Abstract
This work defines a security scheme, based on SPKI/SDSI chains of trust, for protecting mobile agent platforms in large-scale distributed systems. The scheme is composed by a protocol of mutual authentication, a mobile agent authenticator and a mechanism for the generation of protection domain. Due to the flexibility of the SPKI/SDSI certificate delegation infrastructures used, the proposed scheme provides a decentralized control for authorization and authentication.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
OMG: Mobile agent facility specification. OMG Document 2000-01-02 (2000)
Farmer, W., Guttman, J., Swarup, V.: Security for mobile agents: Issues and requirements. In: Proc. 19th National Information System Security Conf. (1996)
Ellison, C.M., Frantz, B., Lampson, B., Rivest, R., Thomas, B., Ylönen, T.: SPKI requirements. RFC 2693, Internet Engineering Task Force (1999)
Jansen, W., Karygiannis, T.: Mobile agent security. Technical Report NIST Special Publication 800-19, National Institute of Standards and Technology (1999)
Sun: Java 2 SDK security documentation (2003), http://java.sun.com/security/
Levy, J., Ousterhout, J., Welch, B.: The Safe-Tcl security model. Technical Report SMLI TR-97-60, Sun Microsystems (1997)
Karnik, N.: Security in Mobile Agent Systems. PhD thesis, University of Minnesota (1998)
Ordille, J.: When agents roam, who can you trust? In: 1st Conference on Emerging Technologies and Applications in Communications (1996)
Necula, G., Lee, P.: Safe, untrusted agents using proof-carrying code. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, pp. 61–91. Springer, Heidelberg (1998)
Lampson, B., Rivest, R.: A simple distributed security infrastructure (1996), http://theory.lcs.mit.edu/~cis/sdsi.html
Clarke, D.E.: SPKI/SDSI HTTP server/certificate chain discovery in SPKI/SDSI. Master’s thesis, Massachusetts Institute of Technology (MIT) (2001)
Santin, A., Fraga, J., Mello, E., Siqueira, F.: Extending the SPKI/SDSI model through federation webs. In: Proc. 7th IFIP Conference on Communications and Multimedia Security (2003)
Saltzer, J.H., Schroeder, M.D.: The protection of information in computer systems. Proceedings of the IEEE 63, 1278–1308 (1975)
Karjoth, G., Asokan, N., Gulcu, C.: Protecting the computing results of freeroaming agents. In: Proc. 2nd International Workshop on Mobile Agents (1998)
Yee, B.: A sanctuary for mobile agents. In: Secure Internet Programming. LNCS, vol. 1603, pp. 261–273. Springer, Heidelberg (1997)
Morcos, A.: A Java implementation of Simple Distributed Security Infrastructure. Master’s thesis, Massachusetts Institute of Technology (1998)
OMG: The common object request broker architecture v2.6. OMG Document 01-12-30 (2001)
Rabelo, R., Wangham, M., Schmidt, R., Fraga, J.: Trust building in the creation of virtual enterprises in mobile agent-based architectures. In: 4th IFIP Working Conference on Virtual Enterprise - Processes and Foundations for Virtual Organizations, pp. 65–72. Kluwer Academic Publishers, Dordrecht (2003)
Nikander, P., Partanen, J.: Distributed policy management for JDK 1.2. In: Proc. 1999 Network and Distributed Systems Security Symposium (1999)
Molva, R., Roudier, Y.: A distributed access control model for Java. In: Cuppens, F., Deswarte, Y., Gollmann, D., Waidner, M. (eds.) ESORICS 2000. LNCS, vol. 1895, Springer, Heidelberg (2000)
International Standards Organization (ISO): Common Criteria for Information Technology Security Evaluation (ISO/IEC 15408) (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wangham, M.S., da Silva Fraga, J., Obelheiro, R.R., Jung, G.A., Fernandes, E. (2004). Security Mechanisms for Mobile Agent Platforms Based on SPKI/SDSI Chains of Trust. In: Lucena, C., Garcia, A., Romanovsky, A., Castro, J., Alencar, P.S.C. (eds) Software Engineering for Multi-Agent Systems II. SELMAS 2003. Lecture Notes in Computer Science, vol 2940. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24625-1_12
Download citation
DOI: https://doi.org/10.1007/978-3-540-24625-1_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-21182-2
Online ISBN: 978-3-540-24625-1
eBook Packages: Springer Book Archive