A Security Model for Aglets

Mobile agents offer a new paradigm for distributed computation, but their potential benefits must be weighed against the very real security threats they pose. These threats originate not just in malicious agents but in malicious hosts as well. For example, if there is no mechanism to prevent attacks, a host can implant its own tasks into an agent or modify the agent's state. This can lead in turn to theft of the agent's resources if it has to pay for the execution of tasks, or to loss of the agent's reputation if its state changes from one host to another in ways that alter its behavior in negative ways. Aglets are mobile agents developed at IBM's Tokyo Research Laboratory. The article describes a security model for the Aglets development environment that supports flexible architectural definition of security policies.

[1]  William M. Farmer,et al.  Security for Mobile Agents: Issues and Requirements , 1996 .

[2]  Robert S. Gray,et al.  Agent Tcl: a Exible and Secure Mobile-agent System , 1996 .

[3]  Luís Valente,et al.  Mobile agent security and Telescript , 1996, COMPCON '96. Technologies for the Information Superhighway Digest of Papers.

[4]  Tim Finin,et al.  Secret Agents - A Security Architecture for the KQML Agent Communication Language , 1995, CIKM 1995.

[5]  Li Gong,et al.  New security architectural directions for Java , 1997, COMPCON.

[6]  Holger Peine,et al.  The Architecture of the Ara Platform for Mobile Agents , 1999, Mobile Agents.

[7]  Kazuya Kosaka,et al.  Aglets: Programming Mobile Agents in Java , 1997, WWCA.

[8]  Joann J. Ordille,et al.  When agents roam, who can you trust? , 1996, Proceedings of COM'96. First Annual Conference on Emerging Technologies and Applications in Communications.