Security in the Ajanta mobile agent system

A mobile agent is an object which can autonomously migrate in a distributed system to perform tasks on behalf of its creator. Security issues in regard to the protection of host resources, as well as the agent themselves, raise significant obstacles in practical applications of the agent paradigm. T...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Software, practice & experience Ročník 31; číslo 4; s. 301 - 329
Hlavní autoři: Karnik, Neeran M., Tripathi, Anand R.
Médium: Journal Article
Jazyk:angličtina
Vydáno: Chichester, UK John Wiley & Sons, Ltd 10.04.2001
Témata:
distributed systems
internet programming
java security model
mobile agents
mobile objects
security
ISSN:0038-0644, 1097-024X
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:A mobile agent is an object which can autonomously migrate in a distributed system to perform tasks on behalf of its creator. Security issues in regard to the protection of host resources, as well as the agent themselves, raise significant obstacles in practical applications of the agent paradigm. This article describes the security architecture of Ajanta, a Java‐based system for mobile agent programming. This architecture provides mechanisms to protect server resources from malicious agents, agent data from tampering by malicious servers and communication channels during its travel, and protection of name service data and the global namespace. We present here a proxy based mechanism for secure access to server resources by agents. Using Java's class loader model and thread group mechanism, isolated execution domains are created for agents at a server. An agent can contain three kinds of protected objects: read‐only objects whose tampering can be detected, encrypted objects for specific servers, and a secure append‐only log of objects. A generic authentication protocol is used for all client–server interactions when protection is required. Using this mechanism, the security model of Ajanta enforces protection of namespaces, and secure execution of control primitives such as agent recall or abort. Ajanta also supports communication between agents using RMI, which can be controlled if required by the servers' security policies. Copyright © 2001 John Wiley & Sons, Ltd.
Bibliografie:ArticleID:SPE364
ark:/67375/WNG-71X0BL7R-Q
National Science Foundation - No. ANIR 9813703; No. EIA 9818338
istex:4BB64A33F19F790E06D068B10706AE1AC81D626B
Now with IBM India Research Lab, New Delhi.
ObjectType-Article-2
SourceType-Scholarly Journals-1
ObjectType-Feature-1
content type line 23
ISSN:0038-0644
1097-024X
DOI:10.1002/spe.364