Securing Mobile-Agent Systems through Collaboration

Collaborative Computer Security and Trust Management - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-60566-414-9.ch008 ◽

2010 ◽

pp. 154-180

Author(s):

Mohammed Hussain ◽

David B. Skillicorn

Keyword(s):

Mobile Agent ◽

Mobile Agents ◽

Telecommunication Networks ◽

Agent Systems ◽

Security Issues ◽

System Calls ◽

Mobile Agent Systems ◽

Privacy Attack ◽

The Difference ◽

The One

Mobile agents are self-contained programs that migrate among computing devices to achieve tasks on behalf of users. Autonomous and mobile agents make it easier to develop complex distributed systems. Many applications can benefit greatly from employing mobile agents, especially e-commerce. For instance, mobile agents can travel from one e-shop to another, collecting offers based on customers’ preferences. Mobile agents have been used to develop systems for telecommunication networks, monitoring, information retrieval, and parallel computing. Characteristics of mobile agents, however, introduce new security issues which require carefully designed solutions. On the one hand, malicious agents may violate privacy, attack integrity, and monopolize hosts’ resources. On the other hand, malicious hosts may manipulate agents’ memory, return wrong results from system calls, and deny access to necessary resources. This has motivated research focused on devising techniques to address the security of mobile-agent systems. This chapter surveys the techniques securing mobile-agent systems. The survey categorizes the techniques based on the degree of collaboration used to achieve security. This categorization resembles the difference between this chapter and other surveys in the literature where categorization is on the basis of entities/ parts protected and underlying methodologies used for protection. This survey shows the importance of collaboration in enhancing security and discusses its implications and challenges.

Download Full-text

Component Agent Systems

Architectural Design of Multi-Agent Systems ◽

10.4018/978-1-59904-108-7.ch005 ◽

2011 ◽

pp. 95-114

Author(s):

Paulo Marques

Keyword(s):

Technology Adoption ◽

Network Management ◽

Case Studies ◽

Mobile Agent ◽

Mobile Agents ◽

Agent Platform ◽

Agent Systems ◽

Systems Research ◽

Mobile Agent Systems ◽

The Future

One central problem preventing widespread adoption of mobile agents as a code structuring primitive is that current mainstream middleware implementations do not convey it simply as such. In fact, they force all the development to be centered on mobile agents, which has serious consequences in terms of software structuring and, in fact, technology adoption. This chapter discusses the main limitations of the traditional platform-based approach, proposing an alternative: component-based mobile agent systems. Two case studies are discussed: the JAMES platform, a traditional mobile agent platform specially tailored for network management, and M&M, a component-based system for agent-enabling applications. Finally, a bird’s eye perspective on the last 15 years of mobile agent systems research is presented along with an outlook on the future of the technology. The authors hope that this chapter brings some enlightenment on the pearls and pitfalls surrounding this interesting technology and ways for avoiding them in the future.

Download Full-text

Component Agent Systems

Mobile Computing ◽

10.4018/978-1-60566-054-7.ch243 ◽

2009 ◽

pp. 3300-3319

Author(s):

Paulo Marques ◽

Luís Silva

Keyword(s):

Technology Adoption ◽

Network Management ◽

Case Studies ◽

Mobile Agent ◽

Mobile Agents ◽

Agent Platform ◽

Agent Systems ◽

Systems Research ◽

Mobile Agent Systems ◽

The Future

Download Full-text

Embeddable Mobile-C for Runtime Support of Code Mobility in Multi-Agent Systems

Volume 2: 27th Computers and Information in Engineering Conference, Parts A and B ◽

10.1115/detc2007-35747 ◽

2007 ◽

Cited By ~ 5

Author(s):

Yu-Cheng Chou ◽

David Ko ◽

Harry H. Cheng

Keyword(s):

Operating Systems ◽

Mobile Agent ◽

Mobile Agents ◽

Distributed Applications ◽

Multi Agent Systems ◽

Agent Platform ◽

Agent Systems ◽

Code Mobility ◽

Mobile Agent Systems ◽

Multi Agent

Agent technology is emerging as an important concept for the development of distributed complex systems. A number of mobile agent systems have been developed in the last decade. However, most of them were developed to support only Java mobile agents. Furthermore, many of them are standalone platforms. In other words, they were not designed to be embedded in a user application to support the code mobility. In order to provide distributed applications with the code mobility, this article presents a mobile agent library, the Mobile-C library. The Mobile-C library is supported by various operating systems including Windows, Unix, and real-time operating systems. It has a small footprint to meet the stringent memory capacity for a variety of mechatronic and embedded systems. This library allows a Mobile-C agency, a mobile agent platform, to be embedded in a program to support C/C++ mobile agents. Functions in this library facilitate the development of a multi-agent system that can easily interface with a variety of hardware devices.

