Abstract
Mobile agents are autonomous entities that handle tasks for their owner. Agents act on their own by reacting to changes and by planning their course of action. These agents can move from one server to another. In the future, agents will also be supplied with real money in some form to pay for resources or services.In this paper we discuss a dynamic security architecture, in which permissions are assigned in exchange for information (money). The decision as to which permissions are available, as well as how much they cost, is based on the source of the code, the owner/user of the code and what other information the agent is willing (or able) to provide.We discuss the advantages and limitations of assessing permissions in monetary terms, rather than binary granting or denial of permissions according to pre-set classes. A test-framework has been implemented using Java.
- {Acharya97} Anurag Acharya, Guy Edjlali: History-based Access Control for Mobile Code. Technical report TRCS97-25 (ACM-CCCS-98)]] Google ScholarDigital Library
- {Aglets} IBM Research Lab: Aglets Homepage http://www.trl.ibm.co.jp/aglets (7.10.1999)]]Google Scholar
- {Bredin98} Jonathan Bredin, David Kotz, Daniela Rus: Market-based Resource Control for Mobile Agents. In: Proceedings of the Second International Conference on Autonomous Agents. ACM Press 1998]] Google ScholarDigital Library
- {Garfinkel97} Simson Garfinkel, Gene Spafford: Web Security & Commerce. Sebastopol: O'Reilly 1998]] Google ScholarDigital Library
- {Gosling96} James Gosling, Bill Joy, Guy Steel: The Java Language Specification. Addison-Wesley, 1996]] Google ScholarDigital Library
- {Jsec} J. Steven Fritzinger, Marianne Mueller: Java Security. http://java.sun.com/products/jdk/1.2/docs/guide/security/spec/security-spec.doc.html (12.19.99)]]Google Scholar
- {Kotz99} David Kotz, Robert S. Gray: Mobile Agents and the Future of the Internet. Operating Systems Review 3/1999, 7-13]] Google ScholarDigital Library
- {Kun00} Yang Kun, Guo Xin, Liu Dayou: Security in Mobile Agent System: Problems and Approaches. Operating Systems Review 1/2000, 21-28]] Google ScholarDigital Library
- {Sanders98} Tomas Sanders, Christian F. Tschudin: Protecting Mobile Agents Against Malicious Hosts. In: G. Vigna (Ed.) Mobile Agents and Security. Berlin: Springer 1998 (Lecture Notes in computer science; Vol. 1419)]] Google ScholarDigital Library
- {Tschudin99} Christian F. Tschudin: Mobile Agent Security. In: Matthias Klusch (Ed.): Intelligent Information Agents. Agent-Based Information Discovery and Management on the Internet. Berlin: Springer 1999]]Google Scholar
- {Vigna98} Giovanni Vigna (Ed.): Mobile Agents and Security. Berlin: Springer 1998 (Lecture notes in computer science; Vol. 1419)]] Google ScholarDigital Library
- {Yemini98} Y. Yemini, A. Dailianas, D. Florissi, G. Huberman: MarketNet: Market-Based Protection of Information Systems. In: Proceedings of the First International Conference on Information and Computation Economies. ACM Press 1998]] Google ScholarDigital Library
- {Zhou99} Jianying Zhou: Achieving Fair Non-repudiation in Electronic Transactions. Journal of Network and Computer Applications. Academic Press (to appear)]]Google Scholar
Recommendations
A Security Architecture for Mobile Agent Based Applications
This paper describes a security architecture for mobile agent based systems. It defines the notion of a security-enhanced agent and outlines security management components in agent platform bases and considers secure migration of agents from one base to ...
Mobile Agent Security and Telescript
COMPCON '96: Proceedings of the 41st IEEE International Computer ConferenceTelescript is a software technology for building distributed applications using the mobile agent paradigm. Telescript mobile agents are migrating processes capable of being executed on any Telescript service host. This paper describes the safety and ...
Mobile-C: a mobile agent platform for mobile C-C++ agents
This article presents the design, implementation and application of Mobile-C, an IEEE Foundation for Intelligent Physical Agents (FIPA) compliant agent platform for mobile C/C++ agents. IEEE FIPA standards are a set of specifications designed to ensure ...
Comments