Abstract
In previous research work, we proposed an integrated framework to guide the design of a Mobile Agent based Network Management (MANM) system, namely the Mobile Agent based framework for Security enhanced Autonomous network and system Management (MASAM). This framework offered two distinct advantages: (1) the provision of a secure agent-based management infrastructure and (2) the capability of achieving enhanced network management functionalities. In this paper, we propose two novel security schemes, namely the Visibility Domain Protection Scheme (VDPS) and the Visa Based Authentication Scheme (VBAS), for protection of management information and authentication and resource access control of management agents, respectively. These schemes seamlessly fit into the modular MASAM framework and facilitate two major security components defined in its abstract architecture. The efficiency of the two security schemes, focusing on the aspects of security and performance, is demonstrated and evaluation results are compared with the SNMPv3 standard.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Shin, K.S., Jung, J.H., Cheon, J.Y., Choi, S.B.: Real-time network monitoring scheme based on SNMP for dynamic information. J. Netw. Comput. Appl. 30(1), 331–353 (2007)
Pashalidis, A., Fleury, M.: Secure network management within an open-source mobile agent framework. J. Netw. Syst. Manage. 12(1), 9–31 (2004)
Papavassiliou, S., Puliafito, A., Tomarchio, O., Ye, J.: Mobile agent-based approach for efficient network management and resource allocation: framework and applications. IEEE J. Selected Areas Commun 20(4), 858–872 (2002)
Martin, A., Leon, C., Monedero, I.: The evolution of OSI network management by integrated the expert knowledge. In: Proceedings of 7th international conference on intelligent data engineering and automated learning (IDEAL 2006), Burgos, Spain, pp. 402–409 (2006)
Cabrera, J.B., Lewis, L., Qin, X., Gutierrez, C. et al.: Proactive intrusion detection and SNMP-based security management: new experiments and validation. IFIP/IEEE 8th international symposium on integrated network management, Colorado Springs, CO, USA, pp. 93–96 (2003)
Apostolopoulos, T.K., Daskalou, V.C.: Role of the time parameter in a network security management model. In: Proceedings of the 1997 2nd IEEE symposium on computers and communications, Alexandria, Egypt, pp. 528–532 (1997)
Jiang, G.: Multiple vulnerabilities in SNMP. IEEE J. Comput. 35(4), 2–4 (2002)
Zhou, Y., Xiao, D.: Mobile agent-based policy management for wireless sensor networks. In: Proceedings of 2005 IEEE international conference on wireless communications, networking and mobile computing, Wuhan, China, pp. 1207–1210 (2005)
Wang, L., Lu, X., Shi, H.: Distributed intelligent network management model based on CORBA. J. Comput. Measure. Control 13(10), 1119–1151 (2005)
Young-Min, K., Won-Ki, H.: An implementation methodology of a gateway for inter-domain management between CORBA and SNMP. J. KISS Comput. Practices 6(1), 58–67 (2000)
Stavroulaki, V., Demestichas, K., Adamopoulou, E., Demestichas, P.: Distributed Web-based management framework for ambient reconfigurable services in the intelligent environment. J. Mobile Netw. Appl. 11(6), 889–900 (2006)
Fong, C.-h.: A mobile agent framework for security enhanced and autonomic network and system management. PhD Thesis, University of Ulster, UK (2008)
The Foundation for Intelligent Physical Agents (FIPA). Official Web Site, 2007, Available online at http://www.fipa.org/
FIPA Abstract Architecture Specification. Version L, FIPA00001, FIPA Specification, 2002, Available online at http://www.fipa.org/specs/fipa00001/SC00001L.pdf
FIPA ACL Message Structure Specification. Version G, FIPA00061, FIPA Specification, 2002, Available online at http://www.fipa.org/specs/fipa00061/SC00061G.pdf
Helin, H., Laukkanen, M.: Towards efficient and reliable agent communication in wireless environments. Cooperative information agents V: 5th international workshop, CIA 2001, Modena, Italy, September 6–8, 2001. Proceedings, pp 258, (2001)
FIPA Agent Message Transport Protocol for IIOP Specification. Version G, FIPA00075, FIPA Specification, 2002, Available online at http://www.fipa.org/specs/fipa00075/SC00075G.pdf
Barker, E., Barker, W., Burr, W., Polk, W. et al.: Recommendation for Key Management—Part 1: General (Revised). NIST Special Publication 800-57, National Institute of Standards and Technology (NIST), 2007, Available online at http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-Part1-revised2_Mar08-2007.pdf
SNMPv3 White Paper. SNMP Research International, 2007, Available online at http://www.snmp.com/snmpv3/v3white.shtml
Eung-Gu, Y., Keum-Suk, L.: A mobile agent security management. In: 18th International conference on advanced information networking and applications, Fukuoka, Japan, pp 360–365 (2004)
Fong, C.-h., Parr, G.P., Morrow P.J.: Performance evaluation of a mobile agent based framework for security event management in IP networks. In: Managing next generation networks and services. Springer, pp 476–486 (2007)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Fong, Ch., Parr, G. & Morrow, P. Security Schemes for a Mobile Agent Based Network and System Management Framework. J Netw Syst Manage 19, 230–256 (2011). https://doi.org/10.1007/s10922-010-9175-8
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10922-010-9175-8