 |
 |
|||||||
|
SECURE MOBILE AGENTS Dilp.-Ing. Mehrdad Jalali-Sohi Dipl.-Inform. Volker Roth Fraunhofer Institut for Computer Graphics (IGD), Germany We are developing a framework for secure mobile agents which foster the creation of applications in a wide area of domains such as electronic commerce, mobile communication, information access, training and education as well as in numerous related ones.
Mobile Agent Computing is a new emerging paradigm that directly supports IT for mobile environments. With agent-based services, mobile units do not have to be permanently online, instead the wireless link is brought up only for sending and receiving mobile agents. Once let loose, mobile agents roam the networks, seek information and carry out tasks on behalf of their senders autonomously. Upon return to their senders the agents present the results of their endeavors. Meanwhile the user is freed of the obligation to permanently monitor the application's progress. Mobile agents also offer great benefits for "wired" networks by adding client-side intelligence and functionality to server-side services unified under a homogenous access paradigm. According to the Agent Society, ``Intelligent, and frequently autonomous and mobile, computer code known as agents represent the next great wave of innovation and development across the Infosphere comprised of the Internet, Intranets, Extranets, World Wide Web, and countless other networked computer systems. This arena has increasingly become very active, rapidly evolving, and expanding in scope and importance. The technology is expected to eventually have an effect as profound as the World Wide Web''. However, a crucial factor for the actual success of this technology depends on our ability to secure it against attacks. A mobile agent's intinerary in general spans a number of servers which might be run by competing operators. Apart from monitoring, manipulating and stealing data from mobile agents, malicious hosts might try to abuse passing agents as Trojan horses for attacks on competing servers while incriminating the agents' senders in the process. On the other hand, hosts have to be aware of malicious agents which might try to break into the server in order to harm other agents hosted by it, or to gain unauthorized system access. Both the server and the agents are threatened by attacks originating from outside the system. Eavesdroppers might snoop on agents being transferred over network links hence endagering the agents' privacy. They might also launch active attacks on servers either directly or by actively manipulating agents which are in transit. In addition to that, programmers of mobile agent code might secretly embed backdoors and viruses into code they provide to agent application programmers. A sound security model for mobile agent systems which is able to resist these attacks is fundamental to business acceptance and market exploitation of this fascinating new computing paradigm. However, so far there seems to exists neither a framework which supports the integration of the numerous techniques proposed, nor an agent structure which supports cryptographic handling of agents, agent access control or key management for agents. We develop a multi-layer security architecture for this reason. The first layer consists of transport layer security which thwarts network-based attacks using authentication, encryption, integrity protection and replay detection. This layer also provides the authenticated identities of communicating servers to the upper layers. The layers stacked on top of this one performs multiple operations, integrity checks and verification steps on the mobile agent before it is allowed into the runtime system:
Contact Dilp.-Ing. Mehrdad Jalali-Sohi , jalali@igd.fhg.de, Dipl.-Inform. Volker Roth , vroth@igd.fhg.de, Fraunhofer-IGD, Runderrturmstr.6, 64283 Darmstadt, Germany
|
