Mobile Agents in E-commerce Environments - IEEE Xplore

0 downloads 0 Views 178KB Size Report
it is largely accepted that have the ability to address efficiently some of these problems. However, mobile agent technology carries with it associated security.
Mobile Agents in E-commerce Environments: Supporting Collaborative Activities Dimitrios A.Baltatzis1, Christos K. Georgiadis2 and Ion G. Pagkalos1 1 Informatics Laboratory, Computers Division, Faculty of Technology, Aristotle University of Thessaloniki, GREECE 2 Department of Applied Informatics, University of Macedonia, Thessaloniki, GREECE [email protected], [email protected], [email protected]

Abstract E-commerce operations are frequently repetitive with a large segment suitable to computer aids and automation. Moreover, managing e-commerce collaborative activities on the Web requires knowing exactly what information to share with whom. Mobile agents become relevant candidates to assist users as it is largely accepted that have the ability to address efficiently some of these problems. However, mobile agent technology carries with it associated security vulnerabilities that had to be addressed in order to be functional. A key requirement is to find a flexible, convenient and effective method to work out the mobile agent authorization problem. We argue that a satisfactory approach for this problem is to dynamically map casual users, like mobile agents, with predefined organizational security roles, based on a flexible role-assignment mechanism.

1. Introduction One of the key characteristics of the e-business world is that companies will inevitably move more and more into a customer-centric paradigm in order to increase competitiveness. Businesses use the Web to improve internal communication, help manage supply chains, conduct technical and market research, and locate potential partners. According to [1,2], an e-commerce transaction can be decomposed into three phases: ƒ Information (or investigation) – to look for the providers that have the products or services that satisfy users’ needs. ƒ Negotiation – to launch an offer and counteroffer process, if needed.

ƒ Settlement (or execution) – to implement the clauses of the contract (which is actually the outcome of the previous phase). Mobile agents have, in most situations, great potential in the information phase [1]. Mobile agents roam the net on users’ behalf, identify the providers that interest users and possibly exchange messages with providers about different issues (e.g. availability, prices, etc.). As a final point, the agents report their findings to the users. The mobile agents which serve the information phase are actually considered as a special type of information brokering (or matchmaking) agents [3]. To be exact, brokering agents help seekers to find information and services of interest, by employing search and information agents. Mobile search agents are able to traverse the network looking for particular kinds of information, filter it, gather it and return it to the users (to a home location). Then, information agents perform the role of collating, summarizing, or managing information from many diverse distributed sources. Agent operations depend mainly on authorization mechanisms for securing transactions in an e-commerce environment. This environment is generally composed of participant’s organizations, probably with diverse policies. In such an environment, prior knowledge about users who are accessing these hosts normally does not exist. Still, the appropriate set of permissions for each potential user must be determined. Current research efforts grant privileges to users based on their identity-oriented features demonstrated in the form of digital credentials. Relying on credentials of this type in a such an environment, is not sufficient however to certify a user‘s trustworthiness, nor his/her eligibility to perform specific operations. Thus, a more flexible

Proceedings of the 2005 International Conference on Computational Intelligence for Modelling, Control and Automation, and International Conference on Intelligent Agents, Web Technologies and Internet Commerce (CIMCA-IAWTIC’05) 0-7695-2504-0/05 $20.00 © 2005

IEEE

authorization mechanism is required.

2. E-commerce and mobile agents Among the most significant impediments that the development of business-to-customers (B2C) ecommerce faces, is slow response time, and lack of user friendliness. Indeed, conducting e-commerce operations is still not so simple. Most of these operations are complex, and thus, different difficulties exist [2]: ƒ Numerous relevant web sites with product and service catalogues have to be searched, ƒ The operation of these sites needs to be understood, and the needs of users have to be specified according to the characteristics of these sites, ƒ Users have to retain information, such as prices, warranties, and returning policies, while switching from one site to another (for comparison purposes), ƒ Security problems may take place when submitting sensitive information. However, e-commerce operations are frequently repetitive with a large segment suitable to computer aids and automation. For that reason, agents become relevant candidates to assist users. It is largely accepted that mobile agents have the ability to address efficiently some of these problems. By building on the distributed object foundation, agent technology can help overpass the remaining space between flexible design and usable applications. Moreover, mobile agent technology can help address serious technological challenges in businessto-business (B2B) e-commerce, such as concerns about effective use of interoperability between diverse business platforms - processes and diverse information required to achieve global e-commerce. In addition, innovative enterprises with good partner relationships are beginning to capitalize on the enormous potential of new global networking possibilities and are beginning to share sales data, customer buying patterns, and future plans with their suppliers and customers [3]. The opportunities for using mobile agents in an e-business application are enormous. Agents can carry out work on behalf of human knowledge workers both on the customer’s and supplier’s behalf.

