionoftheagent.butiftheagentcomesbacktoitsownerandthedetection objectsaremodied,itisclearthattheagenthasbeentamperedwith.forinstance,an incrediblelowoerforaproductisaddedasadetectionobjectiftheagentislookingforcheap oersforthisproduct.iftheagentcomestoamaliciousmerchant,whochangesalloersthe agentcollectedbeforetomakehisoerlookthebest,alsothedetectionobjectwillbemodied. However,detectionobjectsareonlyapplicablefordetectionanddonotoerprotectionagainst tampering.theyhavetobechosenapplicationspecicandarenotusableinallscenarios. Anotherprobleminconstructingctionaldataforthedetectionobjectsisthatithastobe plausibleenoughtofoolhosts,butmaynotinuencethenalresults.furthermore,itmight benecessarytomodifythedetectionobjectsfromtimetotimesuchthatitisnotpossiblefor ahosttodiscoverthembycomparingseveralagents. PartialResultAuthenticationCodes(PRAC)[Yee97]Partialresultauthenticationas proposedbyyeein[yee97]isamethodthattriestoprotecttheprivacyandintegrityofan agent'scomputationresults.thisisdonebyauthenticatingtheagent'spartialresultsbefore itissenttoanexthost.theresultsareauthenticatedwithdigitalsignaturescreatedwitha keyfromasequenceofpublickeystheagentcarries.ausedkeyisdestroyedtoavoidthat ahostisabletochangetheresultlater.analternativetoasequenceofkeysistocompute anewpublickeyfromanoldoneusingaone-wayfunction.additionally,[yee97]proposesa mechanismtopubliclyverifythecorrectnessofthepartialresultsontheagent'sjourneyby providingitwithvericationpredicates.however,itisnotmadeexplicithowthesepredicates areconstructed.adrawbackofthisapproachisthatthenumberofhoststhatwillbevisited hastobeknownbeforehandtoprovidethecorrectnumberofkeys.thisproblemisaddressed in[kag98]wheretheideasofyeeareextendedandimproved.in[kag98]thepartialresults 8
13 andtheidentitiesofthehostsarelinkedtogetherbyahashchainwhichpreventsthatresults canlaterbemodiedorexchanged.thismethoddoesnotneedasequenceofkeysanymore, butassumestheexistenceofapki.however,onlythestateaftertheagentexecutioncanbe checkedandveriedwiththeseapproaches.tamperingintheinteractionwiththeagentwhile stillonthehostcannotbedetectedorprevented. CodeMessUpandLimitedLifetime[Hoh97]Toprotectagentsagainstmanipulation ofcode,dataorcontrolowandtoensurethecorrectexecutionofanagent,[hoh97]proposes themethodofcodemessup.theagent'scodeistranslatedintoanunreadableandhardly analysableformat,suchthatittakesthehostanunproportionalamountoftimetondout whatthecodeissupposedtodo.thelifetimeofthecodeisrestrictedbyanexpirytimesuch thatitisimpossibletobeanalysedbeforethecodeexpires.thismechanismdoesnottryto detectmodications,buttriestopreventthem.however,undirectedmodicationsarealways possiblejustbyrandomlyalteringcertainbits.anotherproblemistodetermineareasonable expirytimeforthecode,i.e.thetimeinwhichitispossibletogureoutthemeaningof thecode.additionally,rulesforthecodemessuphavetobexed.codemessupoersno protectionagainstblack-box-tests,sabotageordenialofexecution. CryptographicTraces[Vig98]Sincemobileagentscannotbeentirelyprotectedfromdamagedonetothem,mechanismshavetodevelopedwhichdetectpotentialtampering.Oneof thosemechanismsisexecutiontracingasproposedbyvignain[vig98].theexecutinghost producesanexecutionprotocoloranexecutiontracefortheagent.thetraceconsistsofpairs (n,s)wherenistheidentierofacodestatementandsistheinputfromoutside.ifthereis noinput,sisempty.aftertheexecution,ahashofthistraceandahashoftheagent'sstate iscreated.thesehashsaresignedbythehostandtransmittedwiththeagent.thetraceis storedatthehostincasetheagentownerdoubtsthecorrectexecutionofhisagent.then herequeststhetracefromthehosttocompareitwiththehash.ifnecessary,thetraceis re-executedandsoacheatinghostcanbeidentied.iftheinitialstateofanagentissigned beforeitissenttosomehost,itcanbepreventedthathostslieabouttheinitialstateofa receivedagent.however,thismethodhassomeseriousdrawbacks.itcannotbedetectedifa hostliesaboutinputfromtheoutside.alsotheapplicabilitymightberestrictedbecauseofthe hughoverheadproducedbythestorageoftraces.ageneralproblemofdetectionisthatitis onlypossibleaposteriori.participantshavetobemadeliableafterthedetectionofcheating. EncryptedFunctions[ST98]Encryptedfunctionsaretheonlymechanismthathidesthe semanticsoftheagent.thehostexecutestheagentandcomputessomefunction.butitdoes notknowaboutthesemanticsoftheprogrambecauseboththefunctionanditsresultare encrypted.themechanismworkslikethis:rstlytheagentownerencryptsthefunctionfto E(f)andcreatesaprogramP(E(f)).ThentheagentissenttoahostdispatchedwithP(E(f)). AtthehostP((E(f))(x)executedandE(f)(x)iscomputed.Backhome,theownerdecrypts E(f)(x)andobtainstheresultf(x).Theevaluationofthefunctionf(x)iscompletelysecret anddoesnotrevealanythingaboutitssemantics.sincethehostdoesnotknowaboutthe semanticsofthecomputation,itcannotdirectlymodifyitsresult.thismechanismtriesto preventintensionalattackstothefunctionalityofagents.however,notallfunctionscanbe expressedasencryptedfunctions.[st98]showsthatpolynomialsareexpressibleasencrypted functions.in[acck01],resultsarepresentedthatextendthistologarithmicandpolynomial sizecircuits.butresearchhasnotgonesofaryetthatencryptedfunctionscanbeusedinabroad rangeofapplications.thismethodcannotbeusedifinteractionwiththehostisdependanton thecomputedresultssincethehostwillnotunderstandthose.indirectedattacks,likerandomly alteringcertainbits,arestillpossibleandundetectable ProtectioninBothDirections Theapproachestobepresentedinthissectionprotectagentsandhostslikewise.Therst methodpresentedmakesuseoffault-tolerancetechniques,whilethesecondchecksthestateof theagenttodetectmodicationsandtoprotectthehost. 9
