The Internet is an open and global programming environment where applicatio
ns and services mostly follow the traditional client/server model. The use
of new programming paradigms based on mobile entities, such as mobile agent
s (MA), can accelerate the process of diffusion of new applications and ser
vices in the areas of e-commerce, network and systems management, and mobil
e computing. However, the lack of security is one of the main obstacles to
a wide diffusion of MA. On the one hand, mobility increases the potential o
f security breaches because of the injection of possibly malicious MAs; on
the other hand, it introduces the new issue of protecting MAs against integ
rity and secrecy attacks from their execution environments. This paper disc
usses the security issues introduced by the MA technology and proposes a se
curity architecture composed of a wide set of services and components, whic
h adequately fulfil the requirements of several application areas. The impl
ementation of the security framework in the secure and open MA system has p
rovided the support for the development of a secure electronic marketplace
prototype that demonstrates the effectiveness of adopting the MA technology
in the Internet environment.