Abstract
Mobile agent systems provide new perspectives for distributed e-commerce applications. These applications may present specific restrictions, making mobile agent systems a feasible solution. Even so, mobile agents present some security related problems. An important one is resource access control. The ability for mobile agents to provide a simple, scalable, flexible, and secure access control system is a key point for the widespread adoption of mobile agents. In this paper we propose a mechanism to safely assign roles to mobile agents and an access control method based on Role-based Access Control (RBAC). The access control method provides a simple, lightweight and distributed model for mobile agent applications. It is proposed as an extension of the MARISM-A (An Architecture for Mobile Agents with Recursive Itineraries and Secure Migration) project, a secure mobile agent platform.
This work has been partially funded by the Spanish Ministry of Science and Technology (MCYT) though the project TIC2003-02041.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Chess, D.: Security issues of mobile agents. In: Rothermel, K., Hohl, F. (eds.) MA 1998. LNCS, vol. 1477. Springer, Heidelberg (1998)
Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B., Ylonen, T.: RFC 2693: SPKI certificate theory. IETF (1999)
Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.: The KeyNote Trust Management System. RFC 2704, IETF (1999)
Ferraiolo, D., Sandhu, R., Gavrila, S., Kuhn, D., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security, 4 (2001)
Tripathi, A., Karnik, N.: Protected resource access for mobile agent-based distributed computing. In: Proceedings of the ICPP workshop on Wireless Networking and Mobile Computing (1998)
Hu, Y.J.: Some thoughts on agent trust and delegation. In: Proceedings of the fifth International Conference on Autonomous Agents (2001)
Aura, T.: Distributed access-rights management with delegation certificates. In: Vitek, J. (ed.) Secure Internet Programming. LNCS, vol. 1603, Springer, Heidelberg (1999)
JADE Board: Jade security guide. JADE-S Version 2 add-on (2005)
Suri, N., Bradshaw, J., Breedya, M., Groth, P., Hill, G., Jeffers, R., Mitrovich, T.: An overview of the nomads mobile agent system. In: Proceedings of 14th European Conference on Object-Oriented Programming (2000)
Bradshaw, J.M.: KAoS: Toward an industrial-strength open agent architecture. In: Nwana, H.S., Azarmi, N. (eds.) Software Agents and Soft Computing: Towards Enhancing Machine Intelligence. LNCS, vol. 1198, Springer, Heidelberg (1997)
Robles, S., Mir, J., Ametller, J., Borrell, J.: Implementation of Secure Architectures for Mobile Agents in MARISM-A. In: Karmouch, A., Magedanz, T., Delgado, J. (eds.) MATA 2002. LNCS, vol. 2521, pp. 182–191. Springer, Heidelberg (2002)
Cartrysse, K., van der Lubbe, J.: Privacy in mobile agents. In: First IEEE Symposium on Multi-Agent Security and Survivability (2004)
Li, N., Winsborough, W., Mitchell, J.: Distributed credential chain discovery in trust management. In: ACM Conference on Computer and Communications Security (2001)
FIPA TC Ad Hoc: Fipa agent discovery service specification (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Navarro, G., Ortega-Ruiz, J.A., Ametller, J., Robles, S. (2005). Distributed Authorization Framework for Mobile Agents. In: Magedanz, T., Karmouch, A., Pierre, S., Venieris, I. (eds) Mobility Aware Technologies and Applications. MATA 2005. Lecture Notes in Computer Science, vol 3744. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11569510_13
Download citation
DOI: https://doi.org/10.1007/11569510_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-29410-8
Online ISBN: 978-3-540-32031-9
eBook Packages: Computer ScienceComputer Science (R0)