14 Fault-ToleranceApproachesApproachesusedtoensuretheavailablilityofasystemcanbe transferedtotheareaofmobilecodesecurity.forinstance,serverreplication,afault-tolerance method,canbecombinedwithcryptographytoenhancethecondenceincomputedresults. Theserversorhostsinthesytemarereplicated.Anagentvisitssomeofthesereplicated serversandusesvotingandsecretsharingorresplittingtondoutwhatthemostlikelyresult ofacorrectexecutionis.itsimplycomparestheresultsitgotfromallserversanddecidesto accepttheresultthathasbeencomputedinmostcases.however,thisapproachreliesonthe assumptionthatserversfailorcheatindependently.butthisiscontradictedbythefactthat theyareallunderthesamecontrol. Anotherapproachworkswithagentreplication.Agentsarereplicatedandsentalongdierent pathswiththeaimtodetectmalicioushosts.supposingtwoagentsaresentonthesamepath, butinreverseorder.amodicationbyamalicioushostcanbedetectedifonlyonehostscheats bycomparingtheresultsofthosetwoagents.however,[yee97]onlyshowsforaspecialcase thatthisapproachisasolutionofthemalicioushostproblem. AuthenticationandStateAppraisal[FGS96a][FGS96a]proposesatechniquewhich checksagentsarrivingatthehostbeforestartingtheexecutiontoprotecthostsfromexecuting maliciousagentsandtodetectmodicationsofagents.thiscanalsobeusedtopreventagents fromgainingdangerousaccesstothehosts'sdataandresources.atthearrivalofanagentata host,astateappraisalfunctiondeterminesthepermitsthattheagentrequestsfromthehost, i.e.theresourcesitwillneed,aftersuccessfullauthentication.anauthorisationmechanism establisheswhichpermissionswillbegranted.thestateappraisalfunctiondependsonthe agent'scurrentstatewhichallowstocheckthisstateatarrival,e.g.forsomeinvariantconditions.assumingthatahostwouldonlyacceptagentswhosestatessatisfycertainconditions, malicious,modiedorcorruptedagentscanberefusedatthispoint.somisuseofagentscan beprevented.however,notallstatealternations,andnotevenalldangerousmodications, canbedetectedsincedetectiondependsonthecheckedconditions. 3 ComparisonShopping{ACaseStudy Inthissection,wepresentthesecurityanalysisofthecomparisonshoppingscenariowhichis doneinthefollowingway.firstly,theconcretescenariotobeconsideredisclaried.secondly, theactingentitiesareidentiedandtheirinterestsandexpectationsinthesinglephasesofthe scenarioareanalysed.thirdly,itisinvestigatedwhichpossibilitiesandincentivesanattacker wouldhave. 3.1TheScenario Theelectronicmarketplaceorvirtualmallconsideredforcomparisonshoppingconsistsofaset ofmerchantsthatoertheirproducts,asetofmatchmakersthatprovideadirectoryservice aboutthemerchantsattheportalofthemallandasetofcustomersthatarewillingtoshopat themerchantthatmatchestheirpreferencesbest.customerssendtheiragentstoamatchmaker andthentomerchantsinordertocollecttherequiredinformation.afterwards,theydecide wheretobuyfrom.customers,matchmakersandmerchantsareconnectedviaanetworkin whichtheagentsroam. Thecomparisonshoppingproblemconsistsofthefollowingpartsasdescribedin[DEW96]: Adomaindescription,includinginformationaboutproductattributesusefulfordiscriminatingbetweendierentproductsandbetweenvariantsofthesameproduct(e.g.name, manufacturers,price...) Asetofaddressesofpotentialmerchants AnattributeAbywhichtheuserwantstocomparethevendors AspecicationofthedesiredproductintermsofvaluesofselectedattributesDetermine: ThesetofvendorswherethedesiredproductisavailablesortedbythegivenattributeA. 10
15 Supposeweliketondthecheapestpriceforaspecicsoftwareprogramortondacertain bookwiththeshortesttimeofdelivery.thisproblemcanbesolvedwithamobilecustomer agentinthefollowingway: 1.Thecustomerdispatchesanagentwithadescriptionofthedesiredproductandthe 2.Theagentvisitsamatchmakertoobtaininformationaboutmerchantsinthevirtualmall. attributestocomparedierentoers. 3.Thecustomeragentvisitsallmerchantsadvertisedbythematchmakerandenquires Thematchmakerissituatedattheportalofthevirtualmallandsimpliesthesearchfor relevantmerchants. 4.Afterhavingvisitedallrelevantmerchants,theagentreturnstoitsownerandreportshis ndingsrankedaccordingtoitsowner'spreferences. aboutthedesiredproduct.themerchantsubmitsanoer,specifyingprice,delivery costs,deliverytimeetc. Thecomparisonshoppingscenariocanberenedintodierentphasesinordertogetadeeper model(francesconicosia,1966),thehoward-shet-model(1969),theengel-kolat-blackwell thattrytocharacterizetheprocessinwhichaconsumerisbuyingsomethingfromtherst recognitionthathemightneedsomethingtothenalpurchaseorevenbeyond.thenicosia existingconsumerbuyingbehaviourmodelsintheliterature.therearemanydierentmodels understandingforevolvingsecurityrequirements.thisrenementisdonewithrespectto (EKB)modelortheConsumerDecisionProcessModel(CDP)byBlackwell,MinardandEngel (2001)aremodelsofconsumerbuyingbehaviour,tonameonlyafew. sevenfundamentalstages.itstartswiththeneedrecognitionphase,wheretheconsumerrealises thathehasgotsomeneedorproblem.inphase2,searchforinformation,theconsumerstarts TheConsumerDecisionProcessModel(CDP)[Sch01]splitstheconsumerbuyingprocessinto andinvestigatesoptionswheretobuy.inphase4,thepurchasephase,thecustomernalises hischoicewhattobuyandwheretobuy.thephaseissubdividedintotwosubphases,where evaluationofalternativeswherethecustomerknowshowhewantstosatisfyhisunmetneed tolookforinformationhowhecansatisfytheunmetneed.phase3iscalledpre-purchase rstlythechoicefortheproductismadeandsecondlythein-storechoicesarenalised.phase Inphase6,thecustomerevaluatestheexperienceshehashadwiththeproduct.Thelastphase 5iscalledtheconsumptionphase,inwhichthecustomerhasgottheproductinhispossession. isthedisvestmentphase,inwhichthecustomerdecideswhethertodispose,sellorrecyclethe product.overviewoftheconsumerdecisionprocess(cdp)model: 1.NeedRecognition 4.Purchase 2.SearchforInformation 3.Pre-PurchaseEvaluationofAlternatives 5.Consumption (b)in-storechoices(specicsalesperson,paymentmethod) (a)customernaliseschoiceofretailerfromoptionsinvestigated. 7.Disvestment 6.Post-ConsumptionEvaluationBehaviour ThesecondmodelthatwasconsideredinordertoidentifythephasesforthecomparisonshoppingscenarioistheConsumberBuyingBehaviourModel[GM98].TheCBBmodelcomprises sixfundamentalstagesofmanyotherbuyingbehaviourmodels. 11
