Method and a system for securing processing of an order by a mobile agent within a network system
First Claim
1. A method for securing processing of an order by a mobile agent from a first server (So) within a network system with a plurality of servers (So, Si, . . . Sn), wherein the mobile agent passes through at least two of the servers, and wherein each of the plurality of servers has a corresponding pair of a public key (KSo, . . . ,KSi, . . . , KSn) and a private key (PKSo, . . . ,PKSi, . . . , PKSn), and wherein any one of the at least two servers the mobile agent is currently stored on is called herein the i'"'"'th server, the method comprising:
- assigning a unique number (r0) to the mobile agent, using the first server (So),encrypting the unique number (r0) with the private key (PKSo) of the first server (So), at the first server, thus forming an agent specific initialisation number (Co) as a first checksum (Co) for a sequence of checksums (Co, . . . ,Ci, . . . ,Cn) to be individually computed by the at least two servers of the plurality of servers (So, S1, . . . , Sn),sending the mobile agent together with its initialisation number (Co) through the at least two servers of the plurality of servers (So, S1, . . . , Sn), thereby processing the order,encrypting, at the i'"'"'th server, the initialisation number (Co) together with data (Xi) collected by the agent when passing the i'"'"'th server, using the i'"'"'th server'"'"'s private key (PKSi),computing, at the i'"'"'th server, a new server specific checksum (Ci) of the sequence of checksums (Co, . . . ,Ci, . . . ,Cn), using the public key (KSo) of the first server (So) and the checksum (Ci−
1) computed by the server (Si−
1) from which the i'"'"'th server receives the mobile agent, andsending the mobile agent further to the next server (Si+1) of the at least two servers of the plurality of servers (So, S1, . . . ,Sn).
2 Assignments
0 Petitions
Accused Products
Abstract
The present description refers to a method for securing processing of an order by a mobile agent from a first server (So) within a network system with a plurality of servers (So, S1, . . . ,Sn), at least a number of which the mobile agent has to pass according to an appropriate succession, wherein each of the plurality of servers has a pair of a public key (KSo, . . . ,KSi, . . . , KSn) and a private key (PKSo, . . . ,PKSi, . . . , PKSn) associated therewith, respectively, the method comprising, starting from any one of the number of servers the mobile agent has to pass, called herein the i'"'"'th server at least the steps of receiving the mobile agent which has been prepared by the first server by choosing a unique number (r0) and assigning it to the mobile agent, encoding the chosen unique number (r0) with the private key (PKSo) of the first server (So), thus forming an agent specific initialisation number (Co) as basis for a sequence of checksums (Co, . . . ,Ci, . . . ,Cn) to be computed successively by the number of servers (So, S1, . . ., Sn), sending the mobile agent together with its initialisation number (Co) on its route through the network system for processing the order passing thereby the number of servers (So, S1, . . . ,Sn) successively, and initiating each server (S1, . . . ,Sn) from which the mobile agent intends to take data with it when passing that server to encode the initialisation number (Co) together with the data with the respective server'"'"'s private key (PKS1, . . . ,PKSi, . . . , PKSn) and to compute therewith a new server specific checksum (C1, . . . ,Ci, . . . ,Cn) using the public key (KSo) of the first server (So) and the checksum (Co, . . . ,Ci, . . . ,Cn−1) computed by the server (So, . . . ,Sn−1) right before in the succession.
