DOCSLIB.ORG

October 2013 [This Update Under Review]

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
October 2013 [This Update Under Review] COMPLIANCE WITH U.S. EXPORT AND REEXPORT CONTROLS October 2013 [This Update Under Review] By Benjamin H. Flowe, Jr. Berliner, Corcoran & Rowe, L.L.P. 1101 17th Street, N.W., Suite 1100 Washington DC 20036 Phone: 202-293-5555 Fax: 202-293-9035 [email protected] © 2013 Benjamin H. Flowe, Jr. [email protected] Compliance with U.S. Export and Reexport Controls Benjamin H. Flowe, Jr. November 2012 1. Introduction. 1 2. Extraterritorial Application of U.S. Law. 1 3. Basic Guidance for U.S. Reexport Control Compliance. 3 4. Reasons for Export Controls and Applicable Multilateral Regimes. 4 4.1 National Security Controls: Wassenaar Arrangement as COCOM Successor. 5 4.2 Nuclear Controls: Nuclear Suppliers Group. 8 4.3 Missile Technology: Missile Technology Control Regime. 9 4.4 Chemical and Biological Weapons: Australia Group and Chemical Weapons Convention.. 10 4.5 Tension Between Export Controls, Export Promotion, and Free Speech . 19 5. Which Laws and Agencies Govern. 13 5.1 Commerce Department Export Administration Act for Dual-Use Items.. 13 5.2 State Department Arms Export Control Act for Munitions Items.. 15 5.3 Treasury Department's Embargo and Sanctions Programs. 16 5.4 Other Specialty Export Control Agencies and Laws. 18 5.5 Need to Address Agencies Other Than Commerce. 18 6. Export Administration Regulations. 18 6.1 Export Control Factors of Concern .. 19 6.2 Scope of the EAR.. 19 6.3 General Prohibitions. 20 6.4 Commerce Control List and Country Chart.. 21 6.5 License Exceptions. 22 6.6 End-Use and End-User Controls. 23 6.7 Export Shipping and Recordkeeping. 23 6.8 Reporting Requirements. 24 6.9 Exploration of the “Deemed Export” Rule. 6.9.1 Development of Deemed Export Rule.. 6.9.2 Enforcement of the Deemed Export Rule. 7. Controls on Encryption Products and Technology. 24 7.1 June 25, 2010 Encryption Review and Reporting Streamlining and Ancillary “Note 4" Implementation.. 25 7.1.1 Overview of Review and Reporting Streamlining for Most ENC-U and Mass Market Products................................................................................26 7.1.2 Ancillary Note 4 Implementation...............................................................28 7.1.3 Benefits and Drawbacks of the Streamlining Rule............................29 7.2 Structure of Revised Encryption Controls. 29 7.3 How to Apply Export Control Categories for Encryption Products. 31 7.3.1 Determine Whether the Encryption is Eligible for the Medical Note. 31 7.3.2 Determine Whether the Encryption is Eligible for Note 4 to CCL Category 5, Part 2 (formerly “Ancillary”). 31 7.3.3 Determine Whether Encryption is Eligible for Self-Classification Under © 2013 Benjamin H. Flowe, Jr. [email protected] ii ECCNs 5A992, 5D992, or 5E992 (Without Notification or Review). 31 7.3.4 Non-U.S. Product Incorporating U.S. Encryption. 32 7.3.5 Mass Market Items Requiring Review or ERN. 32 7.3.6 5X002 Items– Exports to U.S./FTC Subsidiaries. 34 7.3.7 5D002 Items– Publicly Available Source and Object Code. 34 7.3.8 5X002 Items Not Listed in Section 740.17(b)(2) or (b)(3) qualify for (b)(1) . 34 7.3.9 5X002 Items – Sections 740.17(b)(2) and (b)(3) Items ............................34 7.3.10 5X002 Items– ENC Ineligible – License Required. 35 7.3.11 Mechanics of Revised Encryption Structure.. 35 7.3.11.1 Obtaining an Encryption Registration Number (“ERN”). 35 7.3.11.2 Annual “Self-Classification” Report. 35 7.3.11.3 Clarification of Information Required for Encryption Classifications. 36 7.3.11.4 Further Tips for Applications.. 36 7.3.11.4 Semi-Annual Shipment Reporting Requirements for License Exception ENC Exports. 36 7.3.11.5 License Exception ENC Eligibility (After Registration of Review Request) for Exports to Any End-User in FTC. 37 7.3.11.6 License Exception ENC Compliance Tips.. 37 7.3.11.7 Commercial Source Code That is Not Publicly Available.37 7.3.11.8 Open Cryptographic Interfaces. 37 7.3.11.9 Reexports of Resultant Non U.S.-Produced Products and the “Crypto-Aware” Concept.. 38 7.3.11.12 Encryption Licensing Arrangements (ELAs) and Other Licenses. 39 7.4. Concerns Remain Regarding “Hidden” Licensing Requirements for Offshore Development and Sales of Encryption Items.. 