Your search keyword '"C. R. Ou"' showing total 9 results

1. Adaptation of agent-based non-repudiation protocol to mobile digital right management (DRM)

Author

Chung-Ming Ou and C. R. Ou

Subjects

Digital rights management, business.industry, Computer science, media_common.quotation_subject, General Engineering, Public key infrastructure, Trusted third party, Payment, Certificate, Encryption, Computer security, computer.software_genre, Computer Science Applications, Non-repudiation, Artificial Intelligence, Mobile agent, business, Database transaction, computer, media_common

Abstract

Non-repudiation of a mobile digital rights management (DRM) ensures that when a user (U) sends some message to a rights issuer (RI), neither U nor RI can deny having participated in this transaction. An evidence of a transaction is generated by wireless PKI mechanism such that U and RI cannot repudiate sending and receiving the message respectively. U generates a mobile agent which carries encrypted payment information to RI. This mobile agent is also issued a proxy certificate by U; this certificate guarantees the binding relationship between them. One trusted third party acts as a lightweight notary for evidence generation. One advantage of this agent-based non-repudiation protocol is to reduce inconvenience for mobile clients such as connection time; it causes difficulty for fair transaction for mobile DRM.

Published

2011

2. Adaptation of proxy certificates to non-repudiation protocol of agent-based mobile payment systems

Author

Chung-Ming Ou and C. R. Ou

Subjects

Computer science, business.industry, Public key infrastructure, Trusted third party, Encryption, Computer security, computer.software_genre, Certificate, Non-repudiation, Artificial Intelligence, Mobile payment, ComputingMilieux_COMPUTERSANDSOCIETY, Mobile agent, business, computer, Database transaction

Abstract

Non-repudiation of a mobile payment transaction ensures that when a buyer (B) sends some messages to a seller (S), neither B nor S can deny having participated in this transaction. An evidence of a transaction is generated by wireless PKI mechanism such that B and S cannot repudiate sending and receiving the purchase order respectively. The buyer generates a mobile agent which carries encrypted purchase order to the seller. This mobile agent is also issued a proxy certificate by the buyer; this certificate guarantees the binding relationship between them. One trusted third party acts as a lightweight notary for evidence generation. One advantage of this agent-based non-repudiation protocol is to reduce inconvenience for mobile clients such as connection time; it causes difficulty for fair transaction for mobile payments.

Published

2007

3. Multiagent-Based Dendritic Cell Algorithm with Applications in Computer Security

Author

C. R. Ou, Yao-Tien Wang, and Chung-Ming Ou

Subjects

Innate immune system, business.industry, Artificial immune system, Computer science, Context (language use), Intrusion detection system, DUAL (cognitive architecture), Computer security, computer.software_genre, Immune system, Antigen, Artificial intelligence, business, computer, Dendritic cell algorithm

Abstract

Agent-based artificial immune system (ABAIS) is applied to intrusion detection systems (IDS). A multiagent-based IDS (ABIDS) inspired by the danger theory of human immune system is proposed. The intelligence behind ABIDS is based on the functionality of dendritic cells in human immune systems and the danger theory, while dentritic cells agents (DC agent) are emulated for innate immune subsystem and artificial T-cell agents (TC agent) are for adaptive immune subsystem. This ABIDS is based on the dual detections of DC agent for signals and TC agent for antigen, where each agent coordinates with other to calculate danger value (DV). Agents coordinate one another to calculate mature context antigen value (MCAV) and update activation threshold for security responses.

Published

2011

4. Multi-Agent Artificial Immune Systems (MAAIS) for Intrusion Detection: Abstraction from Danger Theory

Author

C. R. Ou and Chung-Ming Ou

Subjects

Innate immune system, Computer science, Artificial immune system, Distributed computing, Intrusion detection system, DUAL (cognitive architecture), Computer security, computer.software_genre, ComputingMethodologies_ARTIFICIALINTELLIGENCE, Immune system, Danger signal, Host (network), computer, Abstraction (linguistics)

Abstract

Danger theory-inspired Multi-agent artificial immune system (MAAIS) is applied to intrusion detection systems (IDS). Antigens are profiles of system calls while corresponding behaviors are regarded as signals. The intelligence behind such system is based on the danger theory while dentricit cells agents (DC agent) are emulated for innate immune subsystem and artificial T-cell agents (TC agent) are for adaptive immune subsystem. This IDS is based on the dual detections of DC agent for signals and TC agent for antigen, where each agent coordinates with other to calculate danger value (DV). According to DV, immune response for malicious behaviors is activated by either computer host or Security Operating Center (SOC).

