Sea-of-Data (SoD) applications (those that need to process huge quantities of distributed data) present specific restrictions, which make mobile agent systems one of the most feasible technologies to implement them. On the other hand mobile agent technologies are in a hot research state, specially concerning security. We present an access control method for mobile agent systems. It is based on Role-based Access Control and trust management to provide a reliable solution for e-commerce SoD applications. It uses SPKI certificates to implement the role system and the delegation of authorization. It is proposed as an extension of the MARISM-A project, a secure mobile agent platform for SoD application. We also show its functionality with an e-commerce SoD medical imaging data application, which is based on a scenario of the IST project INTERPRET.