A Flexible Security Framework for Mobile Agent Systems

Mobile agent technology raises significant security concerns and requires a thorough security framework, with a wide range of strategies and mechanisms, for the protection of both agents and agent hosts, against possibly malicious reciprocal behaviour. Researchers have identified several security attacks. These are mainly from one host to another, from an agent to a host, from a host to an agent, and from one agent to another. Agent itineraries must also be made secure and robust in order to ensure secure agent behaviour. Unless the above issues are addressed properly, mobile agent technology cannot be used to implement real-world applications. The security infrastructure should have the ability to flexibly and dynamically offer different solutions, to achieve different qualities of security service, depending on application requirements. The authors report on mechanisms for providing security of agent itineraries, based on an identified security architecture. They present three protocols, which provide both security and robustness to agent itineraries, in a separate middleware layer that is flexible because it can be suitably modified as per requirements. The proposed techniques have been implemented and tested on the PMADE system; this work reports the results of a comparison of these techniques with some existing ones.