Mobile Agents Security Protocols

Mobile agents are expected to run in partially unknown and untrustworthy environments. They transport from one host to another host through insecure channels and may execute on non-trusted hosts. Thus, they are vulnerable to direct security attacks of intruders and non-trusted hosts. The security of information the agents collect is a fundamental requirement for a trusted implementation of electronic business applications and trade negotiations. This chapter discusses the security protocols presented in the literature that aim to secure the data mobile agents gather while searching the Internet, and identifies the security flaws revealed in the protocols. The protocols are analyzed with respect to the security properties, and the security flaws are identified. Two recent promising protocols that fulfill the various security properties are described. The chapter also introduces common notations used in describing security protocols and describes the security properties of the data that mobile agents gather.

[1]  Jonathan K. Millen,et al.  The Interrogator: Protocol Secuity Analysis , 1987, IEEE Transactions on Software Engineering.

[2]  Bo Chen,et al.  Integrating mobile agent technology with multi-agent systems for distributed traffic detection and management systems , 2009 .

[3]  Nicholas R. Jennings,et al.  Developing agent Web service agreements , 2005, The 2005 IEEE/WIC/ACM International Conference on Web Intelligence (WI'05).

[4]  Martín Abadi,et al.  Just fast keying in the pi calculus , 2004, TSEC.

[5]  Gavin Lowe,et al.  Casper: a compiler for the analysis of security protocols , 1997, Proceedings 10th Computer Security Foundations Workshop.

[6]  John M. Rushby Tutorial: Automated Formal Methods with PVS, SAL, and Yices , 2006, Fourth IEEE International Conference on Software Engineering and Formal Methods (SEFM'06).

[7]  N. Asokan,et al.  Protecting the computation results of free-roaming agents , 2005, Personal Technologies.

[8]  Martín Abadi,et al.  Computing symbolic models for verifying cryptographic protocols , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[9]  Lawrence C. Paulson,et al.  Proving properties of security protocols by induction , 1997, Proceedings 10th Computer Security Foundations Workshop.

[10]  Catherine A. Meadows,et al.  Language generation and verification in the NRL protocol analyzer , 1996, Proceedings 9th IEEE Computer Security Foundations Workshop.

[11]  Hanifa Boucheneb,et al.  A Secure Protocol Based on a Sedentary Agent for Mobile Agent Environments , 2007 .

[12]  Dipti Srinivasan,et al.  Cooperative, hybrid agent architecture for real-time traffic signal control , 2003, IEEE Trans. Syst. Man Cybern. Part A.

[13]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[14]  Peter Sewell Global/Local Subtyping and Capability Inference for a Distributed pi-calculus , 1998, ICALP.

[15]  Giovanni Vigna,et al.  Cryptographic Traces for Mobile Agents , 1998, Mobile Agents and Security.

[16]  Glenn Platt,et al.  A deployed multi-agent framework for distributed energy applications , 2006, AAMAS '06.

[17]  Benjamin Aziz,et al.  A Calculus for Secure Mobility , 2003, ASIAN.

[18]  Volker Roth,et al.  Empowering Mobile Software Agents , 2002, Mobile Agents.

[19]  Michele Boreale,et al.  Symbolic Trace Analysis of Cryptographic Protocols , 2001, ICALP.

[20]  John C. Mitchell,et al.  Automated analysis of cryptographic protocols using Mur/spl phi/ , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[21]  Tony White,et al.  Mobile agents for network management , 1998, IEEE Communications Surveys & Tutorials.

[22]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[23]  Maria Grazia Buscemi,et al.  Experimenting with STA, a tool for automatic analysis of security protocols , 2002, SAC '02.

[24]  Jan Vitek,et al.  Seal: A Framework for Secure Mobile Computations , 1998, ICCL Workshop: Internet Programming Languages.

[25]  Martín Abadi,et al.  A Calculus for Cryptographic Protocols: The spi Calculus , 1999, Inf. Comput..

[26]  Maria Grazia Buscemi,et al.  A Framework for the Analysis of Security Protocols , 2002, CONCUR.

[27]  Martín Abadi,et al.  Mobile values, new names, and secure communication , 2001, POPL '01.

[28]  Riccardo Sisto,et al.  Using SPIN to Verify Security Properties of Cryptographic Protocols , 2002, SPIN.