Download Full-text

A Secure Migration Protocol for Mobile Agent Systems

Volume 3: ASME/IEEE 2009 International Conference on Mechatronic and Embedded Systems and Applications; 20th Reliability, Stress Analysis, and Failure Prevention Conference ◽

10.1115/detc2009-87613 ◽

2009 ◽

Author(s):

Najmus Saqib Malik ◽

David Ko ◽

Harry H. Cheng

Keyword(s):

Mobile Agent ◽

Mobile Agents ◽

Migration Process ◽

Agent Platform ◽

Agent Systems ◽

Mobile Agent Systems ◽

Automation Systems ◽

Multi Agent ◽

Future Work ◽

Secure Shell

This paper describes a secure migration process of mobile agents between agencies. Mobile-C is an IEEE Foundation for Intelligent Physical Agents (FIPA) standard compliant multi-agent platform for supporting C/C++ mobile and stationary agents. This secure migration process is inspired from Secure Shell (SSH). Before migration, both agencies authenticate each other using public key authentication. After successful authentication, an encrypted mobile agent is transferred and its integrity is verified. Mobile-C is specially designed for mechatronic and factory automation systems where, for correct system operations, agencies must accept mobile agents from trusted agencies. For this reason, the emphasis is on strong authentication of both agencies involved in migration process. Security aspects of other popular mobile agent systems are described briefly. A comparison study with SSH protocol is performed and future work is elaborated.

Download Full-text

Mobile Agents and Security

Encyclopedia of Information Ethics and Security ◽

10.4018/978-1-59140-987-8.ch068 ◽

2011 ◽

pp. 457-462

Author(s):

Fei Xue

Keyword(s):

Distributed Computing ◽

Mobile Agent ◽

Mobile Agents ◽

Computer Software ◽

Emerging Technology ◽

Security Threats ◽

Agent Systems ◽

The Past ◽

Mobile Agent Systems ◽

Software And Hardware

As an emerging technology, mobile agents can facilitate distributed computing applications over computer networks. During the past decade, the advance of computer software and hardware has led the structure and logic of mobile agents to become increasingly sophisticated. As a consequence, some security threats have started to appear in mobile agent systems (MASs).

Download Full-text

AN INTEGRITY CHECKING MECHANISM OF MOBILE AGENTS UNDER A CLOSED ENVIRONMENT WITH TRUSTED HOSTS

International Journal of Software Engineering and Knowledge Engineering ◽

10.1142/s0218194006002720 ◽

2006 ◽

Vol 16 (01) ◽

pp. 141-151

Author(s):

DONGWON JEONG ◽

YOUNG-GAB KIM ◽

SOO-HYUN PARK

Keyword(s):

Distributed Computing ◽

Mobile Agent ◽

Mobile Agents ◽

Agent Systems ◽

Mobile Agent Systems ◽

Integrity Checking ◽

Agent Platforms ◽

Closed Environment ◽

Integrity Issue

Mobile agent paradigm is recognized as a new environment for distributed computing and provides many merits such as mobility, security, self-decision, and so on. However, its security problems should be resolved to increase its application to a variety of real domains. Especially, we must guarantee integrity of transferred mobile agents. Although many mobile agent systems were developed, the integrity issue remains a critical one. In this paper, we propose an integrity checking mechanism to do the aforementioned issue. The proposed mechanism is independent of specific security frameworks and can be added and used easily for various mobile agent platforms.

Download Full-text

A SECURITY BASED MODEL FOR MOBILE AGENT SOFTWARE SYSTEMS

International Journal of Software Engineering and Knowledge Engineering ◽

10.1142/s0218194005002518 ◽

2005 ◽

Vol 15 (04) ◽

pp. 719-746 ◽

Cited By ~ 2

Author(s):

HAIPING XU ◽

ZHIGUO ZHANG ◽

SOL M. SHATZ

Keyword(s):

Mobile Agent ◽

Mobile Agents ◽

Software Systems ◽

Agent Communication ◽

Agent Model ◽

Agent Systems ◽

Design Error ◽

Mobile Agent Systems ◽

High Level ◽

Agent Migration

Security modeling for agents has been one of the most challenging issues in developing practical mobile agent software systems. In the past, researchers have developed mobile agent systems with emphasis either on protecting mobile agents from malicious hosts or protecting hosts from malicious agents. In this paper, we propose a security based mobile agent system architecture that provides a general solution to protecting both mobile agents and agent hosts in terms of agent communication and agent migration. We present a facilitator agent model that serves as a middleware for secure agent communication and agent migration. The facilitator agent model, as well as the mobile agent model, is based on agent-oriented G-nets — a high level Petri net formalism. To illustrate our formal modeling technique for mobile agent systems, we provide an example of agent migration to show how a design error can be detected.

Download Full-text

Mobile Agent Communication, Security Concerns, and Approaches

Detecting and Mitigating Robotic Cyber Security Risks - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-2154-9.ch020 ◽

2017 ◽

pp. 300-311

Author(s):

Kamat Pooja ◽

Gite Shilpa ◽

Patil Shruti

Keyword(s):

Mobile Agent ◽

Mobile Networks ◽

Client Server ◽

Agent Systems ◽

Security Issues ◽

Systems Model ◽

Mobile Agent Systems ◽

Server Systems ◽

The World ◽

Computational Processes

Mobile Agent Systems model has attracted attention of various researchers and scholars all over the world due to a wide array of features it offers. The capability of mobile agent to hop independently from one network to another, carrying out various computational processes on remote network, enables them to operate in fixed and mobile networks more efficiently and robustly than typical client-server systems. However little attention is paid to the security management of the mobile agents due to which it is still not widely used in the industry domain. . In this chapter, the authors examine the various security issues in Mobile Agent systems and approaches used to overcome them.

Download Full-text

Mobile Agent Authentication and Authorization in E-Commerce

Encyclopedia of Information Science and Technology, Second Edition ◽

10.4018/978-1-60566-026-4.ch409 ◽

2011 ◽

pp. 2567-2573

Author(s):

Sheng-Uei Guan

Keyword(s):

Mobile Agent ◽

Mobile Agents ◽

Research Effort ◽

The Internet ◽

New Approach ◽

Agent Based ◽

Security Issues ◽

Authentication And Authorization ◽

Authentication Schemes ◽

The One

With the increasing worldwide usage of the Internet, electronic commerce (e-commerce) has been catching on fast in a lot of businesses. As e-commerce booms, there comes a demand for a better system to manage and carry out transactions. This has led to the development of agent-based e-commerce. In this new approach, agents are employed on behalf of users to carry out various e-commerce activities. Although the tradeoff of employing mobile agents is still a contentious topic (Milojicic, 1999), using mobile agents in e-commerce attracts much research effort, as it may improve the potential of their applications in e-commerce. One advantage of using agents is that communication cost can be reduced. Agents traveling and transferring only the necessary information save the bandwidth and reduce the chances of network clogging. Also, users can let their agents travel asynchronously to their destinations and collect information or execute other applications while they can disconnect from the network (Wong, 1999). Although agent-based technology offers such advantages, the major factor that is holding people back from employing agents is still the security issues involved. On the one hand, hosts cannot trust incoming agents belonging to unknown owners, because malicious agents may launch attacks on the hosts and other agents. On the other hand, agents may also have concerns on the reliability of hosts and will be reluctant to expose their secrets to distrustful hosts. To build bilateral trust in an e-commerce environment, the authorization and authentication schemes for mobile agents should be well designed. Authentication checks the credentials of an agent before processing the agent’s requests. If the agent is found to be suspicious, the host may decide to deny its service requests. Authorization refers to the permissions granted for the agent to access whichever resource it requested. In our previous work, we have proposed a SAFER (Secure Agent Fabrication, Evolution & Roaming) architecture (Zhu, 2000), which aims to construct an open, dynamic and evolutionary agent system for e-commerce. We have already elaborated agent fabrication, evolution, and roaming in Guan (1999, 2001, 2002), Wang (2001), and Zhu (2001). This article gives an overview of the authentication and authorization issues on the basis of the SAFER architecture.

Download Full-text

BROSMAP: A Novel Broadcast Based Secure Mobile Agent Protocol for Distributed Service Applications

Security and Communication Networks ◽

10.1155/2017/3606424 ◽

2017 ◽

Vol 2017 ◽

pp. 1-18 ◽

Cited By ~ 6

Author(s):

Dina Shehada ◽

Chan Yeob Yeun ◽

M. Jamal Zemerly ◽

Mahmoud Al Qutayri ◽

Yousof Al Hammadi ◽

...

Keyword(s):

Mobile Agent ◽

Mobile Agents ◽

Mutual Authentication ◽

Agent Systems ◽

Verification Tool ◽

Mobile Agent Systems ◽

Man In The Middle ◽

Distributed Service ◽

And Performance ◽

Agent Protocol

Mobile agents are smart programs that migrate from one platform to another to perform the user task. Mobile agents offer flexibility and performance enhancements to systems and service real-time applications. However, security in mobile agent systems is a great concern. In this paper, we propose a novel Broadcast based Secure Mobile Agent Protocol (BROSMAP) for distributed service applications that provides mutual authentication, authorization, accountability, nonrepudiation, integrity, and confidentiality. The proposed system also provides protection from man in the middle, replay, repudiation, and modification attacks. We proved the efficiency of the proposed protocol through formal verification with Scyther verification tool.

Download Full-text