16 Itsrstphaseistheproblemrecognitionwherethecustomerndsoutthathemightneed lookingaroundshopsandtriestodecidewheretobuy.thefourthstagecomprisestheactual informationsearchorproductbrokeringstage.afterthat,heevaluatesthesealternativesby buyingdecision.purchase,includingpayment,andpost-purchaseevaluationarethelastphases something.thenhestartstoinvestigatewhichalternativesmightsatisfyhisneedinthe inthemodel. OverviewoftheConsumerBuyingBehviour(CBB)model: 1.ProblemRecognition 2.InformationSearch 3.EvaluationofAlternatives 6.Post-PurchaseEvaluation 4.PurchaseDecision 5.Purchase Basedonthemodelsofconsumerbehaviour,thecomparisonshoppingscenariocanbedivided intofourdierentphases: Phase1-InformationSearch/ProductBrokering oerandwhathemightliketobuy.hisinterestistogettoknowwhatapossibleprice rangeforaproductmightbelike.heevaluatestheattributesforhispreferenceswithout Phase1coverscomparisonshoppingwithoutthecustomer'sintentiontobuyanything. Thecustomerjustwalksaroundthemallandtriestondoutwhatproductsareon Phase2-The'real'ComparisonShopping Thisphaseistheactualcomparisonshoppingstage.Theconsumercompareswhathe anyprovablytrueinformation. wantingtobuysomething.hedoesnotwanttoenteranyliabilitiesanddoesnotneed decidingwhattobuy.hemonitorsthedierentattributesoftheproductandthefeatures knowsaboutthedierentproductsandbrandswithwhatheconsidersimportantbefore ofthestorevisited.formanycustomers,itisessentialtothebuyingdecisiontotrustina hehas.inthisphase,itisdenitelythecustomersintensiontobuysomething,buthehas merchant.aprerequisteforthisstageisthattheconsumerknowstheneedortheproblem yetnotdecidedwheretobuy.therefore,hisrequirementsforsecurity,hereparticularly andhispreferences.theagentcontactsthematchmakerattheportalofthemalltond describedabove.inboth,thecustomerdispatcheshisagentwithaproductdescription regardingthetrustworthinessofthemerchant,arehigherthanintheprecedingphase. outaboutappropriatemerchants.itvisitstheadvertisedmerchantsandevaluatesthe valuesforattributesofthedesiredproduct.theproductsarerankedaccordingtoagiven Thephases1and2correspondtophase3intheconsumerbuyingbehaviourmodels Phase3-Commitment/PurchaseDecision attribute,e.g.theprice.finally,theagentreturnstoitsownerandreportsitsndings. Inphase3,thecustomernaliseshisdecision.Thechoiceamongthepossiblealternatives isbasedonthe4ps,namelyproduct,price,placeandpromotion[tmp+97].the essentialthathisidentityisknownundeniablyandveriablyalthoughthecontentofthe consumerconrmswiththemerchantwhathewantstobuyandforwhichconditions. contractcanbekeptsecret.ingeneral,therearetwowaysofhowthedecisiontobuy remainsnolongerremainanonymoussincehehastoenterliabilities.therefore,itis Thenheorderstheproductbymakingalegallyliablecontract.Afterthat,theconditions ofpurchasearexedandcannotbechangedwithoutmutualagreement.thecustomer somethingsomewherecanbemade.eithertheagenthimselfmakesthedecisionbased 12
17 onhisndingsinphase2ortheagentmakesthedecisionininteractionwithitsowner. Inourapproach,thesecondpossibilityisadopted.Thispurchaseorcommitmentphase correspondstophase4inthecdpandcbbmodel. Phase4-PurchaseandPayment Thefourthandlastphaseconsideredisthepaymentphase.Notethatthephysical deliveryisnotmodelledsincethiswouldinvolvethreatsthatarenotcomputerspecic andcausedbytransportcompaniesandalike.thisphaseissimilartopartsofphase 5inbothmodels.Accordingtothecontractmadeinphase3,thecustomerpaysthe desiredproductinthisstage.ingeneral,therearedierentwaysavailabletopayin ecommercewhichhavealltheirstrengthsandweaknesses.possibilitiesarepaymentby bill,bankdraftorcreditcard,tomentionthemoreconventionalways.otherpossibilities arepaybox[pay]orotherformsofecash. 3.2SecurityAnalysis Inthefollowing,thecomparisonshoppingscenarioisanalysedfocussingontheinterestsand expectationsofitsparticipantsregardingsecurity.thepotentialactionsofanattackerthreateningthesystemareconsidered.inadditiontothephases,dierentinstancesofacomparison shoppingscenarioareinvestigatedusingtheexampleofhighpriceandlowpricegoods. Theparticipantsinthescenarioarecustomers,merchantssituatedinsidethevirtualmalland matchmakersattheportalofthemall.matchmakersprovidecustomerswithinformation aboutthemerchantsinsidethemall.furthermore,thenetworkownerisconsideredinorder toanalysethesecurityrequirementswithrespecttothenetwork.inthisanalysis,itisomitted thatagentsareabletocontactothercustomeragentsinsidethemalltoobtaininformation aboutmerchants.thatwouldintroducenewsecurityaspects,forinstance,whetheranagent cantrustsuchinformationornot RolesandtheirInterests InterestsofCustomers Inarstinformationsearchphase,thecustomerwantstondoutwhatamerchanthas onoerforwhichprice.heexpectstobeinformedaboutallinterestingproductsandthe attachedconditions.hedoesnotwanttoenteranyliabilitiesjustbylookingaroundand doesnotwanttobeforcedorrequiredtobuyanything.itishismainobjectivetogetthe desiredproductforthebestpossibleconditions.inthesecondstage,wherethecustomer actuallyintendstobuysomething,hewantstogetexhaustiveinformationaboutproducts andtheirattributesmatchinghispreferences.herequiresthisinformationtobecorrect whichhewantstobasehiscommitmenton. Whenthecustomerwantstocommithimself,hewantstomakealegallybindingcontract withthemerchantthatalsoholdsaslegalevidenceincaseoflitigation.theproducthas tobeavailableandhastobedeliveredfortheconditionsthecustomerwastold.the contentofthecontractcanbekeptcondentialifbothpartiesagreeonthat.thecustomer doesnotwanttobedeceivedbythemerchant.hewantstobesurethatthemerchanthe iscontactingisexactlytheonehethinksheisnegotiatingwith.hewantstoprovidehis personaldataonlyforagreedpurposesandwantstopreventthatthemerchantmisuses hisdataforunintendedpurposessuchasprolingoradvertisment.whenitcomesto paying,thecustomerwantstouseasecure,butconvenientmethodofpayment.hedoes notwanttobedeceivedbythemerchantbybillingmorethanitwasactuallyagreedon. Additionally,hewantshispaymentinformationtobeprotectedagainstmisuse,e.g.the merchantshouldnotforwardhiscreditcardnumbertoanyothermerchant.hewantsthe merchanttobehavetrustworthily,forinstancenottosellproductshecannotsupplyorto delivertheproductafterpayment.furthermore,acustomerexpectsthatthemerchant stickstotheconditionsxedinthecontract. Regardingthematchmakerthecustomerwantstogetallrelevantinformationabout appropriatemerchants.thelistprovidedbythematchmakershouldbeexhaustiveand 13
