The Design and Architecture of a Secure Agent Transport Protocol for E-Commerce

Abstract

With the proliferation of Internet, electronic commerce (e-commerce) is beginning to take the center stage in the commerce world. Transactions via electronic means have been growing rapidly over recent years, both in terms of turnover amount and volume. It is estimated that the trend will continue, as more and more businesses have already started or have plans to put their products/services online. However, the development of e-commerce is hindered by several factors. One of them is the lack of intelligence. Today, there is little intelligence in the World Wide Web. Users cannot delegate jobs to ‘agents’ that autonomously perform the desired tasks for their owners. One way to resolve this is through the introduction of ‘smart software programs’, or intelligent agents. With an agent architecture in place, users can delegate tasks to agents. An agent can help its owner to search for and filter information, negotiate with other agents, and even perform transactions on behalf of its owner. It is predicted that agent usage will become the mainstream in the future, not just in the field of e-commerce, but in the World Wide Web as well (Guilfoyle, 1994; Corley, 1995). Due to the nature of e-commerce, security becomes a primary concern for any architecture under this category. In fact, the threats to e-commerce come mostly from the area of security. Credit card companies lose billions of dollars every year on card frauds. Bank networks are broken into and millions are transferred out without the administration’s immediate knowledge. In order to fight against these electronic crimes, it is necessary to protect our architecture with a solid security framework. Besides the security needs, it is desirable for agents to have roaming capability as well. Roaming extends the agent’s capability well beyond the limitations imposed by its owner’s computer. Agent operations should not be affected by factors such as the availability of network, the limitation on bandwidth, or the lack of computing resources. Roaming agents should be able to physically leave their owners’ machines and perform their operations using the computing resources on hosting machines.