39 7.5. Upgrades to Key Lengths and Subsequent Bundling.. 40 7.6. Decontrol of Published Software with Encryption Functions. 7.7 Compliance with Encryption Controls Remains Critical.. 41 7.8 Further Changes Needed. 42 8. Exceptions to EAR Reexport Controls. 42 8.1 Two Sets of EAR Reexport Controls Apply. 43 8.2 Exemptions Applicable to U.S.-Origin Products.. 44 8.2.1 No License Required. 44 8.2.2 License Exceptions. 44 8.2.3 Reexports Covered by Specific Authorizations. 44 8.2.4 Reexports to Country Group A:1 and Cooperating Countries.. 44 8.2.5 Reexports to Most Other Countries Approved by Governments of Country Group A:1 and Cooperating Countries. 45 8.2.6 Reexports with De Minimis U.S. Components. 45 8.2.7 Secondary Incorporation Rule – for U.S. Parts and Components. 48 8.2.8 Problems with Application to “Operations Software” Ameliorated. 49 8.2.9 Special Provisions Authorize Certain Exports for Servicing.. 49 8.3 Separate Exemptions Applicable to Exports of Direct Products of U.S.-Origin Technical Data. 50 8.3.1 Application of Permissive Reexport Provisions. 50 © 2013 Benjamin H. Flowe, Jr. [email protected] iii 8.3.2 Product Not NS Controlled. 51 8.3.3 Non-Controlled Technology. 51 8.3.4 Indirect Products. 51 8.3.5 Incorporated Direct Products. 52 8.3.6 Public Domain Technology. 52 8.3.7 De Minimis Technology and Software Not Subject to U.S. Reexport Controls. 52 9. Compliance with OFAC Reexport Sanctions and Embargo Controls.. 52 9.1 Applicable Penalties.. 53 9.2 Application to More than Just “U.S. Persons”.. 53 9.3 Proscribed Countries. 54 9.4 Restrictions On Nationals and “Specially Designated Nationals”.. 58 9.4.1 Nationals of Sanctioned Countries.. 58 9.4.2 Narcotics Traffickers and Terrorists. 58 9.5 Prohibited Activities. 60 9.5.1 Imports. 60 9.5.2 Contracts in Which Proscribed Countries or Their Nationals Have an “Interest”. 60 9.5.3 Exports. 60 9.5.4 Payments. 61 9.5.5 Travel. 61 9.5.6 Bank Accounts and Other Assets.. 61 9.6 Letters of Intent and Discussions Permitted but Not Binding Contracts. 61 9.7 Licensing Under OFAC Regulations.. 61 9.8 Controversial U.S. Unilateral Sanctions. 62 9.8.1 Helms-Burton Act. 62 9.8.2 Iran Libya Sanctions Act and Comprehensive Iran Sanctions, Accountability and Divestment Act.. 63 9.8.2.1 Iran Libya Sanctions Act (“ILSA”). 9.8.2.2 Comprehensive Iran Sanctions, Accountability and Divestment Act.
Load more

Recommended publications
  • The Export of Cryptography in the 20 Century and the 21
    The Export of Cryptography th st in the 20 Century and the 21 ∗ Whitfield Diffie and Susan Landau Sun Microsystems, Inc Palo Alto CA April 19, 2005 August 2000 On the 14th of January 2000, the Bureau of Export Administration issued long-awaited revisions to the rules on exporting cryptographic hardware and software. The new regulations, which grew out of a protracted tug of war between the computer industry and the U.S. Government, are seen by indus- try as a victory. Their appearance, which was attended by both excitement and relief, marked a substantial change in export policy. This paper exam- ines the evolution of export control in the cryptographic area and considers its impact on the deployment of privacy-protecting technologies within the United States. Before the electronic age, all \real-time" interaction between people had to take place in person. Privacy in such interactions could be taken for granted. No more than reasonable care was required to assure yourself that only the people you were addressing | people who had to be right there with you | could hear you. Telecommunications have changed this. The people with whom you interact no longer have to be in your immediate vicinity; they can be on the other side of the world, making what was once impossible spontaneous and inexpensive. Telecommunication, on the other hand, makes protecting yourself from eavesdropping more difficult. Some other security mechanism is required to replace looking around to see that ∗To appear in the Handbook of the History of Information Security Elsevier B.V. 1 no one is close enough to overhear: that mechanism is cryptography, the only security mechanism that directly protects information passing out of the physical control of the sender and receiver.
