1 |
A Secure Infrastructural Strategy for Safe Autonomous Mobile AgentsGiansiracusa, Michelangelo Antonio January 2005 (has links)
Portable languages and distributed paradigms have driven a wave of new applications and processing models. One of the most promising, certainly from its early marketing, but disappointing (from its limited uptake)is the mobile agent execution and data processing model. Mobile agents are autonomous programs which can move around a heterogeneous network such as the Internet, crossing through a number of different security domains, and perform some work at each visited destination as partial completion of a mission for their agent user. Despite their promise as a technology and paradigm to drive global electronic services (i.e.any Internet-driven-and-delivered service, not solely e-commerce related activities), their up take on the Internet has been very limited. Chief among the reasons for the paradigm's practical under-achievement is there is no ubiquitous frame work for using Internet mobile agents, and non-trivial security concerns abound for the two major stake holders (mobile agent users and mobile agent platform owners). While both stake holders have security concerns with the dangers of the mobile agent processing model, most investigators in the field are of the opinion that protecting mobile agents from malicious agent platforms is more problematic than protecting agent platforms from malicious mobile agents. Traditional cryptographic mechanisms are not well-suited to counter the bulk of the threats associated with the mobile agent paradigm due to the untrusted hosting of an agent and its intended autonomous, flexible movement and processing. In our investigation, we identified that the large majority of the research undertaken on mobile agent security to date has taken a micro-level perspective. By this we mean research focused solely on either of the two major stakeholders, and even then often only on improving measures to address one security issue dear to the stake holder - for example mobile agent privacy (for agent users) or access control to platform resources (for mobile agent platform owners). We decided to take a more encompassing, higher-level approach in tackling mobile agent security issues. In this endeavour, we developed the beginnings of an infrastructural-approach to not only reduce the security concerns of both major stakeholders, but bring them transparently to a working relationship. Strategic utilisation of both existing distributed system trusted-third parties (TTPs) and novel mobile agent paradigm-specific TTPs are fundamental in the infrastructural framework we have devised. Besides designing an application and language independent frame work for supporting a large-scale Internet mobile agent network, our Mobile Agent Secure Hub Infrastructure (MASHIn) proposal encompasses support for flexible access control to agent platform resources. A reliable means to track the location and processing times of autonomous Internet mobile agents is discussed, withfault-tolerant handling support to work around unexpected processing delays. Secure,highly-effective (incomparison to existing mechanisms) strategies for providing mobile agent privacy, execution integrity, and stake holder confidence scores were devised - all which fit comfortably within the MASHIn framework. We have deliberately considered the interests - withoutbias -of both stake holders when designing our solutions. In relation to mobile agent execution integrity, we devised a new criteria for assessing the robustness of existing execution integrity schemes. Whilst none of the existing schemes analysed met a large number of our desired properties for a robust scheme, we identified that the objectives of Hohl's reference states scheme were most admirable - particularly real - time in - mission execution integrity checking. Subsequently, we revised Hohl's reference states protocols to fit in the MASHIn framework, and were able to overcome not only the two major limitations identified in his scheme, but also meet all of our desired properties for a robust execution integrity scheme (given an acceptable decrease in processing effiency). The MASHIn offers a promising new perspective for future mobile agent security research and indeed a new frame work for enabling safe and autonomous Internet mobile agents. Just as an economy cannot thrive without diligent care given to micro and macro-level issues, we do not see the security prospects of mobile agents (and ultimately the prospects of the mobile agent paradigm) advancing without diligent research on both levels.
|
Page generated in 0.1644 seconds