18 containnoirrelevantinformation.withrespecttoothercustomers,heexpectsthemto behaveinacompetative,butfairmanner. Thecustomerwantsthemerchantandthematchmakertobeavailableandprovidea serviceofsucientqualityandalsothattheybehavereliablyandtrustworthily.itis importantforhimthathisdata(likepartialresults)andhiscodearenotmanipulatedby someexternalattackerorplatform.furthermore,hewantstostayanonymousandmaintainhisprivacy.thecustomerexpectsthathisagentisexecutedasitwasprogrammed andthatitcanmigrateasintended. InterestsofMerchants Itisthemaininterestofthemerchantthatcustomersbuyathisstoreinordertomakethe bestpossibleprot.amerchantwantstoattractacustomer'sattentionforinstanceby oeringgoodproductsandprices,grantingattractiveconditionsofpurchaseandhaving agoodreputation.furthermore,themerchantwantshisstoretobeavailablesuchthat customerscanvisitit.additionally,theintegrityofhisdataandworkingprinciplesshould beguaranteed.possibly,themerchantwantstoissuesomecondentialoerswhichshould indeedbekeptprivatebythecustomer.phase1and2donotmakeanydierencefor themerchantsincehecannotdistinguishwhetheracustomerintendstobuysomething ornot. Whenacustomercommitshimself,themerchantwantstomakealegallybindingcontract withhim.thecontractshouldholdasevidenceincourtinordertopreventthatthe customerrefusestopayforadeliveredproduct,forinstance.themerchantwantsthe customertoprovidehimwithcorrectinformationabouthispersontomakeacorrect contract.thiscontractcanbekeptsecretbybothparties.additionally,hewantsthe customertoauthenticatehimselfsuchthathecanbesurewhomheiscommunicating with. Atthepaymentstage,themerchant'smaininterestistogettheagreedamountofmoney fromthecustomerasxedinthecontractinaconvenientmanner.themerchantexpects thecustomertobereliableandtrustworthyinthathegivescorrectinformation,sticks tothecontractandfullshisobligations.thisincludesthepaymentoftheproduct. Regardinghisfellowmerchants,amerchantexpectsthemtobehavecompetatively,but fairly.theyshouldnotperformanyillegalactions.thematchmaker,inthemerchant's view,shouldinformthecustomersabouthimselfandhisproducts,beavailableandtrustworthy. InterestsofMatchmakersandNetworkOwner Thenetworkownerwantshisnetworktobereliableandsecureinallphasesinorder toattractusersandtomaintaintheinfrastructure.furthermore,hewantstokeepout criminalactionslikesabotageormanipulation.theusersofthenetworkexpectittobe reliableandsecure.theywanttheircommunicationoverthenetworktobecondential, i.e.thatcommunicationcannotbedisclosed,monitoredormanipulated. Thematchmakerismoreameantoanendandnotanendinhimself.Therefore,heisnot assumedtohaveanyinterestsonhisown.hesimplyoersaservicetoallenititiesthat contacthim.however,hisclientsexpecthimtoprovideasucientqualityofservice,i.e. thatheprovidesexhaustiveandrelevantinformation,isavailableandnon-manipulated. InterestsofanAttacker Inthisscenario,anattackeraneithercomeasamaliciousmerchant,matchmakeror customer,asamaliciousplatformorassomeoneunknownfromtheoutside.theattacker's interestistoperformlegalaswellasillegalactionstomaximizehisutility.anattacker canuselegalworkingprinciplesofthesystemforunintendedpurposes,suchasdenialof serviceattacksbymakingtoomanyrequests.amajorinterestofanattackeristoremain undiscovered. Oneobjectiveoftheattackercanbetogainusefulinformationforhimself.Hecantry tocompromisecustomerprivacyandanonymitytondoutwhatproductsthecustomer 14
19 looksfor.hecanachieveinformationgainbypretendingtobeaplatform,merchant ormatchmakerwhichtheagenttrustsin.furthermore,hecantrytodisclosesecret oersandcontracts.anotherwaytoobtaininformationisbydisclosingthenetwork communication. Anattackercansabotageplatformsandrestricttheiravailabilityinordertohavemore customersvisitinghissiteandtopretendtobeabetterchoiceforcustomers.manipulationofdataorworkingprinciples,sabotageordenialofserviceattackscanrestrictthe availability,reliabilityandqualityofserviceofmerchants,matchmakersandplatforms. Sothecompetitionofthemarketcanbeinuenced. Amaliciousmerchantcanprovidethewrongconditionsofpurchase.Hecanmisusethe informationhegotfromthecustomerforunwantedpurposessuchasproling,reselling oradvertising.hecancashmorethanhewasactuallyentitledto,orhecanrefuseto delivertheproductafterpayment.amaliciousmatchmakercandistributeincomplete, irrelevantorincorrectinformationaboutmerchantsfavouringparticularmerchants.a maliciouscustomercanprovidefalsepersonalinformationorrefusetopayareceived product.amalicioushostscanrefusetoexecuteacustomeragentasitwasprogrammed. Also,hecanrefusetosendanagentwhereitwantstogoto. Intherstandsecondphase,anattackercanmanipulatethecustomer'salreadycollected oers.thereasonforthatcanbethattheattackerwantshavethebestoerhimselfor thathecollaborateswithothermerchantswhichhewantstolookbest.inthepayment stage,theincentiveforattacksisevengreaterbecauserealmoneycanbegained.so paymentinformation,e.g.thecreditcardnumberofacustomer,canbeobtainedtoget moneyofthecustomer'saccountortoresellit DierentInstancesoftheScenario Theanalysisofdierentinstancesofcomparisonshoppinggivesanimpressionhowsecurity requirementsevolve.oneexamplefordierentinstancesisthepurchaseofhighpricegoodsin contrasttolowpricegoods.highpricegoodsare,forinstance,cars,housesorsomethingwhich isnotusuallyboughteverydayoreverymonth.lowpricegoods,however,arethingsthatare boughtmoreoften,likecds,booksoralike.itseemsnaturalthattheinterestsofcustomers andmerchantsdierinthesecasessincetherisksincreasewiththehigherpriceoftheproduct. Consequently,therearedierencesinthesecurityrequirementspeoplehavebothinstances. Withlowpricegoods,itseemstobelessseriousforthecustomerifsomethinggoeswrong becausethenancialdamageissmaller.inthehighpricecase,fraud,deceptionandother attacksaremoreseveresincetheamountofmoneyinvolvedishigher.additionally,fraud anddeceptionseemmorelikelysincetheexpectedgainishigher,ifthemanipulationremains undetected.becauseofthehigherriskswithhighpricegoods,peoplerequiregreaterreliability andtrustworthinessofthesystem. Lookingatthephases,wehaveidentiedpreviously,dierencesbetweenthehighandthelow pricecasecanbeobserved.inphase2,thecomparisonshoppingphasewiththeintention tobuy,thecustomerwantingtobuyingsomethingmoreexpensivedenitelyrequirescorrect informationabouttheproduct,becausefalseinformationcanleadtoseriousnancialharm. Insomecases,itisnoteasytodeterminetheactualvalueofaproduct.Incaseofacarora house,atrustedthirdpartyoracensorisneededtoestimatetheactualvalueoftheobject. Forphase3,thecontract,thatiseventuallymade,hastobeindeedlegallybinding,sincein caseoflitigationthiscontracthastobevalidevidenceincourt.alsothepaymentmethodused inphase3mustbemoresecureforhighpricegoodsbecauseofthehighernancialrisks. Tosumup,thedierencebetweenhighandlowpricegoodsisthatthesecurityrequirements forhighpricegoodsarehigher.whereasthetechnicalthreatsremainmoreorlessthesame, theapplication-orientedthreats,i.e.theopportunitiesforfraud,increase.inordertocounter fraud,thetrustacustomerhasinaretailerbeforecommitmentshouldbehigher. 15