    [Show full text]
  • On Key Assignment Schemes and Cryptographic Enforcement Mechanisms for Information Flow Policies
    On Key Assignment Schemes and Cryptographic Enforcement Mechanisms for Information Flow Policies Naomi Farley Thesis submitted to the University of London for the degree of Doctor of Philosophy Information Security Group School of Mathematics and Information Security Royal Holloway, University of London 2018 Declaration These doctoral studies were conducted under the supervision of Professor Jason Crampton and Professor Gregory Gutin. The work presented in this thesis is the result of original research I conducted, in collabo- ration with others, whilst enrolled in the School of Mathematics and Information Security as a candidate for the degree of Doctor of Philosophy. This work has not been submitted for any other degree or award in any other university or educational establishment. Naomi Farley November 11, 2018 2 Abstract Access control policies specify permissible interactions between users and system resources, and are typically enforced by trusted components. Third parties (e.g. cloud servers) may not be trusted to correctly enforce a policy, in which case cryptographic enforcement schemes (CESs) may be used. In this thesis, we consider the cryptographic enforcement of (read-only) information flow policies, which model hierarchies of security labels. For example, a symmetric key can be associated with each security label and used to encrypt associated objects. Users authorised for many labels may need to be issued many keys, which may be undesirable, particularly when user storage is limited. A key assignment scheme (KAS) allows a trusted entity to generate a `small' secret for each user, from which all required keys can be derived. Key derivation may also rely on additional public information, which can be large and expensive to maintain.
    [Show full text]
  • Gendering Decryption - Decrypting Gender
    1 Gendering decryption - decrypting gender The gender discourse of labour at Bletchley Park 1939-1945 Photograph taken from Smith 2011. Spring 2013 MA thesis (30 hp) Author: Annie Burman Supervisor: Mikael Byström Seminar leader: Torkel Jansson Date of seminar: 4 June 2013 2 Abstract Ever since the British efforts to break Axis codes and ciphers during the Second World War were declassified in the 1970s, the subject of Government Code and Cipher School, the organisation responsible, Bletchley Park, its wartime headquarters, and the impact of the intelligence on the war has fascinated both historians and the general public. However, little attention has been paid to Bletchley Park as a war station where three-quarters of the personnel was female. The purpose of this thesis is to explore the gender discourse of labour at Bletchley Park and how it relates to the wider context of wartime Britain. This is done through the theoretical concepts of gendering (the assignation of a gender to a job, task or object), horizontal gender segregation (the custom of assigning men and women different jobs) and vertical gender segregation (the state where men hold more prestigious positions in the hierarchy than women). The primary sources are interviews, letters and memoirs by female veterans of Bletchley Park, kept in Bletchley Park Trust Archive and the Imperial War Museum’s collections, and printed accounts, in total two monographs and five articles. Surviving official documents from Bletchley Park, now kept in the National Archives, are also utilised. Using accounts created by female veterans themselves as the main source material allows for women’s perspectives to be acknowledged and examined.
    [Show full text]
  • Simulation and Computer-Aided Cryptanalysis of Angooki Taipu B
    PURPLE Revealed: Simulation and Computer-aided Cryptanalysis of Angooki Taipu B Wes Freeman,1 Geoff Sullivan 2 and Frode Weierud 3 ADDRESSES: (1) 2527 Mardell Way, Mt View CA 94043 USA. Email: [email protected]; (2) 64 Tennyson Road, Headless Cross, Redditch, Worcs., B97 5BJ UNITED KINGDOM. Email: [email protected]; (3) Le Pre Vert, 1041 Rte de Mategnin, F-01280 Prevessin-Moens FRANCE. Email: [email protected] ABSTRACT: PURPLE was the designation given by U.S. cryptanalysts to the cipher machine used by the Japanese Foreign Office for secure communications before and during WW 2. We present the structure and internal wiring of the machine, as well as details of the keying procedures and a system of abbreviations, which was used in the messages. We have also written a computer simulation of the PURPLE machine. Operation of the simulator is demonstrated by deciphering portions of the 14-part message delivered to the United States on Dec. 7, 1941. Finally, an automated cryptanalysis method for the PURPLE system is presented. KEYWORDS: Pearl Harbor, PURPLE, RED, Rowlett, Stepping Switch, Computer Simulations, Hill Climbing, Roma-ji, Romazi. Introduction On December 6, 1941, the Japanese Government sent a message, which was divided for transmission into 14 parts (the 14-part message), to its embassy in Washington. An accompanying message directed that the 14-part message be delivered to the United States Government on December 7 at 1:00 p.m., which corresponded to 7:30 a.m. at Pearl Harbor, Hawaii. The 14-part message, which broke off negotiations between Japan and the United States, was enciphered on the PURPLE machine.
