Abstract
The autonomous capabilities of Internet mobile agents are one of their great attractions, yet leave them at the mercy of ill-intending agent platforms. We have devised an infrastructural strategy that allows mobile agent users to delegate responsibility to a trusted third party for the safe management of mobile agents they deploy onto the Internet. Our infrastructural approach is based on a Mobile Agent Secure Hub (MASH) which is capable of providing a large number of security services for agent users and their deployed Internet mobile agents. For instance, the MASH can gather statistics on the track record of agent platforms in providing safe and reliable execution of agents. These publishable statistics act as a deterrent against maliciously behaving agent platforms, as some agent users would be hesitant to send their agents to platforms with unsound track records.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Claessens, J., Preneel, B., Vandewalle, J.: (How) can mobile agents do secure electronic transactions on untrusted hosts? - A survey of the security issues and current solutions (2003) ACM TOIT (February 2003)
Hohl, F.: An Approach to Solve the Problem of Malicious Hosts. Technical Report 1997/03, Universitat Stuttgart (1997)
Jansen, W.: Countermeasures for Mobile Agent Security. Computer Communications, Special Issue on Advanced Security Techniques for Network Protection (2000)
Jansen, W., Karygiannis, T.: Mobile Agent Security. NIST Technical Report. Technical Report, National Institute of Standards and Technology (1999)
Posegga, J., Karjoth, G.: Mobile Agents and Telcos’ Nightmares. Annales des Telecomunication, Special issue on communications security (2000)
Chan, A.H., Lyu, M.R.: The mobile code paradigm and its security issues (1999), http://www.cse.cuhk.edu.hk/~lyu/student/mphil/anthony/gm99.fall.ppt
Farmer, W.M., Guttman, J.D., Swarup, V.: Security for Mobile Agents: Issues and Requirements. In: Presented at the 1996 National Information Systems Security Conference, Baltimore, MD, USA (1996), http://csrc.nist.gov/nissc/1996/papers/NISSC96/paper033/SWARUP96.PDF
Hohl, F.: Time Limited Blackbox Security: Protecting Mobile Agents From Malicious Hosts. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, pp. 92–113. Springer, Heidelberg (1998)
Wilhelm, U.: Cryptographically Protected Objects. Technical report, Ecole Polytechnique Federale de Lausanne, Switzerland (1997)
Wilhelm, U.G., Staamann, S., Buttyán, L.: Introducing trusted third parties to the mobile agent paradigm. In: Vitek, J. (ed.) Secure Internet Programming. LNCS, vol. 1603, pp. 471–491. Springer, Heidelberg (1999)
NAI Labs: Secure Execution Environments: Self-Protecting Mobile Agents (2002), http://www.pgp.com/research/nailabs/secure-execution/self-protecting.asp
Riordan, J., Schneier, B.: Environmental Key Generation towards Clueless Agents. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, pp. 15–24. Springer, Heidelberg (1998)
Sander, T., Tschudin, C.F.: Protecting Mobile Agents Against Malicious Hosts. In: Vigna, G. (ed.) Mobile Agents and Security, Heidelberg, Germany. LNCS, pp. 44–60. Springer, Heidelberg (1998)
Roth, V.: Mutual Protection of Co-operating Agents. In: Secure Internet Programming, pp. 275–285 (1999)
Fischmeister, S.: Building Secure Mobile Agents: The Supervisor-Worker Framework. Master’s thesis, Technical University of Vienna (2000)
Hohl, F.: A framework to protect mobile agents by using reference states. In: International Conference on Distributed Computing Systems, pp. 410–417 (2000)
Giansiracusa, M., Russell, S., Clark, A.: Clever Use of Trusted Third Parties for Mobile Agent Security. In: Applied Cryptography and Network Security – Technical Track, pp. 398–407. ICISA Press (2004)
Roth, V.: On the robustness of some cryptographic protocols for mobile agent protection. In: Picco, G.P. (ed.) MA 2001. LNCS, vol. 2240, p. 1. Springer, Heidelberg (2001)
Roth, V.: Empowering mobile software agents. In: Suri, N. (ed.) MA 2002. LNCS, vol. 2535, pp. 47–63. Springer, Heidelberg (2002)
Roth, V., Jalali-Sohi, M.: Concepts and architecture of a security-centric mobile agent server. In: Fifth International Symposium on Autonomous Decentralized Systems (ISADS 2001), pp. 435–442. IEEE Computer Society, Los Alamitos (2001)
Giansiracusa, M., Russell, S., Clark, A., Hynd, J.: A Step Closer to a Secure Internet Mobile Agent Community, Submitted to The Fifth Asia-Pacific Industrial Engineering and Management Systems Conference (APIEMS 2004) (2004)
Hohl, F.: A Protocol to Detect Malicious Hosts Attacks by Using Reference States. Technical report, Universität Stuttgart, Fakultät Informatik (1999)
Farmer, W.M., Guttman, J.D., Swarup, V.: Security for Mobile Agents: Authentication and State Appraisal. In: Proceedings of the Fourth European Symposium on Research in Computer Security, Rome, Italy, pp. 118–130 (1996)
Giansiracusa, M., Russell, S., Clark, A., Hynd, J.: MASHIn Reputation Ratings as a Deterrent Against Poor Behaviour. To be submitted to The 3rd Workshop on the Internet, Telecommunications and Signal Processing (WITSP 2004) (2004)
Tan, H.K., Moreau, L.: Trust Relationships in a Mobile Agent System. In: Picco, G.P. (ed.) MA 2001. LNCS, vol. 2240, pp. 15–30. Springer, Heidelberg (2001)
Rasmusson, L., Jansson, S.: Simulated social control for secure Internet commerce, pp. 18–26 (1996)
Mandry, T., Pernul, G., Röhm, A.W.: Mobile agents on electronic markets – opportunities, risks and agent protection. In: Klein, S., Gricar, J., Pucihar, A. (eds.) 12th Bled Electronic Commerce Conference, Moderna Organizacija (1999)
Algesheimer, J., Cachin, C., Camenisch, J., Karjoth, G.: Cryptographic Security for Mobile Code. In: Proc. IEEE Symposium on Security and Privacy, IEEE, Los Alamitos (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Giansiracusa, M., Russell, S., Clark, A., Roth, V. (2004). Macro-level Attention to Mobile Agent Security: Introducing the Mobile Agent Secure Hub Infrastructure Concept. In: Lopez, J., Qing, S., Okamoto, E. (eds) Information and Communications Security. ICICS 2004. Lecture Notes in Computer Science, vol 3269. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30191-2_27
Download citation
DOI: https://doi.org/10.1007/978-3-540-30191-2_27
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23563-7
Online ISBN: 978-3-540-30191-2
eBook Packages: Springer Book Archive