3. Collaboration on the Web in Ecommerce Environments In real life, people like to collaborate while doing their jobs, as well as during their relaxation activities. However, they do not find presently much support for collaboration on the Web (in their ‘online life’). The basic idea [4] is the creation of ‘collaborative sessions’ that can be joined by multiple Web users to share with each other the navigation among standard Web pages, doing together those activities that are currently performed alone. Collaborative activity on the Web would be ineffective without achieving this shared navigation concept. Such a concept could facilitate many collaborative experiences concerning e-commerce activities: ƒ an advanced type of on-line assistance with very rich e-commerce sites allowing an expert to lead customers where they need to go, ƒ guided virtual museum tours in which people from different parts of the world join collective visits and follow a guide, ƒ collective document browsing where several people browse documents concerning products or services together, ƒ collaborative shopping (quite often, shopping is something people like to do along with friends and relatives), ƒ collaborative commerce (collaboration in B2B e-commerce operations). Collaborative commerce, in more details, is defined as the use of digital technologies to permit organizations to collaboratively design, develop, build and manage products through their life cycles [5]. It is very interesting and promising to try to extend the way people currently use the Web by adding support for more collaboration. Regarding B2C activities, it is likely that navigating is an action that is socially facilitated, meaning that when done in the company of others people engage in it more often and enjoy it more [4]. In addition, regarding B2B environments, there are many varieties of collaborative commerce activities, concerning usually functionalities between and among supply chain partners. In this way, a collaborative platform can help in communication and collaboration between headquarters and subsidiaries or franchisers and franchisees, making it easier for them to do business and reduce overhead and duplication [6].

Proceedings of the 2005 International Conference on Computational Intelligence for Modelling, Control and Automation, and International Conference on Intelligent Agents, Web Technologies and Internet Commerce (CIMCA-IAWTIC’05) 0-7695-2504-0/05 $20.00 © 2005

IEEE

4. Mobile Search Agents in Collaborative Activities: Authorization Issues Managing collaborative activities on the Web requires knowing exactly what information to share with whom. Mobile search agents could facilitate such environment as their ability to move from host to host eases the formation of collaborative sessions by allowing users to access shareable information according to their credibility [7]. In order to establish such an environment, authorization decisions are a critical security concern. These authorizations are significantly different from those in centralized or smaller systems. There are often system entities many of which are unknown to each other and also, very often, there is no central authority that everyone trusts. This article provides a suitable framework for mobile agent systems where an outsized and dynamic set of principals with mutual mistrust between them, has to rely on pieces of application code which autonomously migrate to and execute on consecutive hosts. The role based access control model (RBAC) [8] could be used for dynamically assigning security roles to visiting agents on each hosting platform. Our methodology introduces the concept of role decomposition via a flexible role selection for a secure and consistent solution to the agents’ authorization problem. The role decomposition that every host is eligible to perform according to a set of well established rules is based on a common set of “Attribute_Fields” (A_Fs) filled with Attribute_Values (A_Vs) and a well-defined “dominance” relation. In this way every host which is visited by an agent has the flexibility and the efficiency to decide which role is the proper one to assign from the local role hierarchy, to exercise only the anticipated access rights.

(UR) User –Role USER

Attribute_Field

ROLE

Attribute_Values

Agents

Figure 1. User-Role Assignment for Mobile Agents Organizations should support proper authorization mechanisms for allowing entry to the agents. A minimum of cooperation-coordination requires that all participants make use of the same access control model; in our case the RBAC. This does not imply that all participants use the same role hierarchy, which is unacceptable indeed, but implies that every collaborative organization should be able to assign one or more local roles to the requested agent. This presumes that a well defined role assignment mechanism should be in place, in order to accomplish the task. This mechanism mainly depends on the set of credentials that the agent carries with it, and the local role hierarchy. In any case the organization that provides the resource must have the privilege, the authority and flexibility to define the set of rules that define the security roles, applied to the specific organization. Roles Groups Attribute Fields

5. The Authorization framework Attribute Values

The different e-commerce participant organizations are visited by mobile agents and they should be able to automatically assign them different security roles. We believe that a satisfactory approach for the mobile agents’ authorization problem is to dynamically map casual users like mobile agents, with predefined organizational host roles, based on agents’ credentials and on a flexible role-assignment mechanism (Fig 1).