    [Show full text]
  • (U) Cryptologic Almanac Soth Anniversary Series (U)Madame X
    DOCID: 3575740 ~ l".AEQ/IL - --..... , • • u~t: l\J.11 V , • H UNCLASSlrl 1rOH urr1i...11u. 1.1 ..... ...... _. • (U) Cryptologic Almanac soth Anniversary Series (U)Madame X: Agnes Meyer Driscoll and U.S. Naval Cryptology, 1919 - 1940 (U) Of all the pioneer American cryptologists that we remember - William and Elizebeth Friedman, Herbert 0. Yardley (founder of the American Black Chamber), and Joseph Rochefort, whose codebreaking exploits contributed to the Midway victory - one, Agnes Meyer Driscoll, remains something of a mystery. The mystery is all the more ironic when we consider the range and number of her accomplishments as a pioneer cryptologist, and that she was a woman working in the mostly male domain of naval cryptology. (U) She was born on 24 July 1889 in Genesco, Illinois, to Dr. Gustav F. and Lucy Andrews Meyer. Jn 1911, she received an A.B. from Ohio State University, having majored in mathematics, music, physics, and foreign languages. Her curriculum was atypical of women's education in the post-Victorian era. After college, she moved to Amarillo, Texas, where she taught in various high schools. By 1918, she was the head of the mathematics department at Amarillo High School. However, events were soon to change her career completely. (U) In April 1917, as a result of the unlimited U-boat campaign and the revelations of the Zimmermann Telegram, the United States declared war on Germany. By early 1918, the U.S. Navy found that it had a serious personnel shortage as the war soaked up the pool of available manpower. To fix this problem, the secretary of the navy, Josephus Daniels, made the far-reaching decision to allow women to enlist.
    [Show full text]
  • Jewel Theatre Audience Guide Addendum: Alan Turing Biography
    Jewel Theatre Audience Guide Addendum: Alan Turing Biography directed by Kirsten Brandt by Susan Myer Silton, Dramaturg © 2019 ALAN TURING The outline of the following overview of Turing’s life is largely based on his biography on Alchetron.com (https://alchetron.com/Alan-Turing), a “social encyclopedia” developed by Alchetron Technologies. It has been embellished with additional information from sources such as Andrew Hodges’ books, Alan Turing: The Enigma (1983) and Turing (1997) as well as his website, https://www.turing.org.uk. The following books have also provided additional information: Prof: Alan Turing Decoded (2015) by Dermot Turing, who is Alan’s nephew by way of his only sibling, John; The Turing Guide by B. Jack Copeland, Jonathan Bowen, Mark Sprevak, and Robin Wilson (2017); and Alan M. Turing, written by his mother, Sara, shortly after he died. The latter was republished in 2012 as Alan M. Turing – Centenary Edition with an Afterword entitled “My Brother Alan” by John Turing. The essay was added when it was discovered among John’s writings following his death. The republication also includes a new Foreword by Martin Davis, an American mathematician known for his model of post-Turing machines. Extended biographies of Christopher Morcom, Dillwyn Knox, Joan Clarke (the character of Pat Green in the play) and Sara Turing, which are provided as Addendums to this Guide, provide additional information about Alan. Beginnings Alan Mathison Turing was an English computer scientist, mathematician, logician, cryptanalyst, philosopher and theoretical biologist. He was born in a nursing home in Maida Vale, a tony residential district of London, England on June 23, 1912.