20 Citations
8 Claims
-
1. A method for securing processing of an order by a mobile agent from a first server (So) within a network system with a plurality of servers (So, Si, . . . Sn), wherein the mobile agent passes through at least two of the servers, and wherein each of the plurality of servers has a corresponding pair of a public key (KSo, . . . ,KSi, . . . , KSn) and a private key (PKSo, . . . ,PKSi, . . . , PKSn), and wherein any one of the at least two servers the mobile agent is currently stored on is called herein the i'"'"'th server, the method comprising:
-
assigning a unique number (r0) to the mobile agent, using the first server (So), encrypting the unique number (r0) with the private key (PKSo) of the first server (So), at the first server, thus forming an agent specific initialisation number (Co) as a first checksum (Co) for a sequence of checksums (Co, . . . ,Ci, . . . ,Cn) to be individually computed by the at least two servers of the plurality of servers (So, S1, . . . , Sn), sending the mobile agent together with its initialisation number (Co) through the at least two servers of the plurality of servers (So, S1, . . . , Sn), thereby processing the order, encrypting, at the i'"'"'th server, the initialisation number (Co) together with data (Xi) collected by the agent when passing the i'"'"'th server, using the i'"'"'th server'"'"'s private key (PKSi), computing, at the i'"'"'th server, a new server specific checksum (Ci) of the sequence of checksums (Co, . . . ,Ci, . . . ,Cn), using the public key (KSo) of the first server (So) and the checksum (Ci−
1) computed by the server (Si−
1) from which the i'"'"'th server receives the mobile agent, andsending the mobile agent further to the next server (Si+1) of the at least two servers of the plurality of servers (So, S1, . . . ,Sn). - View Dependent Claims (2, 3, 4, 5)
-
-
6. A network system programmed for providing a secure processing of an order by a mobile agent from a first server, the first server (So) having a pair of a private key (PKSo) and a public key (KSo), the mobile agent being associated with a unique number (r0) encrypted with said private key (PKSo) of the first server (So) to form an agent-specific initialization number (Co), the network system further comprising;
a plurality of servers (So, S1, . . . , Sn) including the first server (So), at least two of which the mobile agent traverses during the processing of the order, wherein each of the plurality of servers (So, S1, . . . , Sn) has a corresponding pair of a public key (KSo, . . . , KSi, . . . , KSn) and a private key (PKSo, . . . , PKSi, . . . , PKSn), and wherein a second server (S1) is programmed to encrypt the agent-specific initialization number (Co) and any data collected from the second server (S1) with the private key (PKS1) of the second server (S1) and the public key of the first server (So) to form a first server-specific checksum, and wherein each subsequent server of the network system is programmed to further encrypt the first server-specific checksum and any data the mobile agent collects when passing each subsequent server using each subsequent server'"'"'s private key to thereby compute a new server specific checksum using the public key of the first server and the server-specific checksum computed by a preceding server from which each subsequent server receives the mobile agent.
-
7. A mobile agent including computer-readable instructions recorded on a non-transitory computer-readable storage medium, the mobile agent being from a first server (So) providing a secure processing of an order within a network system with a plurality of servers (So, . . . , Si, . . . , Sn.), at least two of which the mobile agent traverses during the processing, wherein each of the plurality of servers (So, . . . , Si, . . . , Sn) has a pair of a public key (KSo, . . . , KSi, . . . , KSn) and a private key (PKSo, . . . , PKSi, . . . , PKSn), and wherein the mobile agent gets, when starting processing the order, associated with a unique number (rO), which is encrypted with the private key (PKSo) of the first server (So) thus forming an agent specific initialisation number (Co) as a first checksum (Co) for a sequence of checksums (Co, . . . , Ci, . . . , Cn) to be individually computed by each server of the at least two servers while the mobile agent is stored thereon, each checksum being further encoded by the public key (KSo) of the first server (So).
-
8. A computer program product for securing processing of an order by a mobile agent from a first server (So) within a network system with a plurality of servers (So, Si, . . . , Sn), two of which the mobile agent traverses during the processing, wherein each of the plurality of servers has a pair of a public key (KSo, . . . ,KSi, . . . , KSn) and a private key (PKSo,. . . , PKSi, . . . , PKSn), with reference to any one of the number of servers the mobile agent has to pass, called herein the i'"'"'th server, the computer program product embodied on a non-transitory computer-readable storage medium and including a computer program stored on the non-transitory computer-readable storage medium with a program code which, when executed by one of the at least two servers, is suitable to cause the one of the at least two servers to:
-
assign a unique number (r0) to the mobile agent, using the first server (So), encrypt the unique number (r0) with the private key (PKSo) of the first server (So), at the first server, thus forming an agent specific initialisation number (Co) as a first checksum (Co) for a sequence of checksums (Co, . . . ,Ci, . . . ,Cn) to be individually computed by the at least two servers of the plurality of servers (So, S1, . . . ,Sn), send the mobile agent together with its initialisation number (Co) through the at least two servers of the plurality of servers (So, S1, . . . , Sn) thereby processing the order, encrypt, at the i'"'"'th server, the initialisation number (Co) together with data (Xi) collected by the agent when passing the i'"'"'th server, using the i'"'"'th server'"'"'s private key (PKSi), compute, at the i'"'"'th server, a new server specific checksum (Ci) of the sequence of checksums (Co, . . . ,Ci, . . . ,Cn), using the public key (KSo) of the first server (So) and the checksum (Ci−
1) computed by the server (Si−
1) from which the i'"'"'th server receives the mobile agent, andsend the mobile agent further to the next server (Si+1) of the at least two servers of the plurality of servers (So, S1, . . . , Sn).
-
Specification