20 3.3OverallSecurityThreatsandSecurityObjectives Inthepreviousanalysis,weillustratedoccurringsecurityproblemsandtherequirementsof userstoasecuresystem.fromthat,wesetupanoverallviewofthethreatstothemobile multiagentsysteminthevirtualmarketplace.wewillidentifysecurityobjectivestocounter thosethreatsandtosatisfythesecurityrequirementsofthesystemusers.thethreatswillbe groupedintodierentthreatscenarios. ThreatScenario1{DataSecurity Therstthreatscenariocomprisesallthreatsthatareconcernedwiththemisuseofdata,or moreprecisely,theunauthoriseddisclosure,copyingormodicationofdata.alldatathat occurinthisscenariocanbeusedinanunintendedmanneriftheyareunprotected.thedata ofanagentcomprisesitscodeandthedataitcarries,likecollectedoers,identityinformation, contractsmadewithmerchants,orpaymentinformation.thisdatacanbecopied,disclosedor modied.aninterestinginstanceisthecaseinwhichanagenthascollectedseveraloersfrom othermerchantsandvisitsanothermerchant.thismerchantcanmodifyallotherpreviously collectedoerssuchthathisoerseemstobethebest.anothercriticalpointwithrespectto condentialdataistheleakofdatawithoutpermissionoftheowner.inadditiontothat,the inter-agentcommunicationcanbedisclosedandmodiedbyamaliciousplatform.malicious agentsandotherattackerscantrytodisclose,copyormodifythedatathatisstoredatthe platformandalsotheplatform'scodeandworkingprinciples.forinstance,atrojanhorsecan beinsertedintotheplatform'scodesuchthatsomeoneelsegainscontrolovertheplatform. T1UnauthorisedDisclosure,CopyingandModicationofDataor CodeT1.1Disclosureofidentity T1.2Disclosureofsecretoers T1.3Disclosureormanipulationofcontracts T1.4Modicationofalreadycollectedoers T1.5Disclosureandmodicationofpaymentinformation T1.6Modicationofagent'scode T1.7Modicationofagent'sdata T1.8Modicationofhost'scode T1.9Modicationofhost'sdata T1.10Disclosureofsubmittedmessagesbetweenagents T.1.11Modicationofinter-agentcommunication T1.12Unauthorisedpassingonofcondentialinformation SecurityObjective1{ProtectionofData Resultingsecurityobjectivesarethattheagentsandplatformscanprotecttheirandtheirdata andcodefromunauthorisedcopying,disclosureandmodication.itshouldbepossibletodetect andtopreventthatcondentialinformationispassedwithoutpermission.additionally,the customersshouldbeabletostayanonymousaslongaspossiblebeforeeventualcommitment. SO1NoUnauthorisedDisclosure,CopyingorModicationofData SO1.1Onlyauthorisedaccesstoagent'sdataandcode SO1.2Onlyauthorisedaccesstohost'sdataandcode SO1.3Nounwanteddisclosureofidentity SO1.4Onlyauthorisedaccesstospecialoers SO1.5Onlyauthorisedaccesstocontractinformation SO1.6Onlyauthorisedaccesstopaymentinformation,nounauthorisedmodi- cationofpaymentinformation SO1.7Condentialandintegerinter-agentcommunication SO1.8Detectionandpreventionoftheunauthorisedpassingonofcondential information ThreatScenario2{InterceptionofNetworkCommunication Thisthreatscenariodealswiththesecurityofthenetworkcommunication.Here,thenetwork thatconnectstheplatformswitheachotherisconsidered.somemaliciousattackerfromthe 16
Inheritance and Complementation: A Case Study of Easy Adjectives and Related Nouns
Deutsches Forschungszentrum für Künstliche Intelligenz GmbH Research Report RR-91-30 Inheritance and Complementation: A Case Study of Easy Adjectives and Related Nouns Dan Flickinger and John Nerbonne
More informationDeutsches Forschungszentrum. Intelligenz GmbH. The EMS Model. Jürgen Lind. January 1999. Deutsches Forschungszentrum für Künstliche Intelligenz GmbH
Deutsches Forschungszentrum für Künstliche Intelligenz GmbH Research Report TM-98-09 The EMS Model Jürgen Lind January 1999 Deutsches Forschungszentrum für Künstliche Intelligenz GmbH Postfach 20 80 67608
More informationThe MultiHttpServer A Parallel Pull Engine
Deutsches Forschungszentrum für Künstliche Intelligenz GmbH Technical Memo TM-99-04 The MultiHttpServer A Parallel Pull Engine Christoph Endres email: Christoph.Endres@dfki.de April 1999 Deutsches Forschungszentrum
More informationThe MultiHttpServer A Parallel Pull Engine
Deutsches Forschungszentrum für Künstliche Intelligenz GmbH Technical Memo TM-99-04 The MultiHttpServer A Parallel Pull Engine Christoph Endres email: Christoph.Endres@dfki.de April 1999 Deutsches Forschungszentrum
More informationBottleneck Analysis as a Heuristic for Self-Adaption in Multi-Agent Societies
Deutsches Forschungszentrum für Künstliche Intelligenz GmbH Technical Memo TM-98-01 Bottleneck Analysis as a Heuristic for Self-Adaption in Multi-Agent Societies Christian Gerber January 1998 Deutsches
More informationSustainable Technology Transfer: The German Way
Transfer of Technology Stream Dublin, Wednesday 8th May Sustainable Technology Transfer: The German Way Prof. Dr. Wolfgang Wahlster CEO and Scientific Director of the German Research Center for AI, DFKI
More informationHow To Develop A Transport System For A Train System
Deutsches Forschungszentrum für Künstliche Intelligenz GmbH Technical Memo TM-99-02 An Intercompany Dispatch Support System for Intermodal Transport Chains Hans-Jürgen Bürckert, Petra Funk, Gero Vierke
More informationIST World. European RTD Information and Service Portal FP6-2004-IST-3 015823. Brigitte Jörg, Language Technology Lab, DFKI GmbH
IST World European RTD Information and Service Portal FP6-2004-IST-3 015823 About the Project [European RTD Information and Service Portal] Duration: 30 Months (April 2005 September 2007) Project Type:
More informationWWW: http://www.dfki.de
'HXWVFKHV )RUVFKXQJV]HQWUXP I U. QVWOLFKH,QWHOOLJHQ]*PE+ 5HVHDUFK 5HSRUW RR-99-02 6,)7KH6RFLDO,QWHUDFWLRQ)UDPHZRUN 6\VWHP'HVFULSWLRQDQG8VHU V*XLGHWRD0XOWL$JHQW 6\VWHP7HVWEHG 0LFKDHO6FKLOOR- UJHQ/LQG3HWUD)XQN
More informationPresentation of Arab International University History Present Future
Presentation of Arab International University History Present Future Dipl. Hdl. Thomas Rieke Director International Relations Office Content: 1. History 2. Mission and vision 3. Geographical Location 4.
More informationFACULTY OF COMPUTER SCIENCE & INFORMATION SYSTEM
FACULTY OF COMPUTER SCIENCE & INFORMATION SYSTEM The Faculty of Computer Science and Information System (FSKSM) was formally established in 1991. Now, the faculty has entered a new, exciting, and challenging
More informationPresentation of Arab International University History Present Future
Presentation of Arab International University History Present Future Dipl. Hdl. Thomas Rieke Director International Relations Office Content: 1. History 2. Mission and vision 3. Geographical Location 4.
