A survey of security issue in multi-agent systems

Multi-agent systems have attracted the attention of researchers because of agents’ automatic, pro-active, and dynamic problem solving behaviors. Consequently, there has been a rapid development in agent technology which has enabled us to provide or receive useful and convenient services in a variety of areas such as banking, transportation, e-business, and healthcare. In many of these services, it is, however, necessary that security is guaranteed. Unless we guarantee the security services based on agent-based systems, these services will face significant deployment problems. In this paper, we survey existing work related to security in multi-agent systems, especially focused on access control and trust/reputation, and then present our analyses. We also present existing problems and discuss future research challenges.

[1]  Aaron Kershenbaum,et al.  Mobile Agents: Are They a Good Idea? , 1996, Mobile Object Systems.

[2]  Marcelo Masera,et al.  A context-related authorization and access control method based on RBAC: , 2002, SACMAT '02.

[3]  Vicent J. Botti,et al.  Kerberos-Based Secure Multiagent Platform , 2009, ProMAS.

[4]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[5]  Pierangela Samarati,et al.  Authentication, access control, and audit , 1996, CSUR.

[6]  Andrea Omicini,et al.  RBAC for Organisation and Security in an Agent Coordination Infrastructure , 2005, SecCo.

[7]  Haralambos Mouratidis,et al.  Enhancing Secure Tropos to Effectively Deal with Security Requirements in the Development of Multiagent Systems , 2009, Safety and Security in Multiagent Systems.

[8]  Volker Roth,et al.  Secure Recording of Itineraries through Co-operating Agents , 1998, ECOOP Workshops.

[9]  Nathan Griffiths,et al.  Task delegation using experience-based multi-dimensional trust , 2005, AAMAS '05.

[10]  Munindar P. Singh,et al.  Trust via evidence combination: A mathematical approach based on certainty , 2006 .

[11]  Mustaque Ahamad,et al.  A context-aware security architecture for emerging applications , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[12]  Bin Li,et al.  A Dynamic Trust Model for the Multi-agent Systems , 2008, 2008 International Symposiums on Information Processing.

[13]  Jordi Sabater-Mir,et al.  REGRET: reputation in gregarious societies , 2001, AGENTS '01.

[14]  Jacques Ferber,et al.  Multi-agent systems - an introduction to distributed artificial intelligence , 1999 .

[15]  Milan Rollo,et al.  Communication Security in Multi-agent Systems , 2003, CEEMAS.

[16]  Vipin Swarup,et al.  Authentication for Mobile Agents , 1998, Mobile Agents and Security.

[17]  Nicholas R. Jennings,et al.  Certified reputation: how an agent can trust a stranger , 2006, AAMAS '06.

[18]  Nicholas R. Jennings,et al.  Intelligent agents: theory and practice , 1995, The Knowledge Engineering Review.

[19]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[20]  J. C. Byington,et al.  Mobile agents and security , 1998, IEEE Commun. Mag..

[21]  Yolanda Gil,et al.  A survey of trust in computer science and the Semantic Web , 2007, J. Web Semant..

[22]  Sarvapali D. Ramchurn,et al.  Trust in multi-agent systems , 2004, The Knowledge Engineering Review.

[23]  Nathan Griffiths,et al.  Towards Improved Partner Selection Using Recommendations and Trust , 2008, AAMAS-TRUST.

[24]  Munindar P. Singh,et al.  Trust Representation and Aggregation in a Distributed Agent System , 2006, AAAI.

[25]  Sabrina De Capitani di Vimercati,et al.  Access Control Policies, Models, and Mechanisms , 2011, Encyclopedia of Cryptography and Security.

[26]  Munindar P. Singh,et al.  Formal Trust Model for Multiagent Systems , 2007, IJCAI.

[27]  Michael Rovatsos,et al.  Using trust for detecting deceitful agents in artificial societies , 2000, Appl. Artif. Intell..