Figure 2. Role decomposition Our mechanism mainly depends on a scalable decomposition (Fig 2) of local roles that every host is eligible to perform based on a well defined process. The process that decomposes a security role follows this order: ƒ roles are defined using Groups (G). ƒ Gs are actually constructed by A_Fs related to

Proceedings of the 2005 International Conference on Computational Intelligence for Modelling, Control and Automation, and International Conference on Intelligent Agents, Web Technologies and Internet Commerce (CIMCA-IAWTIC’05) 0-7695-2504-0/05 $20.00 © 2005

IEEE

each other with some level of seniority ƒ A_Fs are filled with A_Vs [9] [10]. The structure for every role throughout the collaboration is the same. This means that they constitute from the same Gs. This is not some risky compromise since all participant organizations operate on the same business field and thus is feasible to try to express their security roles with the same Gs. It is also well understood that all roles in every organization do not make use of all these Gs but possibly a number of them. The A_Fs that constitute every G are relevant in meaning. The mechanism works like this: in between the A_Fs of the same G there is a strict seniority. This means that an A_F is considered always higher or lower in seniority compare to another A_F in the same G. This seniority is not necessarily the same in every collaborative organization. Since the A_Fs are the same for all organizations, every one could evaluate differently the importance of every A_F. A_Fs are filled with A_Vs and in order to be able to compare A_Vs from the same A_F but from different roles, they should refer to the same data set. These A_Vs should also have seniority among them. Since it is difficult to manipulate and distribute A_Vs between different organizations, we propose the transformation of the original A_V to its seniority among the others of the same A_F. Obviously all organizations could not use the same number of A_Vs to express the values of an A_F. For example an organization would use 3 values to express an A_F that describes the hierarchy of its managers while a bigger organization would need 5. This is still not a problem since an A_V could be accompanied by its scale (e.g. 3 out of 5). In this case the visited organization by an agent could transform this value to its own scale, performing a sort of normalization. This transformation of a A_V to its associate numeric seniority, does not work for all kinds of A_F. There are certain A_Fs that is unseasonable to try to transform them into numeric (e.g. names, locations etc). For these A_Fs, their A_Vs stay unchanged and it is under to judgment of every participant to decide about their seniority.

Group1 A_F1 DPT :{ BOArding, MANagerial, OPeRational} 3 2 1 A_F2 BS: {4, 3, 2, 1} A_F3 TO: {INSurance, BANk, MINistry, CREdit} 4 3 2 1 Group2 A_F1 MS :{ 4, 3, 2, 1} A_F2 OS :{ 7, 6, 5, 4, 3, 2, 1} Group3 A_F1 MF :{ 3, 2, 1} A_F2 OF: {5, 4, 3, 2, 1} As we see in the first group, A_F1 and A_F3 have A_Vs that could not be converted into numeric globally, and every participant organization should evaluate under its own judgment these values. Here we can see such an evaluation on a specific host The second A_F2 (BS) refers to if someone is a member of the boarding stuff. The second G describes authority in the sales department, whether someone is in a managerial position (A_F1) or just in the operational (A_F2). Accordingly the third G describes authority in the financial department.

5.2. Definitions Suppose we have a framework that uses M groups to express its roles. Groups are represented by: Gi, i {1... M}. Xij represents an A_F, i identify the group it belongs, j represents the rank number of the A_F inside the group Xij’ represents the corresponding A_V. 1. We define seniority between two A_Fs of the same group as: Seniority of Xij is greater or equal than the seniority of Xkn and we denote Xij » Xkn, if and only if: i = k and j ” n). Initially in the above example, inside each group the seniority among the A_Fs is considered: DPT » BS» TO, MS » OS and MF » OF

5.1. Example We are going to use a simplified example to help understand the following definitions. Suppose we have a financial collaboration environment and the Gs that define every role in that environment are:

2. A group Gi is said to be non-empty, denoted by Gi  ‡:  Xij  Gi: Xij’  0. Example: R1: OPR3INS 00 34 3. A group Gi belonging to role R1 is said to be

Proceedings of the 2005 International Conference on Computational Intelligence for Modelling, Control and Automation, and International Conference on Intelligent Agents, Web Technologies and Internet Commerce (CIMCA-IAWTIC’05) 0-7695-2504-0/05 $20.00 © 2005