More informationCurriculum Vitae. Personal Data. Professional Experience
Curriculum Vitae Personal Data Name: Dr. Klaus Fischer Address: Lüderitzstraße 1, D-66123 Saarbrücken Phone: +49-681-85775-3917 (office) +49-160-97225454 (mobile) Fax: +49-681-85775-2235 e-mail: Klaus.Fischer@dfki.de
More informationIntelligent documentation as a catalyst for developing cooperative knowledge-based systems
Deutsches Forschungszentrum für Künstliche Intelligenz GmbH Research Report RR-92-26 Intelligent documentation as a catalyst for developing cooperative knowledge-based systems Franz Schmalhofer, Thomas
More informationInstruction to Support Post Doctorate Projects
Instruction to Support Post Doctorate Projects Development of science and technology in a country requires investment in research and its infrastructures, in particular humanistic infrastructures of research.
More informationDFKI Finite-State Machine Toolkit
Deutsches Forschungszentrum fur Kunstliche Intelligenz GmbH Research Report RR-02-04 DFKI Finite-State Machine Toolkit Jakub Piskorski July 2002 Deutsches Forschungszentrum for KOnstliche Intelligenz GmbH
More informationAre you interested in working in ministry for the Catholic Church in our local community?
Are you interested in working in ministry for the Catholic Church in our local community? Catholic Get hands-on experience and work part-time while you study! Catholic Do you have a calling to work in
More informationELRC Workshop Report for Germany
(ELRC) is a service contract operating under the EU s Connecting Europe Facility SMART 2014/1074 programme. Deliverable Task 6 ELRC Workshop Report for Germany Author(s): Christian Dugast (DFKI) Dissemination
More informationResearch Report RR-03-01
Deutsches Forschungszentrum für Künstliche Intelligenz GmbH Research Report RR-03-01 SDL A System Description Language Hans-Ulrich Krieger March 2003 Deutsches Forschungszentrum für Künstliche Intelligenz
More informationSoftware Engineering in Kaiserslautern,, Germany
Software Engineering in Kaiserslautern,, Germany Dieter Rombach Software Engineering Chair Computer Science Department Technical University of Kaiserslautern Kaiserslautern, Germany wwwagse.informatik.uni-kl.de
More informationAT A GLANCE UNIVERSITY OF STUTTGART AN EXCELLENT CHOICE!
CONNECTING BRAINS AT A GLANCE An interdisciplinary profile with key competences in the fields of engineering, natural sciences, humanities, economics, and social sciences Among the top institutions in
More informationGraduate Student Orientation
Graduate Student Orientation Graduate Student Orientation Department of Computer Science The Volgenau School of Engineering Fall 2014 http://cs.gmu.edu Outline CS Department Overview Rules pertaining to
More informationMSc in Production & Operations Management (POM) at the HECTOR School Karlsruhe Institute of Technology Karlsruhe
DAAD Deutscher Akademischer Austauschdienst German Academic Exchange Service Home [//www.daad.de/en/index.html] / Information on Study and Research in Germany [//www.daad.de/deutschland/en/] / International
More informationBusiness Analytics: A Knowledge Community and Repository Infrastructure for R Models. Master Teamproject Prof. Dr. Alexander Mädche, Martin Kretzer
Business Analytics: A Knowledge Community and Repository Infrastructure for R Models Master Teamproject Prof. Dr. Alexander Mädche, Martin Kretzer Agenda 1. The Challenge 2. The Master Teamproject 3. Benefits
More informationCopyright 1980 by the Association for Supervision and Curriculum Development. All rights reserved.
More information
International Media Studies. Master s degree
International Media Studies Master s degree International Media Studies Identifying global trends, fostering international networks, applying cross-media journalistic skills these are challenges facing
More informationTraining Course. Market-driven Innovation Management (MIM)
Training Course Market-driven Innovation Management (MIM) The Market-driven Innovation Innovations are important factors for strengthening the competitiveness of any enterprise. Product and service innovations
More informationExperiences from Verbmobil. Norbert Reithinger DFKI GmbH Stuhlsatzenhausweg 3 D-66123 Saarbrücken bert@dfki.de
Experiences from Verbmobil Norbert Reithinger DFKI GmbH Stuhlsatzenhausweg 3 D-66123 Saarbrücken bert@dfki.de Content Overview of Verbmobil project Scientific challenges and experiences Software technology
More informationCurriculum Vitae. Prof. Dr.-Ing. Jürgen Wiese
1 Curriculum Vitae Prof. Dr.-Ing. Jürgen Wiese University of Applied Sciences Magdeburg-Stendal Department of Water, Environment, Construction and Safety Professor for Urban Water Management Wastewater
More informationBOARD OF TRUSTEES OF COMMUNITY-TECHNICAL COLLEGES AFT BARGAINING UNIT APPLICATION FOR PROMOTION TEACHING FACULTY Academic Year 2012-2013
BOARD OF TRUSTEES OF COMMUNITY-TECHNICAL COLLEGES AFT BARGAINING UNIT APPLICATION FOR PROMOTION TEACHING FACULTY Academic Year 2012-2013 This application must be submitted to the President no later than
More informationGraduate Student Orientation
Graduate Student Orientation Prof. Sanjeev Setia Chair, Department of Computer Science The Volgenau School of IT & Engineering Fall 2011 http://cs.gmu.edu Outline CS Department Overview Rules pertaining
More informationInformation Technology
Monash is the only research-intensive, Group of Eight university to have a dedicated IT faculty. What makes at Monash University special? Quality instruction and varied choice: At Monash, students learn
More informationWelcome to the. Business School of. the University of Mannheim!
Welcome to the Business School of the University of Mannheim! The University of Mannheim Reasons for choosing us in a nutshell Best Business School in Germany Triple accreditation (AACSB, EQUIS and AMBA)
More informationBeiersdorf PhD program Germany
Beiersdorf PhD program Germany Contents Dissertations at Beiersdorf 3 Registration for the PhD program 4 Activities to gain credits 5 Contact information 7 Appendix 8 Dissertations at Beiersdorf Beiersdorf
More informationMaster Business Intelligence and Process Management
Hochschule für Wirtschaft und Recht Berlin Berlin School of Economics and Law Department of Business and Economics Master Business Intelligence and Process Management Business Intelligence and Process
More informationSmart Data Innovation Lab (SDIL)
Smart Data Innovation Lab (SDIL) Accelerating Data driven Innovation NESSI Summit May 27, 2014 Prof. Dr.-Ing. Michael Beigl Department of Informatics KIT University of the State of Baden-Wuerttemberg and
More informationWU Executive Academy Vienna University of Economics and Business
WU Executive Academy Vienna University of Economics and Business Welthandelsplatz 1 1020 Vienna, Austria Tel: +43 (1) 313 36 4816 executiveacademy@wu.ac.at www.executiveacademy.at Campus WU Your future
More informationInnovative Technologies for Enterprise Systems in the Energy Sector: Smart Online Electricity Invoices
Innovative Technologies for Enterprise Systems in the Energy Sector: Smart Online Electricity Invoices Master Team Project Prof. Dr. Alexander Mädche, Carl Heckmann Agenda 1. The Challenge 2. Technical
More informationSERVICE DESIGN THINKING WORKSHOP
SERVICE DESIGN THINKING WORKSHOP Innovate customer experiences through Service Design 4-Day International Executive Program November 23-26, Monday-Thursday Madrid, Spain SERVICE DESIGN THINKING WORKSHOP
More informationMaster s (2 nd cycle) degree Course in SCIENCE FOR THE CONSERVATION-RESTORATION OF CULTURAL HERITAGE (SCoRe)
Master s (2 nd cycle) degree Course in SCIENCE FOR THE CONSERVATION-RESTORATION OF CULTURAL HERITAGE (SCoRe) Introduction The conservation and preservation of cultural heritage is an interdisciplinary
More information> PoSTGRADUATe certificate IN management
> PoSTGRADUATe certificate IN management EMERGENT BUSINESS TECHNOLOGIES JoINT executive PRoGRAmme Germany New Zealand 01 > Welcome We are pleased to be working with the University of Waikato Management
More informationMannheim & Tongji Executive MBA
Mannheim & Tongji Executive MBA Program Information 2 Content Welcome... 3 Program: High-level Education for Business Leaders in China and Germany... 5 Partners: A Reputation for World-Class Business Education...