Published

2009

5. Security of Mobile Agent-Based Web Applications

Author

Yao-Tien Wang, C. R. Ou, and Chung-Ming Ou

Subjects

Authentication, business.industry, Computer science, Access control, Public key infrastructure, Information security, Computer security, computer.software_genre, ComputingMethodologies_ARTIFICIALINTELLIGENCE, Public-key cryptography, Authorization certificate, Intelligent agent, Mobile agent, business, computer, Computer network

Abstract

Mobile agents are considered to be an alternative to client-server systems. Security issues are discussed for generic agent-based systems, i.e. intelligent agents migrate to agent platforms. Public key infrastructure (PKI) is a major cryptographic systems deployed for agent-based systems. Cryptographic techniques such as digital signatures, hash function, proxy certificate and attribute certificate, are utilized for protecting both intelligent agents and agent platforms. Countermeasures to agent protections and agent platform protection are given, which are based on information security mechanisms such as authentication, authorization, access control and confidentiality. Other major security concern such as the identity binding and delegation between intelligent agent and its host are discussed with solutions based on proxy certificates and attribute certificates.

Published

2008

6. Dynamic role assignment based on X.509 PMI mechanism for mobile agent systems

Author

C. R. Ou, Yao-Tien Wang, and Chung-Ming Ou

Subjects

Computer access control, business.industry, Computer science, Interoperability, Authorization, Access control, Computer security, computer.software_genre, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Authorization certificate, Role-based access control, Privilege Management Infrastructure, Mobile agent, business, computer, Computer network

Abstract

Unauthorized access of malicious entities to agent systems is becoming a serious threat to agent-based communications. An X.509 attribute certificate-based access control mechanism for mobile agent systems is given. Authorization policies of this access control can be dynamically adapted to the constantly evolving threats from computer systems and networks. The privilege management infrastructure (PMI) based on X.509 standard provides an interoperability solution among varied agent platform by utilizing external authorization data structure, namely, attribute certificate fields. A role-based access control (RBAC) mechanism for agent systems based on attribute certificates is designed.

Published

2008

7. SETNR/A: An Agent-Based Secure Payment Protocol for Mobile Commerce

Author

C. R. Ou and Chung-Ming Ou

Subjects

business.industry, Purchase order, Computer science, Payment system, Trusted third party, Computer security, computer.software_genre, Credit card, Mobile payment, ComputingMilieux_COMPUTERSANDSOCIETY, Mobile agent, Payment service provider, Payment processor, business, computer

Abstract

Non-repudiation of a mobile payment transaction ensures that when a buyer (B) sends some messages to a seller (S), neither B nor S can deny having participated in this transaction. An evidence of a transaction is generated by wireless PKI mechanism such that B and S cannot repudiate sending and receiving the purchase order respectively. SETNR/A protocol is proposed to improve the weakness of lacking non-repudiation mechanism from SET and SET/A for credit card-based transactions; on the other hand, agent-based protocol is ideal for complicated payment system. Broker generates a mobile agent for B which carries encrypted purchase order to S. A trusted third party (TTP) acts as a lightweight notary for evidence generations. One advantage of this agent-based payment protocol is to reduce inconvenience for mobile clients such as connection time and search for suitable merchant servers, etc.; it also provides necessary security mechanisms for mobile payment transactions.

Published

2008

8. A High-Level 3G Wireless PKI Solution for Secure Healthcare Communications

Author

C. R. Ou and Chung-Ming Ou

Subjects

Computer science, business.industry, Mobile computing, Public key infrastructure, Mutual authentication, Computer security, computer.software_genre, Public-key cryptography, Certificate authority, Wireless, Cryptosystem, Mobile telephony, business, computer

Abstract

We propose a new wireless PKI security scheme suitable for future mobile communication such as the third generation (3G). This scheme is based on two major elements, one is a trusted server, and the other is the dual public-key cryptosystems, to provide end-to-end security between mobile clients and the Healthcare Information System (HIS). Applications and services based on this WPKI scheme are also proposed.

Published

2006

9. SETNR/A: an agent-based secure payment protocol for mobile commerce

Author

C. R. Ou and Chung-Ming Ou

Subjects

Transaction processing, business.industry, Computer science, Payment system, Secure Electronic Transaction, Trusted third party, Computer security, computer.software_genre, Credit card, Mobile payment, ComputingMilieux_COMPUTERSANDSOCIETY, Mobile agent, Payment service provider, business, computer, Information Systems

Abstract

Non-repudiation of a mobile payment transaction ensures that when a buyer (B) sends some messages to a seller (S), neither B nor S can deny having participated in this transaction. An evidence of a transaction is generated by wireless PKI mechanism such that B and S cannot repudiate sending and receiving the purchase order respectively. SETNR/A protocol is proposed to improve the weakness of lacking non-repudiation mechanism from the secure electronic transaction (SET) protocol and SET/A for credit card-based transactions; on the other hand, agent-based protocol is ideal for complicated payment system. Broker generates a mobile agent for B which carries encrypted purchase order to S. A trusted third party (TTP) acts as a lightweight notary for evidence generations. One advantage of this agent-based payment protocol is to reduce inconvenience for mobile clients such as connection time and search for suitable merchant servers, etc.; it also provides necessary security mechanisms for mobile payment transactions.

Published

2010