Abstract
The goal of mobile agent systems is to provide a distributed computing infrastructure supporting applications whose components can move between different execution environments. The design and implementation of mechanisms to relocate computations requires a careful assessment of security issues. If these issues are not addressed properly, mobile agent technology cannot be used to implement real-world applications. This paper describes the initial steps of a research effort to design and implement security middleware for mobile code systems in general and mobile agent systems in particular. This initial phase focused on understanding and evaluating the security mechanisms of existing mobile agent systems. The evaluation was performed by deploying several mobile agents systems in a testbed network, implementing attacks on the systems, and evaluating the results. The long term goal for this research is to develop guidelines for the security analysis of mobile agent systems and to determine if existing systems provide the security abstractions and mechanisms needed to develop real-world applications.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Grasshopper. WWW Site. http://www.grasshopper.de.
IBM AgletWorkbench. WWW Site. http://www.trl.ibm.co.jp/aglets/.
IKV++. WWW Site. http://www.ikv.de.
Jumping Beans. WWW Site. http://www.jumpingbeans.com.
AdAstra. Jumping Beans White Paper. Technical report, AdAstra Engineering, Inc., Sunnyvale, CA, April 27 1999.
D. Dean, E. Felten, and D. Wallach. Java Security: From HotJava to Netscape and Beyond. In Proc. of the 1996 IEEE Symp. on Security and Privacy, Oakland, Cal., May 1996.
A. Fuggetta, G.P. Picco, and G. Vigna. Understanding Code Mobility. IEEE Transactions on Software Engineering, 24(5):342–361, May 1998.
R.S. Gray, D. Kotz, G. Cybenko, and D. Rus. D’Agents: Security in Multiple-Language, Mobile-Agent System. In G. Vigna, editor, Mobile Agents and Security, volume 1419 of LNCS. Springer, 1998.
G. Karjoth, D. Lange, and M. Oshima. A Security Model For Aglets. IEEE Int. Comp., pages 68–77, July 1997.
OMG. MASIF-Mobile Agent System Interoperability Facility. Draft, October 3 1998.
M. Oshima, G. Karjoth, and K. