Securing mobile agents for crisis management support

Supporting emergency responders with mobile software agents promise increasing the efficiency of crisis management. While mobile agents offer many advantages, they also pose new challenges to security. However, security is a key prerequisite in crisis situations. A main security requirement is to create an agent execution environment that will not attack the agents. To secure mobile agents we have created an architecture that uses Trusted Computing to create a trusted execution environment for mobile agents on commodity-of-the-shelf computing hardware. We protect the load-time integrity of the trusted execution environment by measuring its software configuration and using a local attestation verification token to verify the software configuration. This token is the Secure Docking Module, a security chip protecting the cryptographic resources required to join the mobile agent software platform and authorize mobile agents. The SDM is implemented on a modern security chip. With our security architecture we can provide a mobile agent platform that is resilient against malicious agent execution environments, making the use of mobile agents in crisis management viable.

[1]  Ladislav Hluchý,et al.  Platform for distributed execution of agents for trusted data collection , 2010, ICCS.

[2]  Adrian Perrig,et al.  Turtles all the way down: research challenges in user-based attestation , 2007, WRAITS '08.

[3]  Stefan Kraxberger,et al.  An autonomous attestation token to secure mobile agents in disaster response , 2009, Secur. Commun. Networks.

[4]  Huanguo Zhang,et al.  The Mobile Agent Security Enhanced by Trusted Computing Technology , 2006, 2006 International Conference on Wireless Communications, Networking and Mobile Computing.

[5]  Moshe Kam,et al.  Service-based computing on manets: enabling dynamic interoperability of first responders , 2005, IEEE Intelligent Systems.

[6]  Milind Tambe,et al.  Agent-Based Simulations for Disaster Rescue Using the DEFACTO Coordination System , 2005, Emergent Information Technologies and Enabling Policies for Counter-Terrorism.

[7]  Shane Balfe,et al.  Mobile Agents and the Deus Ex Machina , 2007, 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07).

[8]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[9]  Apostolos P. Fournaris Hardware Module Design for Ensuring Trust , 2010, 2010 IEEE Computer Society Annual Symposium on VLSI.

[10]  Athanasios T. Karygiannis,et al.  SP 800-19. Mobile Agent Security , 1999 .

[11]  Daniel M. Hein,et al.  A Trusted Computing Identity Collation Protocol to Simplify Deployment of New Disaster Response Devices , 2010, J. Univers. Comput. Sci..

[12]  Stefan Kraxberger,et al.  Securing Emergency Response Operations Using Distributed Trust Decisions , 2010, 2010 Fourth International Conference on Network and System Security.

[13]  Abraham Martín-Campillo,et al.  Mobile Agents for Critical Medical Information Retrieving from the Emergency Scene , 2009, PAAMS.

[14]  Michael Gissing,et al.  acTvSM: A Dynamic Virtualization Platform for Enforcement of Application Integrity , 2010, INTRUST.

[15]  Christine Julien,et al.  SMASH: Modular Security for Mobile Agents , 2007, SELMAS.

[16]  Nalini Venkatasubramanian,et al.  DrillSim: A Simulation Framework for Emergency Response Drills , 2006, ISI.

[17]  Adrian Perrig,et al.  Lockdown: Towards a Safe and Practical Architecture for Security Applications on Commodity Platforms , 2012, TRUST.

[18]  Jason Michael Honda Application of mobile agent systems to first responder training , 2009 .

[19]  Bryan Parno,et al.  Bootstrapping Trust in a "Trusted" Platform , 2008, HotSec.

[20]  Wayne Jansen,et al.  NIST Special Publication 800-19 – Mobile Agent Security , 2000 .

[21]  David Grawrock,et al.  Dynamics of a trusted platform: a building block approach , 2009 .