skip to main content
10.1145/1463342.1463347acmotherconferencesArticle/Chapter ViewAbstractPublication PagesmiddlewareConference Proceedingsconference-collections
research-article

Enforcing security in the AgentScape middleware

Published: 02 December 2008 Publication History

Abstract

Multi Agent Systems (MAS) provide a useful paradigm for accessing distributed resources in an autonomic and self-directed manner. Resources, such as web services, are increasingly becoming available in large distributed environments. Currently, numerous multi agent systems are available. However, for the multi agent paradigm to become a genuine mainstream success certain key features need to be addressed: the foremost being security. While security has been a focus of the MAS community, configuring and managing such multi agent systems typically remains non-trivial. Well defined and easily configurable security policies address this issue. A security architecture that is both flexible and featureful is prerequisite for a MAS.
A novel security policy enforcement system for multi agent middleware systems is introduced. The system facilitates a set of good default configurations but also allows extensive scope for users to develop customised policies to suit their individual needs. An agent middleware, AgentScape, is used to illustrate the system.

References

[1]
J. Algesheimer, C. Cachin, J. Camenisch, and G. Karjoth. Cryptographic security for mobile code. Proceedings of the 2001 Symposium of Security and Privacy, 00:0002, 2001.
[2]
F. Bellifemine, A. Poggi, and G. Rimassa. JADE--A FIPA-compliant agent framework. Proceedings of PAAM, 99:97--108, 1999.
[3]
E. Bierman and E. Cloete. Classification of malicious host threats in mobile agent computing. In Proceedings of the 2002 annual research conference of the South African institute of computer scientists and information technologists on Enablement through technology, pages 141--148. RSA, 2002.
[4]
CCITT Draft Recomendation. The Directory Authentication Framework, Version 7, Nov. 1987.
[5]
S. Farrell and R. Housley. An internet attibute certificate profile for authorization. Request for Comment (RFC) 3281, IETF, April 2002.
[6]
L. Gong. Inside Java#8482; 2 Platform Security. The Java#8482; Series. Addison Wesley, June 1999. ISBN: 0-201-31000-7.
[7]
V. Gunupudi and S. R. Tate. Sagent: A security framework for jade. In Proceedings of the 5th International Joint Conference on Autonomous Agents and Multiagent Systems (AAMAS06). ACM, 2006.
[8]
A. Helsinger, M. Thome, and T. Wright. Cougaar: a scalable, distributed multi-agent architecture. In IEEE International Conference on Systems, Man and Cybernetics, 2004.
[9]
IIDS. AgentScape Agent Middleware. http://www.agentscape.org.
[10]
N. M. Karnik and A. R. Tripathi. A security architecture for mobile agents in ajanta. ICDCS, 00:402, 2000.
[11]
D. Kotz and R. Gray. Mobile Agents and the Future of the Internet. Operating Systems Review, 33(3):7--13, 1999.
[12]
M. Luck, P. McBurney, and C. Preist. Agent Technology: Enabling Next Generation Computing (A Roadmap for Agent Based Computing). AgentLink, 2003.
[13]
D. G. A. Mobach, B. J. Overeinder, and F. M. T. Brazier. WS-Agreement based resource negotiation framework for mobile agents. Scalable Computing: Practice and Experience, 7(1):23--36, 2006.
[14]
B. J. Overeinder and F. M. T. Brazier. Scalable middleware environment for agent-based internet applications. In Proceedings of the Workshop on State-of-the-Art in Scientific Computing (PARA'04), volume 3732 of LNCS, pages 675--679, Copenhagen, Denmark, 2004. Springer.
[15]
A. Poggi, M. Tomaiuolo, and G. Vitaglione. Security and trust in agent-oriented middleware. In R. Meersman and Z. Tari, editors, OTM Workshops 2003, number 2889 in LNCS, pages 989--1003. Springer-Verlag, 2003.
[16]
V. Roth. Programming Satan's agents. In In Proceedings of the 1st International Workshop on Secure Mobile Multi-Agent Systems, 2001.
[17]
V. Roth and M. Jalali. Concepts and architecture of a security-centric mobile agent server. In Proc. Fifth International Symposium on Autonomous Decentralized Systems (ISADS 2001), pages 435--442. IEEE Computer Society, 2001.
[18]
T. Sander and C. Tschudin. Protecting Mobile Agents Against Malicious Hosts. Mobile Agents and Security, 60, 1998.
[19]
R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. IEEE Computer, 29(2):38--47, February 1996.
[20]
S. R. Tate and K. Xu. Mobile agent security through multi-agent cryptographic protocols. In Proceedings of the 4th International Conference on Internet Computing, pages 462--468, Las Vegas, NV., 2003.
[21]
G. van 't Noordende, A. Balogh, R. F. H. Hofman, F. M. T. Brazier, and A. S. Tanenbaum. A secure jailing system for confining untrusted applications. In Proc. 2nd International Conference on Security and Cryptography (SECRYPT), pages 414--423, July 2007.
[22]
G. van 't Noordende, F. M. T. Brazier, and A. Tanenbaum. Security in a mobile agent system. In Proceedings of the First IEEE Symposium on Multi-Agent Security and Survivability, PA, 2004.
[23]
M. Warnier, M. A. Oey, R. J. Timmer, B. J. Overeinder, and F. M. T. Brazier. Enforcing integrity of agent migration paths by distribution of trust. Int. J. of Intelligent Information and Database Systems, 2008.
[24]
X. Zhang, S. Oh, and R. Sandhu. PDBM: A flexible delegation model in RBAC. In Proceedings of the 7th ACM Symposium on Access Control Models and Technologies (SACMAT 2003), Como, Italy, 2003.

Cited By

View all

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
MidSec '08: Proceedings of the 2008 workshop on Middleware security
December 2008
48 pages
ISBN:9781605583631
DOI:10.1145/1463342
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 December 2008

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. AgentScape
  2. MAS
  3. agent
  4. multi agent systems
  5. security policies

Qualifiers

  • Research-article

Funding Sources

Conference

Middleware '08

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)1
  • Downloads (Last 6 weeks)0
Reflects downloads up to 20 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2014)Strategies for avoiding preference profiling in agent-based e-commerce environmentsApplied Intelligence10.1007/s10489-013-0448-240:1(127-142)Online publication date: 1-Jan-2014
  • (2014)A review of attacks and security approaches in open multi-agent systemsArtificial Intelligence Review10.1007/s10462-012-9343-142:4(607-636)Online publication date: 1-Dec-2014
  • (2013)A survey of privacy in multi-agent systemsThe Knowledge Engineering Review10.1017/S026988891300018029:3(314-344)Online publication date: 3-May-2013
  • (2013)Magentix2Engineering Applications of Artificial Intelligence10.1016/j.engappai.2012.06.00926:1(96-109)Online publication date: 1-Jan-2013
  • (2011)An agent infrastructure for privacy-enhancing agent-based e-commerce applicationsProceedings of the 10th international conference on Advanced Agent Technology10.1007/978-3-642-27216-5_31(411-425)Online publication date: 2-May-2011
  • (2011)Developing Secure Agent Infrastructures with Open Standards and Open-Source TechnologiesHighlights in Practical Applications of Agents and Multiagent Systems10.1007/978-3-642-19917-2_5(37-44)Online publication date: 2011
  • (2010)Secure Monitoring of Service Level Agreements2010 International Conference on Availability, Reliability and Security10.1109/ARES.2010.33(454-461)Online publication date: Feb-2010

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media