[28]  A.S. Tanenbaum,et al.  Security in a mobile agent system , 2004, IEEE First Symposium onMulti-Agent Security and Survivability, 2004.

[29]  Giorgos Zacharia,et al.  Trust management through reputation mechanisms , 2000, Appl. Artif. Intell..

[30]  Martín Abadi,et al.  A calculus for access control in distributed systems , 1991, TOPL.

[31]  Fausto Giunchiglia,et al.  Tropos: An Agent-Oriented Software Development Methodology , 2004, Autonomous Agents and Multi-Agent Systems.

[32]  Wayne A. Jansen,et al.  Countermeasures for mobile agent security , 2000, Comput. Commun..

[33]  Ghassan Beydoun,et al.  A security-aware metamodel for multi-agent systems (MAS) , 2009, Inf. Softw. Technol..

[34]  Moti Yung,et al.  Sliding Encryption: A Cryptographic Tool for Mobile Agents , 1997, FSE.

[35]  Trung Dong Huynh,et al.  A personalized framework for trust assessment , 2009, SAC '09.

[36]  Munindar P. Singh,et al.  Distributed Reputation Management for Electronic Commerce , 2002, Comput. Intell..

[37]  Munindar P. Singh,et al.  Searching social networks , 2003, AAMAS '03.

[38]  C. Sierra,et al.  REGRET: A reputation model for gregarious societies , 2001 .

[39]  Jordi Sabater-Mir,et al.  Review on Computational Trust and Reputation Models , 2005, Artificial Intelligence Review.

[40]  Thomas Magedanz,et al.  Grasshopper - A Mobile Agent Platform for Active Telecommunication , 1999, IATA.

[41]  Amirreza Masoumzadeh,et al.  RiBAC: Role Interaction Based Access Control Model for Community Computing , 2008, CollaborateCom.

[42]  Martín Abadi,et al.  Authentication in distributed systems: theory and practice , 1991, SOSP '91.

[43]  Stephen Hailes,et al.  Supporting trust in virtual communities , 2000, Proceedings of the 33rd Annual Hawaii International Conference on System Sciences.

[44]  Giovanni Vigna,et al.  Evaluating the Security of Three Java-Based Mobile Agent Systems , 2001, Mobile Agents.

[45]  L. Mui,et al.  A computational model of trust and reputation , 2002, Proceedings of the 35th Annual Hawaii International Conference on System Sciences.

[46]  Fumio Mizoguchi,et al.  An authorization-based trust model for multiagent systems , 2000, Appl. Artif. Intell..

[47]  Morris Sloman,et al.  A survey of trust in internet applications , 2000, IEEE Communications Surveys & Tutorials.

[48]  Elisa Bertino,et al.  A generalized temporal role-based access control model , 2005, IEEE Transactions on Knowledge and Data Engineering.

[49]  J. V. Rauff,et al.  Multi-Agent Systems: An Introduction to Distributed Artificial Intelligence , 2005 .

[50]  Stefan Poslad,et al.  Specifying Standard Security Mechanisms in Multi-agent Systems , 2002, Trust, Reputation, and Security.

[51]  Haralambos Mouratidis,et al.  Multi-agent Systems and Security Requirements Analysis , 2003, SELMAS.

[52]  William M. Farmer,et al.  Security for Mobile Agents: Authentication and State Appraisal , 1996, ESORICS.

[53]  Nicholas R. Jennings,et al.  An integrated trust and reputation model for open multi-agent systems , 2006, Autonomous Agents and Multi-Agent Systems.

[54]  Ramon Sangüesa,et al.  Extracting reputation in multi agent systems by means of social network topology , 2002, AAMAS '02.

[55]  Yuh-Jong Hu,et al.  Agent-Oriented Public Key Infrastructure for Multi-agent E-service , 2003, KES.

[56]  Churn-Jung Liau,et al.  Belief, information acquisition, and trust in multi-agent systems--A modal logic formulation , 2003, Artif. Intell..

