Security Infrastructure and Applicationsfor Mobile Agents

University dissertation from Stockholm : KTH

Abstract: Research areas of this dissertation are security for mobile agents, for applications based on mobile agents, and for distributed network environments in which mobile agents execute. Mobile agents paradigm has captured researchers’ and industry’s interests long time ago because of its innovative capabilities and attractive applications. The ability of mobile agents to autonomously migrate from host to host, transferring their code and internal state, enables them to accomplish tasks in network and distributed environments more conveniently, robustly, and efficiently than traditional client-server applications. But, in spite of significant benefits of the mobile agent paradigm, the technology is still mainly in a research domain and so far it has not been adopted on a large scale by the industry and users. One of the reasons for that is security related issues and security concerns.Current research in the area of mobile agents’ security is focused mainly on protection and security of agents and agents’ runtime platforms. But most of the currently available mobile agent systems do not support comprehensive security requirements for a general mobile agents paradigm. Therefore, there is a need for a complete and comprehensive security infrastructure for mobile agents, not only in the form of security services and mechanisms for agents’ runtime execution, but also as a complete set of infrastructural components, along with methodology for creation, classification, adoption, and validation of mobile agents before their deployment in real-environments. In addition, protection of mobile agents code and their baggage during execution is also needed. The lack of such concept, infrastructure and security solutions is hindrance for wider adoption of mobile agent systems at the time of this research.In our research, we solve these comprehensive requirements with solutions that can be classified in two groups: The first group is solutions for designing, implementation and deployment of a security infrastructure for mobile agents, along with methodology for secure deployment and execution of mobile agents. The proposed infrastructure for mobile agents is based on a methodology for creation, classification and validation of trusted mobile agents. It includes security architecture for publishing, discovery and adoption of mobile agents. Moreover, it provides integrated system for mobile agent deployment that supports launching, authorization and execution of mobile agents. Mobile agents execution is based on a protective approach, as compared to traditional detective or preventive methods, that not only provides code protection, but code execution and data privacy as well.The second group is solutions for use of security infrastructure and, in particular, secure and trusted mobile agents for real-life applications. The main result in this group is the design and implementation of a network intrusion detection and prevention system based on mobile agents. The system efficiently solves several problems of existing IDS/IPS. It can detect new vulnerabilities before they are exploited by hackers, it can process and filter large volumes of log entries, it reacts to intrusions in real–time, it provides protection against unknown attacks, it supports and improves commercial IDS/IPS products, and it also efficiently handles software patches. The system not only improves use of existing popular IDS/IPS, but it also eliminates several of their core problems. In addition, it is self–protected by full encryption, both of mobile agents and their execution platforms, and therefore not vulnerable to attacks against its own components and resources.