• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 2
  • Tagged with
  • 2
  • 2
  • 2
  • 2
  • 2
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
1

Contributions to the security of mobile agent systems / Contributions à la sécurité des systèmes d’agents mobiles

Idrissi, Hind 15 July 2016 (has links)
Récemment, l’informatique distribuée a connu une grande évolution en raison de l’utilisation du paradigme des agents mobiles, doté d’innovantes capacités, au lieu du système client-serveur où les applications sont liées à des nœuds particuliers dans les réseaux. Ayant capturé l’intérêt des chercheurs et de l’industrie, les agents mobiles sont capables de migrer de manière autonome d’un nœud à un autre à travers le réseau, en transférant de leur code et leurs données, ce qui leur permet d’effectuer efficacement des calculs, de recueillir des informations et d’accomplir des tâches. Cependant, en dépit de ses avantages significatifs, ce paradigme souffre encore de certaines limitations qui font obstacle à son expansion, principalement dans le domaine de la sécurité. Selon les efforts actuellement déployés pour évaluer la sécurité des agents mobiles, deux catégories de menaces sont considérées. La première catégorie concerne les attaques menées sur l’agent mobile lors de son voyage à travers des hôtes ou des entités malveillantes, tandis que la seconde catégorie traite les attaques effectuées par un agent mobile illicite afin d’affecter la plate-forme d’hébergement et de consommer ses ressources. Ainsi, il est substantiellement nécessaire de concevoir une infrastructure de sécurité complète pour les systèmes d’agents mobiles, qui comprend la méthodologie, les techniques et la validation. L’objectif de cette thèse est de proposer des approches qui fournissent cette technologie avec des fonctionnalités de sécurité, qui correspondent à sa structure globale sans compromettre ses capacités de mobilité, l’interopérabilité et l’autonomie. Notre première approche est basée sur la sérialisation XML et des primitives cryptographiques, afin d’assurer une mobilité persistante de l’agent ainsi qu’une communication sécurisée avec les plates-formes d’hébergement. Dans la seconde approche, nous avons conçu une alternative à la première approche en utilisant la sérialisation binaire et la cryptographie à base de l’identité. Notre troisième approche introduit l’aspect d’anonymat à l’agent mobile, et lui fournit un mécanisme de traçage pour détecter les intrusions le long de son voyage. La quatrième approche a été développée dans le but de restreindre l’accès aux ressources de la plate-forme de l’agent, en utilisant une politique de contrôle d’accès bien définie à base la cryptographie à seuil. A ce stade, on s’est intéressé à expérimenter l’utilité des agents mobiles avec des fonctionnalités de sécurité, dans la préservation de la sécurité des autres technologies, telles que le Cloud Computing. Ainsi, nous avons proposé une architecture innovante du Cloud, en utilisant des agents mobiles dotés de traces cryptographiques pour la détection d’intrusion et d’un protocole de révocation à base de seuil de confiance pour la prévention. / Recently, the distributed computing has witnessed a great evolution due to the use of mobile agent paradigm, endowed with innovative capabilities, instead of the client-server system where the applications are bound to particular nodes in networks. Having captured the interest of researchers and industry, the mobile agents areable to autonomously migrate from one node to another across the network, transferring their code and data, which allows them to efficiently perform computations, gather information and accomplish tasks. However, despite its significant benefits, this paradigm still suffering from some limitations that obstruct its expansion, primarily in the area of security. According to the current efforts to investigate the security of mobile agents, two categories of threats are considered. The first one concerns the attacks carried out on the mobile agent during its travel or stay by malicious hosts or entities, while the second one deals the attacks performed by a malicious mobile agent in order to affect the hosting platform and consume its resources. Thus, it is substantially needed to conceive a complete security infrastructure for mobile agent systems, which includes methodology, techniques and validation. The aim of this thesis is to propose approaches which provide this technology with security features, that meet with its overall structure without compromising its mobility, interoperbility and autonomy capabilities. Our first approach was based on XML serialization and cryptographic primitives, in order to ensure a persistent mobility of agent as well as a secure communication with hosting platforms. In the second approach, we have conceived an alternative to the first approach using binary serialization and Identity-based cryptography. Our third approach was proposed to introduce anonymity aspect to the mobile agent, and provide him with a tracing mechanism to detect intrusions along its trip. The fourth approach was developed in order to restrict the access to the resources of the agent platform, using a well-defined access control policy based on threshold cryptography. At this stage, we find it interesting to experiment the utility of mobile agents with security features in preserving the security of other technologies such as cloud computing. Thus, we have developed an innovative cloud architecture using mobile agents endowed with cryptographic traces for intrusion detection and a revocation protocol based on trust threshold for prevention.
2

Security Infrastructure and Applicationsfor Mobile Agents

Shibli, Awais January 2010 (has links)
Research areas of this dissertation are security for mobile agents, for applications based on mobile agents, and for distributed network environments in which mobile agents execute. Mobile agents paradigm has captured researchers’ and industry’s interests long time ago because of its innovative capabilities and attractive applications. The ability of mobile agents to autonomously migrate from host to host, transferring their code and internal state, enables them to accomplish tasks in network and distributed environments more conveniently, robustly, and efficiently than traditional client-server applications. But, in spite of significant benefits of the mobile agent paradigm, the technology is still mainly in a research domain and so far it has not been adopted on a large scale by the industry and users. One of the reasons for that is security related issues and security concerns. Current research in the area of mobile agents’ security is focused mainly on protection and security of agents and agents’ runtime platforms. But most of the currently available mobile agent systems do not support comprehensive security requirements for a general mobile agents paradigm. Therefore, there is a need for a complete and comprehensive security infrastructure for mobile agents, not only in the form of security services and mechanisms for agents’ runtime execution, but also as a complete set of infrastructural components, along with methodology for creation, classification, adoption, and validation of mobile agents before their deployment in real-environments. In addition, protection of mobile agents code and their baggage during execution is also needed. The lack of such concept, infrastructure and security solutions is hindrance for wider adoption of mobile agent systems at the time of this research. In our research, we solve these comprehensive requirements with solutions that can be classified in two groups: The first group is solutions for designing, implementation and deployment of a security infrastructure for mobile agents, along with methodology for secure deployment and execution of mobile agents. The proposed infrastructure for mobile agents is based on a methodology for creation, classification and validation of trusted mobile agents. It includes security architecture for publishing, discovery and adoption of mobile agents. Moreover, it provides integrated system for mobile agent deployment that supports launching, authorization and execution of mobile agents. Mobile agents execution is based on a protective approach, as compared to traditional detective or preventive methods, that not only provides code protection, but code execution and data privacy as well. The second group is solutions for use of security infrastructure and, in particular, secure and trusted mobile agents for real-life applications. The main result in this group is the design and implementation of a network intrusion detection and prevention system based on mobile agents. The system efficiently solves several problems of existing IDS/IPS. It can detect new vulnerabilities before they are exploited by hackers, it can process and filter large volumes of log entries, it reacts to intrusions in real–time, it provides protection against unknown attacks, it supports and improves commercial IDS/IPS products, and it also efficiently handles software patches. The system not only improves use of existing popular IDS/IPS, but it also eliminates several of their core problems. In addition, it is self–protected by full encryption, both of mobile agents and their execution platforms, and therefore not vulnerable to attacks against its own components and resources. / QC20100525

Page generated in 0.0809 seconds