Multi-agent Security Architecture for a Sharia Compliant E-auction

Electronic auction has introduced new processes in the way auction is conducted which require investigation to ensure compliancy to Sharia (Islamic principles that are based on Qur’an and Sunnah) rules. The use of mobile software agent in electronic auction marketplaces adds ubiquity power to the bidders. In particular it allows agents to quicker respond to local changes in auction marketplaces and make bidding strategy decisions faster than remote agents or human participants could. Nevertheless, mobile agent raises issues concerning malicious attacks from a variety of intervening sources that might alter the sensitive information it carries. A multi-agent based e-auction must fit the concept of halal trade and address the problems resulting from fraud activities in online auction. Most auction frauds such as bid shilling and bid shielding also violate Sharia transaction law. If an attacker gains information on sensitive data such as the maximum bid for the bidders, the information can be manipulated to artificially increase prices through bid shilling. A Sharia compliant e-auction must comply with Islamic business law and offer secure and trustworthy trading environment. This paper discusses findings of non-compliances to Sharia rules found in the case studies conducted on a number of major online auction systems. This paper focuses on addressing the bid shilling problem by proposing multi-agent security architecture for Sharia compliant e-auction which encompasses security protocols for mobile agent authentication and confidentiality of sensitive information. Mobile agents are used to carry bidders’ and sellers’ data. Cryptography protocol such as encryption/decryption, digital signature and hash function are used and applied on identified high and low risk data.