Protecting mobile agents from malicious hosts in a distributed network
Abstract
Distributed applications provide challenging environment in today’s advancing technological
world. To enhance the aspects of better performance and efficiency in real scenario, mobile
agent’s concept has been brought forward. Mobile agents (MAs) are autonomous computing
entities that have the capability of moving (migrating) from one host to another and resuming
execution in the new host. MAs are an extension of the mobile object concept and allow the
movement of an agent’s code, data and state. Of concern however are the security threats that
this exciting paradigm is associated with.
We have used the Tropos methodology to design a security framework for mobile agent
systems. We further demonstrate this security solution by use of a credit bureau use case. In
our design, the security mechanism protects tasks, sub-tasks, goals and soft goals of each
agent from other agents. Only an authenticated and authorized agent can access tasks or goals
of another agent. This security hierarchy uses a multi-faceted approach to protect mobile
agents and must be incorporated from the design stage of agent systems. The security
supervisor assumes the dual role of authentication and authorization. The status monitoring
agent, on the other hand, monitors the status of each agent in the environment.
Our results showed that a multi-agent system with no security at all factored into its design
will always be vulnerable. This is due to the fact that multi-agent systems are inherently
loosely coupled. A secure multi-agent system is one that has both a good monitoring and
security supervision framework. These two frameworks complement each other. Where the
security might fail, the monitoring framework would report an exception.
Publisher
University of Nairobi
Description
Thesis