[57]  Elisa Bertino,et al.  GEO-RBAC: a spatially aware RBAC , 2005, SACMAT '05.

[58]  James B. D. Joshi,et al.  LoT-RBAC: A Location and Time-Based RBAC Model , 2005, WISE.

[59]  Bruce Schneier,et al.  Environmental Key Generation Towards Clueless Agents , 1998, Mobile Agents and Security.

[60]  M. Parashar,et al.  Context-aware Dynamic Access Control for Pervasive Applications , 2004 .

[61]  Haralambos Mouratidis,et al.  Secure Tropos: a Security-Oriented Extension of the Tropos Methodology , 2007, Int. J. Softw. Eng. Knowl. Eng..

[62]  Arthur C. Graesser,et al.  Is it an Agent, or Just a Program?: A Taxonomy for Autonomous Agents , 1996, ATAL.

[63]  Wilmuth Müller,et al.  Evaluating the security of mobile agent platforms , 2009, Autonomous Agents and Multi-Agent Systems.

[64]  Guido Boella,et al.  Permission and Authorization in Policies for Virtual Communities of Agents , 2004, AP2PC.

[65]  Giovanni Vigna,et al.  Protecting Mobile Agents through Tracing , 1997 .

[66]  Son T. Vuong,et al.  A security architecture and design for mobile intelligent agent systems , 2001, SIAP.

[67]  Lik Mui,et al.  A Computational Model of Trust and Reputation for E-businesses , 2002 .

[68]  Alfarez Abdul-Rahman,et al.  A framework for decentralised trust reasoning , 2005 .

[69]  Nicholas R. Jennings,et al.  A Roadmap of Agent Research and Development , 2004, Autonomous Agents and Multi-Agent Systems.

[70]  Levent Ertaul,et al.  Mobile Agent Security , 2006, Security and Management.

[71]  Jordi Sabater-Mir,et al.  Reputation and social network analysis in multi-agent systems , 2002, AAMAS '02.

[72]  C. R. Ramakrishnan,et al.  Model-Carrying Code (MCC): a new paradigm for mobile-code security , 2001, NSPW '01.

[73]  Agostino Poggi,et al.  A Security Infrastructure for Trust Management in Multi-agent Systems , 2004, Trusting Agents for Trusting Electronic Societies.

[74]  Fritz Hohl,et al.  Time Limited Blackbox Security: Protecting Mobile Agents From Malicious Hosts , 1998, Mobile Agents and Security.

[75]  Franco Zambonelli,et al.  Coordination and Access Control in Open Distributed Agent Systems: The TuCSoN Approach , 2000, COORDINATION.

[76]  George C. Necula,et al.  Safe, Untrusted Agents Using Proof-Carrying Code , 1998, Mobile Agents and Security.

[77]  Haralambos Mouratidis,et al.  Modelling secure multiagent systems , 2003, AAMAS '03.

[78]  Jiazhen Wang,et al.  Security Frame and Evaluation in Mobile Agent System , 2006, 2005 2nd Asia Pacific Conference on Mobile Technology, Applications and Systems.

[79]  Paul Resnick,et al.  Reputation systems , 2000, CACM.

[80]  N. Shadbolt,et al.  Developing an integrated trust and reputation model for open multi-agent systems , 2004 .

[81]  Ghassan Beydoun,et al.  Developing and Evaluating a Generic Metamodel for MAS Work Products , 2005, EUMAS.

[82]  Robert A. Ghanea-Hercock,et al.  Top-secret Multi-Agent Systems , 2002, SEMAS.

[83]  Elisa Bertino,et al.  TRBAC: a temporal role-based access control model , 2000, RBAC '00.

[84]  Michelle S. Wangham,et al.  MASS: A Mobile Agent Security Scheme for the Creation of Virtual Enterprises , 2004, MATA.