Engineering multi-agent systems

Security of an agent system is often limited, relying on basic cryptographic techniques without consideration of issues such as key maintenance, forming and communicating in secure groups, or interlayer security. From a security engineering perspective, multi-agent systems introduce new channels and possibly layers, resulting in additional security concerns. A comprehensive security engineering perspective - studying the information flow of the multi-layered system, identifying, analyzing and addressing multi-level security threats - is rarely taken. This paper presents a security engineering process for multi-agent systems - motivating the need for comprehensive security engineering and showing how to proceed with the process within an agent system. One of the largest obstacles in security engineering is understanding how to decompose a system into the parts that require security. This paper provides a decomposition for agent systems that can be directly applied to the security engineering process. Examples are given that detail the application of the presented security engineering process to: 1) a FIPA-compliant agent system; and 2) peer-to-peer content lookup. The most important contribution of this paper, is proposing a formal approach to addressing security within an agent system, where there exist unique and application-specific threats that must be addressed.

[1]  K. J. Bma Integrity considerations for secure computer systems , 1977 .

[2]  Jürgen Dix,et al.  Heterogeneous Agent Systems , 2000 .

[3]  Elizabeth A. Kendall,et al.  Patterns of intelligent and mobile agents , 1998, AGENTS '98.

[4]  Cynthia Della Torre Cicalese,et al.  The CoABS Grid , 2002, WRAC.

[5]  Wayne A. Jansen,et al.  Countermeasures for mobile agent security , 2000, Comput. Commun..

[6]  Christopher W. Geib,et al.  An open agent architecture for assisting elder independence , 2002, AAMAS '02.

[7]  H. Zimmermann,et al.  OSI Reference Model - The ISO Model of Architecture for Open Systems Interconnection , 1980, IEEE Transactions on Communications.

[8]  Bennet S. Yee A Sanctuary for Mobile Agents , 2001, Secure Internet Programming.

[9]  Erwin Bonsma,et al.  Core specification and experiments in DIET: a decentralised ecosystem-inspired mobile agent system , 2002, AAMAS '02.

[10]  Russell P. Lentini,et al.  EMAA : An Extendable Mobile Agent Architecture , 1998 .

[11]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[12]  A. Roadmapof A Roadmap of Agent Research and Development , 1995 .

[13]  David R. Karger,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[14]  FIPA Abstract Architecture Specification , 2002 .

[15]  Daniela Rus,et al.  Digital Digital Transportable Information Agents Transportable Information Agents , 1996 .

[16]  Christian F. Tschudin,et al.  Protecting Mobile Agents Against Malicious Hosts , 1998, Mobile Agents and Security.

[17]  David R. Karger,et al.  Chord: a scalable peer-to-peer lookup protocol for internet applications , 2003, TNET.

[18]  Katia P. Sycara,et al.  Adding security and trust to multiagent systems , 2000, Appl. Artif. Intell..

[19]  Katia P. Sycara,et al.  Distributed Intelligent Agents , 1996, IEEE Expert.

[20]  Danny B. Lange,et al.  A Security Model for Aglets , 1997, IEEE Internet Comput..

[21]  Gene Tsudik,et al.  Itinerant Agents for Mobile Computing , 1995, IEEE Communications Surveys & Tutorials.

[22]  Eugene H. Spafford,et al.  Computer Vulnerability Analysis , 1998 .

[23]  Claudia Eckert On security models , 1996, SEC.

[24]  D. E. Bell,et al.  Secure Computer Systems : Mathematical Foundations , 2022 .

[25]  Munindar P. Singh,et al.  Agents on the Web: Mobile Agents , 1997, IEEE Internet Comput..

[26]  Giovanni Vigna,et al.  An Intrusion Detection System for Aglets , 2002, Mobile Agents.

[27]  Mark Handley,et al.  A scalable content-addressable network , 2001, SIGCOMM '01.

[28]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[29]  Katia P. Sycara,et al.  The RETSINA MAS Infrastructure , 2003, Autonomous Agents and Multi-Agent Systems.

[30]  David W. Hildum,et al.  MASCOT: An Agent-based Architecture for Coordinated Mixed-Initiative Supply Chain Planning and Scheduling , 1999 .

[31]  James A. Hendler,et al.  Agents and the Semantic Web , 2001, IEEE Intell. Syst..

[32]  Wayne A. Jansen,et al.  Mobile Agent Security , 1999 .

[33]  Keith S. Decker,et al.  DECAF - A Flexible Multi Agent System Architecture , 2003, Autonomous Agents and Multi-Agent Systems.

[34]  Aaron Kershenbaum,et al.  Mobile Agents: Are They a Good Idea? , 1996, Mobile Object Systems.

[35]  Giovanni Vigna,et al.  Evaluating the Security of Three Java-Based Mobile Agent Systems , 2001, Mobile Agents.

[36]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[37]  William M. Farmer,et al.  Security for Mobile Agents: Authentication and State Appraisal , 1996, ESORICS.

[38]  Eugene H. Spafford,et al.  Use of A Taxonomy of Security Faults , 1996 .

[39]  Roy H. Campbell,et al.  Dynamic Agent-Based Security Architecture For Mobile Computers , 1998 .

[40]  Katherine L. Morse,et al.  The Security-Specific Eight Stage Risk Assessment Methodology , 1994 .