IEEE

comparable to another group Dj belonging to another role R2: i, j  {1... M} š i=j (they occupy corresponding places inside the role). Examples: R1: MAN2INS 22 04 R2: OPR3INS 00 02 The second G of R1 is only comparable to the second G of R2. 4. We define dominance between non-empty comparable groups: Gi  R1 and Di  R2, i {1... M} of two different roles, denoted by Gi » Di, either way according to: a) greater significance. A value in a greater seniority A_F compared to a value in a minor seniority A_F: ( Xij  Gi, Gi  R1) š (Xij’  ‡) , ( Xkn  Gi, Gi  R2: i=k) š (j > n, Xkn’ ‡). Even if Xij’ < Xkn’ b) greater value. A greater value in every A_F:  Xij  Gi, Gi  R1 š Xij’  ‡ ,  Xkn  Gi, Gi  R2 š Xkn’  ‡ : i=k, j = n š Xij’ t Xkn’ Examples: R1: MAN2INS 30 33 R2: MAN1INS 02 21 The second G of R1 dominates the associate G of R2 because of greater significance; it has an A_V in a higher seniority A_F. The third G of R1 dominates the associate G of R2 because it has greater A_Vs on every A_F. 5. A role R1 is said to be comparable to another role R2 if and only if:  Gi  R2: Gi  ‡ Î  Di  R1: Di ‡, i {1... M} Examples: R1: MAN2INS 22 04 R2: OPR3INS 00 02 R1 and R2 comparable R1: MAN2INS 00 04 R2: OPR1INS 20 03 R1 and R2 not comparable In the later case, the second G of R2 is nonempty while the second G of R1 it is. 6. A role R1 dominates another role R2, denoted R1 » R2 if and only if:  Gi  R2: Gi ‡,  Di  R1,: Di » Gi, i {1... M}. Examples: R1: MAN3INS 20 04 R2: OPR2INS 00 02 R1 dominates R2 R1: MAN2INS 00 04

R2: OPR1INS 20 02 R1 does not dominate R2 In the later case, while the first and third G of R1 dominates the associate ones of R2, the second one does not. In this case we do not have a clear dominance and hence r1 does not dominate R2 The proposed mechanism allows two roles from different role hierarchies to be compared for dominance. It is worth stressing that existing agentbased applications can benefit from this solution as only minor changes are needed to both the platform and the agent's code.

6. Conclusion A flexible and adaptable authorisation mechanism is required to support complex authorisation processes like the ones found in ecommerce collaborative activities. In this article, we address the dynamic role assignment problem in an ecommerce environment by describing a flexible role assignment mechanism. Our proposal for a secure and consistent solution to the agents’ authorization problem is based on security role decomposition that every partner is qualified to perform according to its local policy. This variation of RBAC uses a common set of A_Fs that make possible the exchange of A_Vs between hosts. In addition, seniority levels between the A_Fs are capable to evaluate comparison and dominance relations between roles of different local (host) hierarchies. In all cases the host that provides the resources has the authority and flexibility to define the set of rules on A_Fs that define these roles. The main contribution of this work is that it suggests a practical mechanism by applying the well accepted RBAC access control model to an agent based ecommerce collaborative environment. The model has been developed and tested, using Java programming language and Oracle database management system.

7. References [1] Mandry, T., Pernul, G., Röhm, A. W., Mobile Agents on Electronic Markets: Opportunities, Risks and Agent Protection”, International Journal of Electronic Commerce, Vol. 5, No. 2, M. E. Sharp, Inc., 47-60, 2001. [2] Maamar, Z., Association of users with software agents in e-commerce, Electronic Commerce Research and Applications 1, Elsevier Science, 104-112, 2002. [3] Papazoglou, M., Agent-oriented technology in support of e-business, CACM, Vol. 44, No. 4 71-77, 2001.

Proceedings of the 2005 International Conference on Computational Intelligence for Modelling, Control and Automation, and International Conference on Intelligent Agents, Web Technologies and Internet Commerce (CIMCA-IAWTIC’05) 0-7695-2504-0/05 $20.00 © 2005

IEEE

[4] Puglia, S., Carter, R., Jain, R., MultECommerce: A Distributed Architecture for Collaborative Shopping on the WWW, ACM EC ’00, 215-224, 2000. [5] Laudon, K., Traver, C., E-commerce: Business, Technology, Society, 2nd ed., Addison Wesley , 2004 [6] Turban, E., King, D. et al., Electronic Commerce. A Managerial Perspective, Pearson Education, 2003. [7] W. Jansen, and T. Karygiannis, National Institute of Standards and technology, NIST Special Publication 80019- Mobile Agent Security, 1999. [8] D.F. Ferraiolo, R.S. Sandhu, S.I Gavrila, D. R. Kuhn, R. Chandramouli: Proposed NIST standard for role-based access control. TISSEC 4(3): 224-274, 2001. [9] D. Baltatzis, S.Kortesis, C. Georgiadis, C. Ilioudis and G.Pangalos: Using RBAC for the mobile agent authorization problem. Proceedings of the 4th International Network Conference, Plymouth, 2004. [10] D. Baltatzis, . C. Georgiadis, and G.Pangalos: A flexible authorization mechanism for Virtual organizations. Proceedings of the IEEE 39th Int. Carnahan Conference on Security technology, 97-100, 2005.

Proceedings of the 2005 International Conference on Computational Intelligence for Modelling, Control and Automation, and International Conference on Intelligent Agents, Web Technologies and Internet Commerce (CIMCA-IAWTIC’05) 0-7695-2504-0/05 $20.00 © 2005

IEEE