    [Show full text]
  • JADE TUTORIAL Security Administrator Guide
    JADE TUTORIAL Security Administrator guide USAGE RESTRICTED ACCORDING TO LICENSE AGREEMENT. last update: 19-September-2002. JADE 2.61 Author: Giosuè Vitaglione (TILAB, formerly CSELT) Copyright (C) 2002 TILAB S.p.A. JADE - Java Agent DEvelopment Framework is a framework to develop multi-agent systems in compliance with the FIPA specifications. JADE successfully passed the 1st FIPA interoperability test in Seoul (Jan. 99) and the 2nd FIPA interoperability test in London (Apr. 01). Copyright (C) 2000 CSELT S.p.A. (C) 2001 TILab S.p.A. (C) 2002 TILab S.p.A. This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation, version 2.1 of the License. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 1 TABLE OF CONTENTS 1 INTRODUCTION 4 1.1 Scope and target audience 4 1.2 How to use this document 4 1.3 System requirements 4 1.4 How to Install 4 2 JADE SECURITY MODEL 4 2.1 Overview 4 2.2 Basic Concepts 5 2.3 Authentication 6 2.4 Authorization 6 2.5 Permissions and Policies 6 2.6 Certificates & Certification Authority 7 2.7 Delegation 8 2.8 Secure
    [Show full text]
  • Cryptography, the Clipper Chip, and the Constitution
    THE METAPHOR IS THE KEY: CRYPTOGRAPHY, THE CLIPPER CHIP, AND THE CONSTITUTION A. MICHAEL FROOMKINt TABLE OF CONTENTS INTRODUCTION .................................. 712 I. MODERN CRYPTOGRAPHY: PRIVATE SECURITY, GOVERNMENT INSECURITY .................................. 718 A. Who Needs Cryptography?....................... 718 1. Banks, ATM-Users, Electronic Transactors ..... .719 2. Businesses with Commercial and Trade Secrets . 722 3. Professionals ............................ 724 4. National ID Cards and Data Authentication .... 725 5. Criminals ............................... 727 6. Users of Telephones, Electronic Mail, Faxes, or Computers .......................... 728 a. Cellular Telephones ..................... 728 b. Standard Telephones .................... 729 c. Faxes ............................... 729 d. E-mail ............................. 729 e. PersonalRecords ....................... 730 t © A. Michael Froomkin, 1995. Associate Professor, University of Miami School of Law. B.A. 1982, Yale College; M.Phil. 1984, Cambridge University;J.D. 1987, Yale Law School. Internet: [email protected] (PGP 2.6.2 public key appears infra note 787). Research for this article was supported by the University of Miami School of Law Summer Research Grant Fund. SueAnn Campbell, Nora de ]a Garza, YolandaJones, and Brian Williams provided superb library support, Rosalia Lliraldi provided secretarial support, andJulie Owen provided indefatigable research assistance. I am grateful to Abe Abraham, Stewart Baker, Tom Baker, Ken Bass, Caroline
    [Show full text]
  • The Imperial Japanese Navy IKA Cipher Machine
    The Imperial Japanese Navy IKA Cipher Machine Chris Christensen Department of Mathematics and Statistics Northern Kentucky University Highland Heights, KY 41099, USA [email protected] Abstract characters, and each character represents a word or phrase. Kanji precisely expresses language. The Imperial Japanese Navy IKA cipher An alternative method of expressing Japanese is machine was a predecessor to the more kana. There are two versions of kana – hiragana familiar Japanese cipher machines of the and katakana -- which consist of 46 basic 1931 and 1937 series. Nothing is known symbols plus some additional symbols and about the machine itself, but the cryptography diacritical marks. Kana is syllabic, and each of the machine is known. What follows character corresponds to a sound. It is not describes the cryptography of the IKA unusual that several kanji have the same machine and discusses that machine in the expression as kana. Reading kana is similar to context of the 1931 and 1937 series of deciphering a polyphonic cipher. Japanese has a Japanese cipher machines that followed it. special “kana Morse” code, and that code was used by the Imperial Japanese Navy to transmit 1 IJN Cipher Machines codes and ciphers that used kana characters. The In the 1930s and 1940s, the Imperial Japanese third method of expressing Japanese is romaji. Navy used a succession of three cipher machines Romaji uses Roman letters to transliterate kana. for secret administrative matters among shore The three dockyard ciphers mentioned above stations. The US Navy’s codebreaking section used katakana characters. OP-20-G referred to the ciphers as the “dockyard ciphers.” Until 21 July 1933, the machine that The cryptography of the 1931 series machines was used was called IKA1 (and the cipher was was based on the Damm half-rotor and a 47-pin designated JN 111).
