A Security Model for Aglets

Karjoth, Günter; Lange, Danny B.; Oshima, Mitsuru

doi:10.1007/3-540-68671-1_10

Cited by 48 publications

(51 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…[10,7]) to profit from both technologies: The client directs her query to a mediator; the mediator constructs an agent to collect the partial results from the datasources. This reduces communication overhead between mediator and datasources.…”

Section: Resultsmentioning

confidence: 99%

Secure Mediation with Mobile Code

Biskup

Sprick

Wiese

2005

Data and Applications Security XIX

View full text Add to dashboard Cite

Abstract.A mediator helps a client of a distributed information system to acquire data without contacting each datasource. We show how mobile code can be used to ensure confidentiality of data in a secure mediation system. We analyze what advantages mobile code has over mobile data for secure mediation. We present a Java implementation of a system that mediates SQL queries. Security risks for the client and the mobile code are delineated; offending the integrity of its own data is identified as a special type of attack of mobile code in a mediation system. We name appropriate countermeasures and describe the amount of trust needed in our system. As an extension, we consider security in a hierarchy of mediators. Finally, we combine mobile code with mobile agent technology.

show abstract

Section: Resultsmentioning

confidence: 99%

Secure Mediation with Mobile Code

Biskup

Sprick

Wiese

2005

Data and Applications Security XIX

View full text Add to dashboard Cite

show abstract

“…-The specification of appropriate security policies, whether in the context of our security infrastructure or another, is a critical area for future research. The Aglets project has one preliminary proposal [14].…”

Section: Statusmentioning

confidence: 99%

“…After registering with the agent system, the agent requests access to the needed system resources (lines 6-9). Then the agent waits for a query (lines [14][15]. Once the agent has a query, it verifies that the querying agent is on the same machine (lines [17][18][19][20], that the owner of the agent could be authenticated (lines [22][23][24][25][26], and that the owner is on the collection access list (lines 28-32).…”

Section: Figmentioning

confidence: 99%

“…After that, the Java agent corresponds exactly to the Tcl agent. It turns on digital signatures (lines 4-5), registers with the agent system (lines 7-8), migrates to the location of the search engine (lines 10-11), performs the multi-step query (lines [13][14][15][16][17][18], and returns home (lines [20][21][22]. As with the Tcl examples, error-checking and some initialization code have been omitted.…”

Section: Figmentioning

confidence: 99%

“…The Tcl portion of D'Agents version 2.0, which is the version of D'Agents described in this paper, is available now on the D'Agents web page 14 . The Java portion will be available by the time of publication.…”

Section: Availabilitymentioning

confidence: 99%

See 2 more Smart Citations

D’Agents: Security in a Multiple-Language, Mobile-Agent System

Gray

Kotz

Cybenko

et al. 1998

Lecture Notes in Computer Science

119

View full text Add to dashboard Cite

Abstract. Mobile-agent systems must address three security issues: protecting an individual machine, protecting a group of machines, and protecting an agent. In this chapter, we discuss these three issues in the context of D'Agents, a mobile-agent system whose agents can be written in Tcl, Java and Scheme. (D'Agents was formerly known as Agent Tcl.) First we discuss mechanisms existing in D'Agents for protecting an individual machine: (1) cryptographic authentication of the agent's owner, (2) resource managers that make policy decisions based on the owner's identity, and (3) secure execution environments for each language that enforce the decisions of the resource managers. Then we discuss our planned market-based approach for protecting machine groups. Finally we consider several (partial) solutions for protecting an agent from a malicious machine.

show abstract

MagicNET: mobile agents data protection system

Shibli

Masood

Ghazi

et al. 2013

Trans. Emerging Tel. Tech.

View full text Add to dashboard Cite

Literature study and analysis on mobile agents reveal many challenging and uncovered aspects that still do not have comprehensive solutions. Despite the fact that significant research has been carried out on mobile agents, it is still not widely adopted by industry and research community because of the immaturity of various technical aspects of agent paradigm. One of the main reasons that limits the scope of the potential applications of mobile agents is the lack of reliable security solutions for mobile agents' code and their baggage. The protection of mobile agents' codes has been solved by the research community to some extent; however, there is not even a single solution that provides complete protection and access control mechanism for agents' code and their baggage (data being accumulated/ carried by agent during execution). Most of the existing solutions such as execution tracing, code obfuscation, encrypted code execution and partial result encapsulation mainly cover security threats of mobile agents' code. In this paper, we present a security solution to overcome the security threats on traditional mobile agents computing paradigm. Our proposed solution is one step ahead of extant solutions in that it provides complete protection and enforces access control on agents' complex baggage structure. We have extended our previous work that was limited to the protection of agents and the agent platforms only. Our approach provides holistic access control mechanism between users and agents, agents and agent platform resources and platform and agents baggage. By adopting the proposed solution in the mobile agent-oriented software engineering, secure and complex mobile agent-based applications can be developed, which will greatly benefit the software industry.

show abstract

A Security Model for Aglets

Cited by 48 publications

References 4 publications

Secure Mediation with Mobile Code

Secure Mediation with Mobile Code

D’Agents: Security in a Multiple-Language, Mobile-Agent System

MagicNET: mobile agents data protection system

Contact Info

Product

Resources

About