Mobile agents have exhibited many useful applications in e-commerce. Security is critical to ensure a success of mobile agent applications. There exist several solutions for mobile agent security. Amongst these solutions, the proxy-based model is believed to be a sound solution to provide authentication, where the visiting host of an agent acts as a proxy signer who can sign an offer. However, any host (including a malicious host) could act as the signer. To solve this problem, a secure policy-based mobile agent scheme is proposed in this paper. That is, only the hosts who satisfy the designated policies can generate a valid signature. We also provide a security model and a rigorous security proof for our proposed scheme.