Security in the Ajanta mobile agent system

A mobile agent is an object which can autonomously migrate in a distributed system to perform tasks on behalf of its creator. Security issues in regard to the protection of host resources, as well as the agent themselves, raise significant obstacles in practical applications of the agent paradigm. This article describes the security architecture of Ajanta, a Java‐based system for mobile agent programming. This architecture provides mechanisms to protect server resources from malicious agents, agent data from tampering by malicious servers and communication channels during its travel, and protection of name service data and the global namespace. We present here a proxy based mechanism for secure access to server resources by agents. Using Java's class loader model and thread group mechanism, isolated execution domains are created for agents at a server. An agent can contain three kinds of protected objects: read‐only objects whose tampering can be detected, encrypted objects for specific servers, and a secure append‐only log of objects. A generic authentication protocol is used for all client–server interactions when protection is required. Using this mechanism, the security model of Ajanta enforces protection of namespaces, and secure execution of control primitives such as agent recall or abort. Ajanta also supports communication between agents using RMI, which can be controlled if required by the servers' security policies. Copyright © 2001 John Wiley & Sons, Ltd.

[1]  Anand R. Tripathi,et al.  Agent Server Architecture for the Ajanta Mobile-Agent System , 1998 .

[2]  William M. Farmer,et al.  Security for Mobile Agents: Issues and Requirements , 1996 .

[3]  Marc Shapiro,et al.  Structure and Encapsulation in Distributed Systems: The Proxy Principle , 1986, ICDCS.

[4]  Frank Yellin,et al.  The java virtual machine , 1996 .

[5]  Anand R. Tripathi,et al.  Design issues in mobile agent programming systems , 1998, IEEE Concurr..

[6]  Jan Vitek,et al.  The JavaSeal Mobile Agent Kernel , 1999, Proceedings. First and Third International Symposium on Agent Systems Applications, and Mobile Agents.

[7]  B. Clifford Neuman,et al.  Proxy-based authorization and accounting for distributed systems , 1993, [1993] Proceedings. The 13th International Conference on Distributed Computing Systems.

[8]  Munindar P. Singh,et al.  Agents on the Web: Mobile Agents , 1997, IEEE Internet Comput..

[9]  George Cybenko,et al.  D'Agents: Security in a Multiple-Language, Mobile-Agent System , 1998, Mobile Agents and Security.

[10]  Martín Abadi,et al.  Prudent Engineering Practice for Cryptographic Protocols , 1994, IEEE Trans. Software Eng..

[11]  Gavin Lowe,et al.  An Attack on the Needham-Schroeder Public-Key Authentication Protocol , 1995, Inf. Process. Lett..

[12]  Holger Peine,et al.  The Architecture of the Ara Platform for Mobile Agents , 1999, Mobile Agents.

[13]  Li Gong,et al.  A secure identity-based capability system , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[14]  William M. Farmer,et al.  Security for Mobile Agents: Authentication and State Appraisal , 1996, ESORICS.

[15]  Gene Tsudik,et al.  Itinerant Agents for Mobile Computing , 1995, IEEE Communications Surveys & Tutorials.

[16]  Fritz Hohl,et al.  Time Limited Blackbox Security: Protecting Mobile Agents From Malicious Hosts , 1998, Mobile Agents and Security.

[17]  Daniel Hagimont,et al.  A protection scheme for mobile agents on Java , 1997, MobiCom '97.

[18]  Christian F. Tschudin,et al.  Protecting Mobile Agents Against Malicious Hosts , 1998, Mobile Agents and Security.

[19]  Daniel M. Zimmerman,et al.  benefits and drawbacks of current Java mobile agent systems , 1997 .

[20]  Christian F. Tschudin,et al.  Towards mobile cryptography , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[21]  Fred B. Schneider,et al.  NAP: practical fault-tolerance for itinerant computations , 1999, Proceedings. 19th IEEE International Conference on Distributed Computing Systems (Cat. No.99CB37003).

[22]  Danny B. Lange,et al.  A Security Model for Aglets , 1997, IEEE Internet Comput..

[23]  David Wong,et al.  Concordia: An Infrastructure for Collaborating Mobile Agents , 1997, Mobile Agents.

[24]  Giovanni Vigna,et al.  Cryptographic Traces for Mobile Agents , 1998, Mobile Agents and Security.

[25]  Warwick Ford,et al.  Computer communication security - principles, standard protocols and techniques , 2008 .

[26]  David Wong,et al.  Security and reliability in Concordia , 1999 .

[27]  Andrew Birrell Secure communication using remote procedure calls , 1985, TOCS.

[28]  Guy L. Steele,et al.  The Java Language Specification , 1996 .

[29]  Robbert van Renesse,et al.  Operating system support for mobile agents , 1995, Proceedings 5th Workshop on Hot Topics in Operating Systems (HotOS-V).

[30]  David K. Gifford,et al.  Remote evaluation , 1990, TOPL.

[31]  David Wong,et al.  Java-based mobile agents , 1999, CACM.

[32]  Robert S. Gray,et al.  Agent Tcl: a Exible and Secure Mobile-agent System , 1996 .

[33]  G. Glass ObjectSpace Voyager core package technical overview , 1999 .

[34]  Steven C. Wheelwright,et al.  Sun Microsystems, Inc. (A) TN , 1992 .

[35]  David M. Chess,et al.  Security Issues in Mobile Code Systems , 1998, Mobile Agents and Security.

[36]  Giovanni Vigna,et al.  Understanding Code Mobility , 1998, IEEE Trans. Software Eng..

[37]  Anand R. Tripathi,et al.  Mobile agent programming in Ajanta , 1999, Proceedings. 19th IEEE International Conference on Distributed Computing Systems (Cat. No.99CB37003).

[38]  Aaron Kershenbaum,et al.  Mobile Agents: Are They a Good Idea? , 1996, Mobile Object Systems.

[39]  Stefan Fünfrocken Protecting Mobile Web-Commerce Agents with Smartcards , 1999, ASA/MA.