A security protocol for mobile agents based upon the cooperation of sedentary agents

https://doi.org/10.1016/j.jnca.2006.04.008Get rights and content

Abstract

Despite its many benefits, mobile agent technology results in significant security threats from agents and hosts. This paper presents a protocol which protects mobile agents from malicious hosts. This protocol combines four concepts: the cooperation between a mobile agent and a sedentary agent; the reference execution (reliable platforms which shelter our cooperating sedentary agents); the cryptography and the digital signature to ensure safe inter-agent communication and time-limited execution (timeout). A dynamic approach which makes use of a timer to make it possible to detect a mobile agent's code re-execution was used. The attack on agent permanent modification was also dealt with. Moreover, the protocol is sufficiently robust so that it is durable and fault tolerant.

Introduction

With the expansive development of the Internet, the need to develop applications which can be exploited within such heterogeneous and very disparate environments becomes imperative. The client/server architecture demonstrates a real ability and sufficient performance to head up this development. However, it has been confronted with problems of maintainability, and thus displays some limitations when dealing with heavy network loads. These limitations worsen, especially with mobile terminals and portable devices, which add other paradigms. A mobile agent appears to be an alternative solution as it is more adaptable to these new requirements (Poslad et al., 2001). To reach a certain degree of maturity, this paradigm should guarantee a minimum level of security.

An architecture of mobile agents mainly consists of two actors: the mobile agents and the platforms (Bäumer et al., 1999; Poslad et al., 2001). An agent is a software entity that can act in favor of another entity (a person, another agent). It can be mobile, sedentary or stationary. A mobile agent is an agent that is able to migrate between hosts according to a route, which is either static (i.e., established beforehand) or dynamic. A sedentary agent is a mobile agent which carries out only one single migration. The stationary agent does not migrate anywhere. An agent consists of three components: the code or the program which implements it, the execution state of the program and the data. There are two types of migration: weak migration occurs when only the code of the agent migrates to its destination, a strong migration occurs when the mobile agent carries out its migrations between different hosts while conserving its data, state and code. The platform is the environment of execution. The platform makes it possible to create mobile agents, it offers the necessary elements required by them to perform their tasks such as execution, migration towards other platforms and so on.

This paper proposes a protocol based on sedentary and cooperating agents to protect mobile agents against malicious hosts. This protocol combines four concepts: the cooperation between mobile and sedentary agents, the reference execution within a trusted platform (reliable platforms which shelter our cooperating sedentary agents), the cryptography and the digital signature to make inter-agent communication secure, and the time-limited execution (Timeout). A dynamic approach which makes use of a time-limit to make it possible to detect a mobile agent's code re-execution was selected. The main contributions of this paper are: the design of an approach to estimate the time a mobile agent takes to carry out a task on a platform in order to detect a code re-execution attack; the design of some mechanisms which allow the protocol to recover after service or permanent code modification has been denied and to become fault tolerant in case the trusted platform breaks down.

The rest of the paper is organized as follows. Section 2 presents the background and related work by summarizing the security problems and protection approaches of mobile agents. Section 3 presents the foundations and specifies the proposed protocol, its behavior in case of failure or attacks such as the denial of service, code re-execution, and/or permanent code modification. Section 4 gives some implementation details and analyzes some experimental results. Section 5 concludes the paper.

Section snippets

Background and related work

This paper focuses on the protection of mobile agents against malicious hosts (platforms). This issue is problematic given the fact that the platform is the environment for execution required by these agents. The platforms hold all the elements necessary for the agents to operate correctly. Moreover, they can reach the various components of the mobile agents: the code, the data and the state. Some researchers treat mobile agent security by studying attacks (Jansen and Karygiannis, 1999; Jansen,

Secure protocol based on sedentary agents

This new approach combines four concepts: a reference execution within a trusted platform, cooperation between agents, digital signature and encrypted communication. In this section, the foundations and the components of the protocol are presented. Then, its behavior towards some hostile environments or system failure is described. Finally, the robustness of the protocol is discussed.

This protocol uses three different entities: a mobile agent (MA) and two sedentary agents (SA and SAR). The MA

Implementation and experimental results

To implement the protocol, the Grasshopper (Bäumer et al., 1999; IKV++, 1998) platform was used. The agents communicate together by remote invocation. Considering this fact, interfaces were designed within which the agents could communicate. In other words, sending a message to an agent consists of remotely calling a method on the interface of the target agent which then implements the message. Indeed, each agent has an interface that contains the methods to which it can react. However, before

Conclusion

This paper presented a secure protocol for mobile agents. This protocol combines the reference behavior, cooperation between agents, cryptography and timed execution techniques. It is a reactive protocol in the sense that it adapts itself to the environment and the circumstances in which it operates. The protocol uses the behavior of reference which makes it possible to partially (critical code) or entirely carry out the mobile agent in a non hostile environment (trusted platform). The

References (17)

  • Allée G, Pierre S, Glitho RH, El Rhazi A. An improved itinerary recording protocol for securing distributed...
  • Bäumer C, Breugst M, Choy S, Magedanz T. Grasshopper-a universal agent platform based on OMG MASIF and FIPA standards....
  • El Rhazi A, Pierre S, Boucheneb H. Secure protocol in mobile agent environments. IEEE CCECE 2003, May 4–7, vol. 2,...
  • Farmer WM, Guttman JD, Swarup V. Security for mobile agents: issues and requirements. In: Proceedings of the 19th...
  • Hohl F. Time limited blackbox security: protection mobile agent from malicious hosts. Mobile agents and security,...
  • Hohl F. A framework to protect mobile agents by using reference states. In: Los Alamitos, editor. Proceedings of the...
  • IKV++, Grasshopper Basics And Concepts, Berlin Germany 1998. online documentation:...
  • Institute for Applied Information, The IAIK Java Cryptography Extension (IAIK-JCE) 3.03. In: Processing and...
There are more references available in the full text version of this article.

Cited by (23)

  • Fragmentation based encryption approach for self protected mobile agent

    2014, Journal of King Saud University - Computer and Information Sciences
    Citation Excerpt :

    After that Samuel Pierre (Benachenhou and Pierre, 2006) proposed a solution that is based on the perfect co-operation of a sedentary agent running inside a trusted third host. However this technique is good enough to provide security by establishing communication between agent platform and trusted server but each platform has to give the detail of agent execution to the trusted server through a large number of communication link established which creates extra burden (Ouardani et al., 2007; El Rhazi, 2007). The fifth area of clone agent protocol is somehow related to sedentary agent approach, but here the clone agent is executed on the same execution host before critical code execution.

  • Self-reliant mobile code: A new direction of agent security

    2014, Journal of Network and Computer Applications
    Citation Excerpt :

    However, this technique is only good enough to provide security by establishing communication between agent platforms and trusted servers. But the problem is each platform has to reveals the details of the agent's execution to the trusted server through a large number of communication links established which creates extra burden (Ouardani et al., 2007). Zaslavsky et al. (Page et al., 2004a, 2004b) proposed a buddy model which behaved like the approach of co-operative agent.

  • Design and implementation of inter-operable and secure agent migration protocol

    2020, International Arab Journal of Information Technology
  • A review of security techniques for mobile agents

    2017, Proceeding - IEEE International Conference on Computing, Communication and Automation, ICCCA 2017
View all citing articles on Scopus
View full text