Formally modeling and analyzing a secure mobile agent finder

Mobile agents provide a powerful and flexible paradigm for the development of autonomic computing systems. However, due to the security concern, mobile agents are not popularly used for real-world systems. In this paper, we define a security framework that can effectively protect mobile agents and agent systems from intruder attacking. In the framework, a mobile agent finder, which is extended with a registration protocol, is used to authenticate and authorize agent systems, incoming messages, and agents. We formally model the secure mobile agent finder using predicate transition nets, and analyze the models using model checking tool Spin. The results help us to develop high confidence applications using mobile agents. In addition, the modeling and analysis approach can be easily extended to develop other complex software systems.

[1]  Daniel Moldt,et al.  Modelling Mobility and Mobile Agents Using Nets within Nets , 2003, ICATPN.

[2]  Dejan S. Milojicic,et al.  MASIF: The OMG mobile agent system interoperability facility , 1998, Personal Technologies.

[3]  Wayne Jansen,et al.  NIST Special Publication 800-19 – Mobile Agent Security , 2000 .

[4]  Dianxiang Xu,et al.  A Formal Architectural Model for Logical Agent Mobility , 2003, IEEE Trans. Software Eng..

[5]  Christian F. Tschudin,et al.  Protecting Mobile Agents Against Malicious Hosts , 1998, Mobile Agents and Security.

[6]  Xudong He,et al.  Modeling and analyzing security protocols in SAM: A case study , 2004, IASTED Conf. on Software Engineering and Applications.

[7]  Zohar Manna,et al.  A hierarchy of temporal properties (invited paper, 1989) , 1990, PODC '90.

[8]  Wayne A. Jansen,et al.  Mobile Agent Security , 1999 .

[9]  Guy Leduc,et al.  A Computer Aided Design of a Secure Registration Protocol , 1997, FORTE.

[10]  Fritz Hohl,et al.  A framework to protect mobile agents by using reference states , 2000, Proceedings 20th IEEE International Conference on Distributed Computing Systems.

[11]  Haiping Xu,et al.  A Framework for Model-Based Design of Agent-Oriented Software , 2003, IEEE Trans. Software Eng..

[12]  Shin Nakajima,et al.  The SPIN Model Checker : Primer and Reference Manual , 2004 .

[13]  Rüdiger Valk,et al.  Petri Nets as Token Objects: An Introduction to Elementary Object Nets , 1998, ICATPN.

[14]  George Cybenko,et al.  Mobile Agents: Motivations and State-of-the-Art Systems , 2000 .

[15]  Haiping Xu,et al.  ADK: An Agent Development Kit Based on a Formal Design Model for Multi-Agent Systems , 2003, Automated Software Engineering.