Mobile agents and security: protocols for integrity

The Mobile Agent paradigm seems to be a promising and innovative technology for developing applications in open, distributed and heterogeneous environments because it can overcome some of the limits of traditional Client/Server approaches. Many application areas, such as e-commerce, mobile computing, network management and information retrieval can benefit from the application of the MA technology. The widespread use of mobile agents is currently mainly limited by the lack of security, a requirement that should be faced when dealing with the Internet untrusted environment. The paper focuses on the problem of ensuring the integrity of agents in these environments and presents a range of solution strategies. In particular, it describes and compares two different approaches to achieve agent integrity. The first one makes use of a Trusted Third Party entity, while the second one is based on a distributed protocol that does not assume any secure collaborating entity. The two solutions suite different areas and we have integrated them in a flexible environment, called Secure and Open Mobile Agent (SOMA), that can support a wide range of applications.

[1]  Giovanni Vigna,et al.  Understanding Code Mobility , 1998, IEEE Trans. Software Eng..

[2]  Antonio Corradi,et al.  Melding Abstractions with Mobile Agents , 1998, CIA.

[3]  Giovanni Vigna,et al.  Mobile Agents and Security , 1998, Lecture Notes in Computer Science.

[4]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[5]  Bennet S. Yee A Sanctuary for Mobile Agents , 2001, Secure Internet Programming.

[6]  Levente Buttyán,et al.  On the Problem of Trust in Mobile Agent Systems , 1998, NDSS.

[7]  Li Gong,et al.  Java security: present and near future , 1997, IEEE Micro.

[8]  Douglas Low,et al.  Protecting Java code via code obfuscation , 1998, CROS.

[9]  Volker Roth,et al.  Secure Recording of Itineraries through Co-operating Agents , 1998, ECOOP Workshops.

[10]  N. Asokan,et al.  Protecting the computation results of free-roaming agents , 1998, Personal Technologies.

[11]  George C. Necula,et al.  Proof-carrying code , 1997, POPL '97.