Embedding JAAS in agent roles to apply local security policies

Agents are an emerging technology that grants programmers a new way to exploit distributed resources. Roles are a powerful concept that can be used to model agent interactions, allowing agents to dynamically acquire operations to make specific tasks, and enabling separation of concerns and code reusability. Nevertheless roles should be developed taking into account permissions needed for the execution of their operations. The standard Java policy file mechanism does not suffice in this scenario, since a fine grain in managing permissions is required. This paper focuses on how to exploit the Java Authentication and Authorization Service (JAAS) at the role level in order to apply authorization and local policies to Java agents for limiting their operations.

[1]  Letizia Leonardi,et al.  Role agent pattern: a developer guideline , 2003, SMC'03 Conference Proceedings. 2003 IEEE International Conference on Systems, Man and Cybernetics. Conference Theme - System Security and Assurance (Cat. No.03CH37483).

[2]  张晓丽,et al.  Enterprise Java Beans技术架构分析 , 2001 .

[3]  Franco Zambonelli,et al.  Implementing role-based interactions for Internet agents , 2003, 2003 Symposium on Applications and the Internet, 2003. Proceedings..

[4]  NICHOLAS R. JENNINGS,et al.  An agent-based approach for building complex software systems , 2001, CACM.

[5]  Franco Zambonelli,et al.  Modeling Role-based Interactions for Agents , 2002, OOPSLA 2002.

[6]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[7]  Ralph Johnson,et al.  design patterns elements of reusable object oriented software , 2019 .

[8]  Michael Becht,et al.  ROPE: role oriented programming environment for multiagent systems , 1999, Proceedings Fourth IFCIS International Conference on Cooperative Information Systems. CoopIS 99 (Cat. No.PR00384).

[9]  N. Lhuillier,et al.  Security in Multi-Agent Systems: JADE-S goes Distributed , 2003 .