A Secure Mobile Agents Platform

Mobile Agents is a new paradigm for distributed computing where security is very essential to the acceptance of this paradigm in a large scale distributed environment. In this paper, we propose protection mechanisms for mobile agents. In these mechanisms, the authentication of mobile agents and the access control to the system resources are controlled by the mobile-agents platform. Each agent defines its own access control policy with regard to other agents using an Interface Definition Language (IDL), thus enforcing modularity and easing programming task. An evaluation of these mechanisms has been conducted. The measurements give the overhead involved by the proposed protection mechanisms to the performance of mobile agents. An important advantage of our protection mechanisms are transparency to agents and the portability of nonsecure applications onto a secure environment. A mobile agent system and the protection mechanisms have been implemented. Our experiments have shown the feasibility and the advantages of our mechanisms.

[1]  Leila Ismail,et al.  Evaluation of Authentication Mechanisms for Mobile Agents on top of Java , 2007, 6th IEEE/ACIS International Conference on Computer and Information Science (ICIS 2007).

[2]  William Stallings,et al.  Cryptography and network security , 1998 .

[3]  Roger Riggs,et al.  Pickling State in the Java System , 1996, Comput. Syst..

[4]  Roger Riggs,et al.  A Distributed Object Model for the Java System , 1996, Comput. Syst..

[5]  Giovanni Vigna,et al.  Protecting Mobile Agents through Tracing , 1997 .

[6]  Charles P. Pfleeger,et al.  Security in computing , 1988 .

[7]  Aaron Kershenbaum,et al.  Mobile Agents: Are They a Good Idea? , 1996, Mobile Object Systems.

[8]  Antonio Puliafito,et al.  Design and development of a practical security model for a mobile agent system , 2002, Proceedings ISCC 2002 Seventh International Symposium on Computers and Communications.

[9]  CodeChristian Damsgaard Jensen Capability Based Protection for Hosting Mobile , 2007 .

[10]  Volker Roth,et al.  Access control and key management for mobile agents , 1998, Comput. Graph..

[11]  Maria Ganzha,et al.  Mobile agents in a multi-agent e-commerce system , 2005, Seventh International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC'05).

[12]  John Zachary Protecting Mobile Code in the Wild , 2003, IEEE Internet Comput..

[13]  Nadia Erdogan,et al.  A Two-Leveled Mobile Agent System for E-commerce with Constraint-Based Filtering , 2004, International Conference on Computational Science.

[14]  Graham Glass,et al.  ObjectSpace Voyager - The Agent ORB for Java , 1998, WWCA.

[15]  Scott Oaks,et al.  Java Security , 1998 .

[16]  Christian F. Tschudin,et al.  Protecting Mobile Agents Against Malicious Hosts , 1998, Mobile Agents and Security.

[17]  Danny B. Lange,et al.  Programming and Deploying Java¿ Mobile Agents with Aglets¿ , 1998 .

[18]  Joe Kilian,et al.  One-Round Secure Computation and Secure Autonomous Mobile Agents , 2000, ICALP.

[19]  Daniel Hagimont,et al.  A protection scheme for mobile agents on Java , 1997, MobiCom '97.

[20]  James A. Gosling,et al.  The java language environment: a white paper , 1995 .

[21]  George Cybenko,et al.  D'Agents: Security in a Multiple-Language, Mobile-Agent System , 1998, Mobile Agents and Security.

[22]  Pankaj Kumar J2EE Security for Servlets, EJBs, and Web Services: Applying Theory and Standards to Practice , 2003 .

[23]  N. Asokan,et al.  Protecting the computation results of free-roaming agents , 2005, Personal Technologies.

[24]  Matt Bishop,et al.  Computer Security: Art and Science , 2002 .

[25]  Christian F. Tschudin,et al.  Towards mobile cryptography , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).