Secure Agents

With the rapid proliferation of software agents, there comes an increased need for agents to ensure that they do not provide data and/or services to unauthorized users. We first develop an abstract definition of what it means for an agent to preserve data/action security. Most often, this requires an agent to have knowledge that is impossible to acquire – hence, we then develop approximate security checks that take into account, the fact that an agent usually has incomplete/approximate beliefs about other agents. We develop two types of security checks – static ones that can be checked prior to deploying the agent, and dynamic ones that are executed at run time. We prove that a number of these problems are undecidable, but under certain conditions, they are decidable and (our definition of) security can be guaranteed. Finally, we propose a language within which the developer of an agent can specify her security needs, and present provably correct algorithms for static/dynamic security verification.

[1]  P. Dangerfield Logic , 1996, Aristotle and the Stoics.

[2]  Marianne Winslett,et al.  Formal query languages for secure relational databases , 1994, TODS.

[3]  V. S. Subrahmanian,et al.  Heterogeneous Active Agents, I: Semantics , 1999, Artif. Intell..

[4]  V. S. Subrahmanian,et al.  Heterogeneous Active Agents, II: Algorithms and Complexity , 1999, Artif. Intell..

[5]  KrausSarit Negotiation and cooperation in multi-agent environments , 1997 .

[6]  Oren Etzioni,et al.  A softbot-based interface to the Internet , 1994, CACM.

[7]  Giovanni Vigna,et al.  Cryptographic Traces for Mobile Agents , 1998, Mobile Agents and Security.

[8]  Elisa Bertino,et al.  A Temporal Access Control Mechanism for Database Systems , 1996, IEEE Trans. Knowl. Data Eng..

[9]  J. Lloyd Foundations of Logic Programming , 1984, Symbolic Computation.

[10]  Vipin Swarup,et al.  Authentication for Mobile Agents , 1998, Mobile Agents and Security.

[11]  Emil C. Lupu,et al.  Role-based security for distributed object systems , 1996, Proceedings of WET ICE '96. IEEE 5th Workshop on Enabling Technologies; Infrastucture for Collaborative Enterprises.

[12]  George Cybenko,et al.  D'Agents: Security in a Multiple-Language, Mobile-Agent System , 1998, Mobile Agents and Security.

[13]  Eduardo Alonso Fernández,et al.  Rules of encounter: designing conventions for automated negotiation among computers , 1995 .

[14]  Z. Tari Using agents for secure access to data in the Internet : The global Internet : Part 2 , 1997 .

[15]  Emil C. Lupu,et al.  Reconciling role based management and role based access control , 1997, RBAC '97.

[16]  Sarit Kraus,et al.  Negotiation and Cooperation in Multi-Agent Environments , 1997, Artif. Intell..

[17]  Michael P. Wellman A Market-Oriented Programming Environment and its Application to Distributed Multicommodity Flow Problems , 1993, J. Artif. Intell. Res..

[18]  Kazuya Kosaka,et al.  The Aglets project , 1999, CACM.

[19]  Fritz Hohl An Approach to Solve the Problem of Malicious Hosts , 1998 .

[20]  V. S. Subrahmanian Amalgamating knowledge bases , 1994, TODS.

[21]  Sumit Ghosh,et al.  A fundamental framework for network security , 1997 .

[22]  Tim Finin,et al.  Secret Agents - A Security Architecture for the KQML Agent Communication Language , 1995, CIKM 1995.

[23]  Qi He,et al.  Personal security agent: KQML-based PKI , 1998, AGENTS '98.

[24]  Munindar P. Singh,et al.  Readings in agents , 1997 .

[25]  William M. Farmer,et al.  Security for Mobile Agents: Authentication and State Appraisal , 1996, ESORICS.

[26]  Frédéric Cuppens,et al.  A Modal Logic Framework to Solve Aggregation Problems , 1991, DBSec.

[27]  Emil C. Lupu,et al.  Towards A Role-Based Framework for Distributed Systems Management , 1997, Journal of Network and Systems Management.