More informationIntelligent Retrieval for Component Reuse in System-On-Chip Design
Intelligent Retrieval for Component Reuse in System-On-Chip Design Andrea Freßmann, Rainer Maximini, Martin Schaaf University of Hildesheim, Data- and Knowledge Management Group PO Box 101363, 31113 Hildesheim,
More informationMannheim & Tongji Executive MBA
Mannheim & Tongji Executive MBA Program Information 2 Content Welcome... 3 Program: High-level Education for Business Leaders in China and Germany.... 5 Partners: A Reputation for World-Class Business
More informationVisualization of Large and Unstructured Data Sets
Hans Hagen, Andreas Kerren, Peter Dannenmann (Eds.) Visualization of Large and Unstructured Data Sets First workshop of the DFG s International Research Training Group Visualization of Large and Unstructured
More informationSPEEECH expanding audiences April 2015
About SPEEECH In the face of continuous globalization, businesses need to adapt the way they communicate with a multilingual market - an ever more complex challenge. Their message needs to be produced,
More informationCORPORATE FINANCE. Connect financial activities to strategic goals. 3-Day International Executive Program April 18-20, 2016 Madrid, Spain
Connect financial activities to strategic goals 3-Day International Executive Program April 18-20, 2016 Madrid, Spain Connect financial activities to strategic goals Location: IE Business School Campus
More informationMaster of Artificial Intelligence
Faculty of Engineering Faculty of Science Master of Artificial Intelligence Options: Engineering and Computer Science (ECS) Speech and Language Technology (SLT) Cognitive Science (CS) K.U.Leuven Masters.
More informationThe RoboCup Soccer Simulator
Short presentation At the University of the Basque Country - Computer Science Faculty - TAIA (German Rigau) 1 Richard Hertel: KIT University of the State of Baden-Württemberg and National Large-scale Research
More informationVisualization of Large and Unstructured Data Sets Applications in Geospatial Planning, Modeling and Engineering
Visualization of Large and Unstructured Data Sets Applications in Geospatial Planning, Modeling and Engineering IRTG 1131 Workshop, March 19 21, 2010, Bodega Bay, U.S. Edited by Ariane Middel Inga Scheler
More informationExaminiation regulations for the Master Course of Study Visual Computing As of January 26 th, 2006
Examiniation regulations for the Master Course of Study Visual Computing As of January 26 th, 2006 Based on 59 of Act No. 1556 on Saarland University (University Act UG) from June 23 rd, 2004 (Official
More informationINTEREST BENEFITS FROM THE DEBT CRISIS TO THE GERMAN BUDGET UPDATED CALCULATIONS
INTEREST BENEFITS FROM THE DEBT CRISIS TO THE GERMAN BUDGET UPDATED CALCULATIONS IWH Online 8/2015 In der Reihe IWH Online erscheinen aktuelle Manuskripte der IWH-Wissenschaftlerinnen und -Wissenschaftler
More informationReutlingen University
Reutlingen University New Perspectives for Master Study Programmes in Europe Implementing the second cycle of Bologna A European success story? Workshop 3: What facilitates International Master Mobility?
More informationOrganizational Social Network Analysis Case Study in a Research Facility
Organizational Social Network Analysis Case Study in a Research Facility Wolfgang Schlauch 1, Darko Obradovic 2, and Andreas Dengel 1,2 1 University of Kaiserslautern, Germany 2 German Research Center
More informationFaculty of Engineering School of Electronic and Electrical Engineering. University Academic Fellow Smart Energy Systems
Faculty of Engineering School of Electronic and Electrical Engineering University Academic Fellow Smart Energy Systems With a vision and drive to develop a prestigious internationally competitive research
More informationMaster of Science in Artificial Intelligence
Master of Science in Artificial Intelligence Options: Engineering and Computer Science (ECS) Speech and Language Technology (SLT) Big Data Analytics (BDA) Faculty of Engineering Science Faculty of Science
More informationPOLITECNICO DI MILANO SCHOOL OF MANAGEMENT
POLITECNICO DI MILANO SCHOOL OF MANAGEMENT Doctoral Programme in Management, Economics and Industrial Engineering Doctoral Programme in Management, Economics and Industrial Engineering KEY FACTS Format:
More informationEXECUTIVE EDUCATION PROGRAMS 2015-2016
EXECUTIVE EDUCATION PROGRAMS 2015-2016 www.execed.ie.edu Today s challenges, tomorrow s opportunities INDEX IE Business School 03 Recognition 04 Designed for Driven Professionals & Business Leaders 05
More informationBachelor in Computer Engineering. Brightest. The Best and. World-class education ΑΙΤ makes it possible
Bachelor in Computer Engineering The Best and Brightest World-class education ΑΙΤ makes it possible Bachelor in Computer Engineering www.ait.gr/bsc Start thinking about A high quality education AIT is
More informationTurning data into business. Exploiting big data requires fundamental rethinking of how we do business.