    [Show full text]
  • Agent Development Toolkits
    International Journal of Advancements in Technology http://ijict.org/ ISSN 0976-4860 Agent Development Toolkits Aarti Singh 1, Dimple Juneja1, A.K. Sharma3 M.M.University,Mullana (Ambala), Haryana, India Y.M.C.A University of Science and Technology, Faridabad , Haryana , India [email protected] Development of agents as well as their wide usage requires good underlying infrastructure. Literature indicates scarcity of agent development tools in initial years of research which limited the exploitation of this beneficial technology. However, today a wide variety of tools are available, for developing robust infrastructure. This technical note provides a deep overview of such tools and contrasts features provided by them. Keywords: Multi-agent systems, agent development, agent communication, agent mobility, agent communication security 1. Introduction Large scale realization of agent applications requires frameworks, methodologies and tools that support effective development of agent systems. Historically the main obstacle in agent and multi agent system development used to be the infrastructure which refers to supporting environment where agents can communicate and achieve their desired goals. However, simply having an infrastructure is usually not enough. As user-acceptance of the infrastructure depends on ease of application development, versatility of applications, support for various standards & most importantly the security of communication among agents, security of agents on remote platforms and security of mobile agent hosting platforms. Nowadays many agent development tools and platforms of different quality and maturity are available and have been employed for different applications in different parts of the world. There is so far no consensus about which tool is best for agent development.
    [Show full text]
  • Cryptography 11
    Privacy on the Line The right of the people to be secure in their persons, houses, papers and effects against unreasonable searches and seizures shall not be violated, and no Warrants shall issue but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. Fourth Amendment United States Constitution The evil incident to invasion of privacy of the telephone is far greater than that involved in tampering with the mails. Whenever a telephone line is tapped, the privacy of persons at both ends of the line is invaded, and all conversations between them upon any subject, and although proper, confidential and privileged, may be overheard. Moreover, the tapping of one man’s telephone line involves the tapping of the telephone of every other person whom he may call or who may call him. As a means of espi- onage, writs of assistance and general warrants are but puny instruments of tyranny and oppression when compared with wire-tapping. Justice Louis Brandeis dissenting opinion in Olmstead v. United States (277 US 438, 1928, pp. 475–476) Senator Herman Talmadge: Do you remember when we were in law school, we studied a famous principle of law that came from England and also is well known in this country, that no matter how humble a man’s cottage is, that even the King of England cannot enter without his consent. Witness John Ehrlichman: I am afraid that has been considerably eroded over the years, has it not? Senator Talmadge: Down in my country we still think of it as a pretty legitimate piece of law.
    [Show full text]
  • Distributed Security for Multi-Agent Systems – Review and Applications H.F
    www.ietdl.org Published in IET Information Security Received on 22nd February 2010 Revised on 20th May 2010 doi: 10.1049/iet-ifs.2010.0041 Special Issue on Multi-Agent & Distributed Information Security ISSN 1751-8709 Distributed security for multi-agent systems – review and applications H.F. Rashvand1 K. Salah2 J.M.A. Calero3 L. Harn4 1University of Warwick, Director of Adv. Coms & Editor-in-Chief IET, School of Engineering, Coventry CV4 7AL, UK 2King Fahd University of Petroleum & Minerals, Associate Professor, Information & Computer Science, Saudi Arabia 3Universidad de Murcia, Facultad de informatica Campus de Espinado s/n, Espinardo 30100, Spain 4University of Missouri, Department of Computer Science Electrical Engineering, 5110 Rockhill Road, Kansas City, MO 64110, USA E-mail: [email protected] Abstract: As two major communication technologies, the internet and wireless, are maturing rapidly to dominate our civilised life, the authors urgently need to re-establish users’ confidence to harvest new potential applications of large-scale distributed systems. Service agents and distributed multi-agent systems (MASs) have shown the potential to help with this move as the lack of trust caused by heavily compromised security issues and concerns coupled with the out-of-date solutions are hindering the progress. The authors therefore seek new remedies to ensure that the continuity in developing new economies is maintained through building new solutions to address today’s techno-economical problems. Following a scan of the literature the authors discuss the state-of-the-art progress followed by some observations and remarks for the researchers in the field. Here the authors recognise the need for new ‘distributed security’ solutions, as an overlay service, to rejuvenate and exploit the distributed artificial intelligence (AI) techniques for secure MAS as a natural solution to pave the way to enable a long awaited application paradigm of the near future.
    [Show full text]