[28]  Antonio Puliafito,et al.  Java-Based and Secure Learning Agents for Information Retrieval in Distributed Systems , 1999, Inf. Sci..

[29]  Nicholas R. Jennings,et al.  Intelligent agents: theory and practice , 1995, The Knowledge Engineering Review.

[30]  Gio Wiederhold,et al.  Intelligent integration of information , 1993, SIGMOD Conference.

[31]  Brahim Chaib-draa,et al.  An overview of distributed artificial intelligence , 1996 .

[32]  Marianne Winslett,et al.  Secure access to data over the Internet , 1994, Proceedings of 3rd International Conference on Parallel and Distributed Information Systems.

[33]  Pattie Maes,et al.  Agents that reduce work and information overload , 1994, CACM.

[34]  Craig A. Knoblock,et al.  Retrieving and Integrating Data from Multiple Information Sources , 1993, Int. J. Cooperative Inf. Syst..

[35]  Robert B. Ross,et al.  Impact: a platform for collaborating agents , 1999, IEEE Intell. Syst..

[36]  Leonard N. Foner A Security Architecture for Multi-Agent Matchmaking , 1996 .

[37]  Eugene H. Spafford,et al.  Applying Genetic Programming to Intrusion Detection , 1995 .

[38]  Jonathan K. Millen,et al.  Security for object-oriented database systems , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[39]  Kurt Geihs,et al.  Security Requirements for Mobile Agents in Electronic Markets , 1998, Trends in Distributed Systems for Electronic Commerce.

[40]  Sushil Jajodia,et al.  Toward a multilevel secure relational data model , 1991, SIGMOD '91.

[41]  R. G. G. Cattell,et al.  The Object Database Standard: ODMG-93 , 1993 .

[42]  Christian F. Tschudin,et al.  Protecting Mobile Agents Against Malicious Hosts , 1998, Mobile Agents and Security.

[43]  J. Doug Tygar,et al.  A model for secure protocols and their compositions , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[44]  Danny B. Lange,et al.  Programming and Deploying Java¿ Mobile Agents with Aglets¿ , 1998 .

[45]  Huaiqing Wang,et al.  Toward a Multi-Agent Security System: A Conceptual Model for Internet Security , 1998 .

[46]  Timothy W. Finin,et al.  A semantics approach for KQML , 1994, International Conference on Information and Knowledge Management.

[47]  Roy H. Campbell,et al.  Dynamic Agent-Based Security Architecture For Mobile Computers , 1998 .

[48]  A. R. Turquette,et al.  Logic, Semantics, Metamathematics , 1957 .

[49]  David M. Chess,et al.  Security Issues in Mobile Code Systems , 1998, Mobile Agents and Security.

[50]  W. A. Jansen,et al.  MOBILE AGENTS AND SECURITY , 1999 .

[51]  Nicholas R. Jennings,et al.  Controlling Cooperative Problem Solving in Industrial Multi-Agent Systems Using Joint Intentions , 1995, Artif. Intell..

[52]  Sarit Kraus,et al.  Data-Security in Heterogeneous Agent Systems , 1998, CIA.

[53]  S. O. Soueina,et al.  MALL: A Multi-Agent Learning Language for Competitive and Uncertain Environments , 1998 .

[54]  V. S. Subrahmanian,et al.  Heterogeneous Active Agents , 1998 .

[55]  George C. Necula,et al.  Research on proof-carrying code for untrusted-code security , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[56]  Sarit Kraus,et al.  Foundations of Secure Deductive Databases , 1995, IEEE Trans. Knowl. Data Eng..

[57]  Elisa Bertino,et al.  Authorizations in relational database management systems , 1993, CCS '93.

[58]  Frédéric Cuppens,et al.  A definition of secure dependencies using the logic of security , 1991, Proceedings Computer Security Foundations Workshop IV.

[59]  Timothy W. Finin,et al.  Semantics for an Agent Communication Language , 1997, ATAL.

[60]  Richard Spencer-Smith,et al.  Modal Logic , 2007 .