rotterdam school of management erasmus university executive education Prof. Eric van Heck Exploiting big data requires fundamental rethinking of how we do business. business was usual LEADERSHIP CHALLENGES
More informationResearch at Henley Business School
The DBA at Henley We attract experienced and motivated individuals to undertake significant research that shapes organisational thinking and provides an increasingly complex business environment. We are
More informationD1.3 Industry Advisory Board
Project acronym: Project full name: EDSA European Data Science Academy Grant agreement no: 643937 D1.3 Industry Advisory Board Deliverable Editor: Other contributors: Deliverable Reviewers: Mandy Costello
More informationInspiring Personalities. EBS-Intel Summer School for Social Innovators
Inspiring Personalities. EBS-Intel Summer School for Social Innovators 2 EBS Executive Education Why Attending? Social Innovators find new solutions to solve social problems. Just think of the microfinance
More informationDOUBLE-DEGREE MASTER S PROGRAM
DOUBLE-DEGREE MASTER S PROGRAM A job-oriented international study program fostering competences Master of Engineering from the Steinbeis University Berlin (SHB) Aerospace Engineering and Lightweight Technologies
More informationGuidance to the Master and PhD Programmes in Computer Science
Guidance to the Master and PhD Programmes in Computer Science at the Faculty of Science, University of Basel Department of Mathematics and Computer Science Bernoullistrasse 16, CH 4056 Basel Tel: +41 61
More informationGraduate Student Orientation
Graduate Student Orientation Prof. Sanjeev Setia Chair, Department of Computer Science The Volgenau School of IT & Engineering Spring 2013 http://cs.gmu.edu Outline CS Department Overview Rules pertaining
More informationINFORMATION BROCHURE & APPLICATION FOR 2016/7
INFORMATION BROCHURE & APPLICATION FOR 2016/7 DOCTORAL DEGREE (PhD/DCom) ACCOUNTING AUDITING TAXATION Department of Accountancy Faculty of Economic and Financial Sciences 1 1. INTRODUCTION The Department
More informationLondon School of Business & Finance
London School of Business & Finance Europe s fastest growing Business School www. Welcome to LSBF It is my great pleasure to welcome you to London School of Business & Finance. We are proud to be the most
More informationCyber-Physical Systems, Internet of Things & Industry 4.0 First Technical Prototypes
Cyber-Physical Systems, Internet of Things & Industry 4.0 First Technical Prototypes Johannes Schöning Munich, Germany 10/2013 London Münster Berlin Köln Hasselt Saarbrücken Innovative Retail Lab (IRL)
More informationAdmission Number. Master of Science Programme in Computer Science (International Programme)
Admission Number 6 9 0 1 M S 0 0 Master of Science Programme in Computer Science (International Programme) Faculty of Information and Communication Technology Admission Requirements: 1. Hold a Bachelor's
More informationLearning Mathematics with
Deutsches Forschungszentrum für f r Künstliche K Intelligenz Learning Mathematics with Jörg Siekmann German Research Centre for Artificial Intelligence DFKI Universität des Saarlandes e-learning: Systems
More informationOnline Master of Business Administration (MBA)
Online Master of Business Administration (MBA) Dear Prospective Student, Thank you for contacting the University of Maryland s Robert H. Smith School of Business. By requesting this brochure you ve taken
More informationManagement Training & Executive Education Vienna University of Economics and Business
Management Training & Executive Education Vienna University of Economics and Business www.boanet.at Ingo Folie 3 WU Executive Academy Your partner for business success Prof. Bodo B. Schlegelmilch, Ph.D.,
More informationDIPLOMA SUPPLEMENT - Professional baccalaureus/baccalaurea bacc. crim.
REPUBLIC OF CROATIA MINISTRY OF THE INTERIOR POLICE ACADEMY POLICE COLLEGE ZAGREB DIPLOMA SUPPLEMENT - Professional baccalaureus/baccalaurea bacc. crim. This Diploma Supplement follows the model developed
More informationLehrstuhl für Rechnertechnik und Rechnerorganisation (LRR-TUM) Annual Report 1998/1999
Research Report Series Lehrstuhl für Rechnertechnik und Rechnerorganisation (LRR-TUM) Technische Universität München http://wwwbode.informatik.tu-muenchen.de/ Editor: Prof. Dr. A. Bode Vol. 18 Lehrstuhl
More informationOnline Master of Business Administration (MBA)
Online Master of Business Administration (MBA) Dear Prospective Student, Thank you for contacting the University of Maryland s Robert H. Smith School of Business. By requesting this brochure you ve taken
More informationUniversity of Minnesota Start-up Guide
University of Minnesota Start-up Guide Office for Technology Commercialization (OTC) - Venture Center A guide for faculty, staff, and entrepreneurs interested in starting a new business based on University
More informationPhD program. at the Vetmeduni Vienna. Veterinärmedizinische Universität Wien
PhD program at the Vetmeduni Vienna. Veterinärmedizinische Universität Wien Inhalt 1. Objectives of the PhD program 2 2. Admission to the PhD program 2 3. Bodies of the PhD program at the Vetmeduni Vienna
More informationCentral Banks Operations from Academics Perspective Introduction
Central Banks Operations from Academics Perspective Introduction Prof. Dr. Rolf Tilmes Dean, EBS Business School Managing Director, EBS Executive Education GmbH 17 November 2010, Frankfurt Euro Finance
More informationLiteracy Studies - Master's Degree Programme
Literacy Studies - Master's Degree Programme Credits: 120 credits Level: Master's degree (2 years) Offered by: Faculty of Arts and Education, Department of Cultural Studies and Languages Grade name: Master
More informationTailored to succeed. Fleet Management with Linde Fleet Experts.
Tailored to succeed. Fleet Management with Linde Fleet Experts. Saving money for free. Have you ever thought about how high your administrative costs are for operating trucks from different manufacturers?
More informationStudying Environmental Chemistry in Bayreuth: New MA programme set to begin in WS 2016/17
Studying Environmental Chemistry in Bayreuth: New MA programme set to begin in WS 2016/17 International, interdisciplinary, and unique these words best describe the new master s programme Environmental
More informationEcole Polytechnique Fédérale de Lausanne EPFL School of Computer and Communication Sciences IC
Ecole Polytechnique Fédérale de Lausanne EPFL School of Computer and Communication Sciences IC Internship Overview Loïc Gardiol WELCOME TO EPFL The Ecole Polytechnique Fédérale de Lausanne (EPFL) is a
More informationPhD IN BUSINESS. FULL-TIME and PART-TIME RESEARCH
PhD IN BUSINESS FULL-TIME and PART-TIME RESEARCH Getting your PhD at Nyenrode is both enormously challenging as well as exciting and it offers magnificent views on your future Prof. dr. René J. Tissen,
More informationCopyright 2013 wolfssl Inc. All rights reserved. 2
- - Copyright 2013 wolfssl Inc. All rights reserved. 2 Copyright 2013 wolfssl Inc. All rights reserved. 2 Copyright 2013 wolfssl Inc. All rights reserved. 3 Copyright 2013 wolfssl Inc. All rights reserved.
More informationDoctoral Programs. the globally networked management school
Doctoral Programs the globally networked management school Accreditation Accreditation is the review of the quality of higher education institutions and programs. Why is accreditation important? It is
More informationThe Future of Communication
Future Technologies I: Communication Session 2 Hannover, 3 November 2010 The Future of Communication Wolfgang Wahlster German Research Center for Artificial Intelligence Saarbrücken, Kaiserslautern, Bremen,
More informationSummary. German-Iranian Co-operation VI. Development of three cornerstones for a sustainable Energy future in Iran. Work package 3.
German-Iranian Co-operation VI Development of three cornerstones for a sustainable Energy future in Iran Work package 3. Energy Education Programs; A Comparative Study in Iran and Germany Wuppertal, 27.11.2010
More informationFUNAI & TSU:A New Model for International Co-operation and Co-development
FUNAI & TSU:A New Model for International Co-operation and Co-development David Olowokere Ph.D., P.E. Professor and Chair Department of Engineering Technology (Interim Chair, Department of Aviation Science
More informationCORPORATE FINANCE. Connect financial activities to strategic goals. 3-Day International Executive Program April 18-20, 2016 Madrid, Spain
Connect financial activities to strategic goals 3-Day International Executive Program April 18-20, 2016 Madrid, Spain Connect financial activities to strategic goals Location: IE Business School Campus
More informationMBA in International Hospital and Healthcare Management
MBA in International Hospital and Healthcare Management in partnership with Academic Programmes Professional Programmes Seminars Executive Education Corporate Programmes & Services Research International
More informationThe Henley MBA. Your best possible outcome
The Henley MBA Your best possible outcome One of the most personal decisions you will make 1 Our MBA is as individual as you are Why choose Henley to secure a better outcome? Master practical skills and
More information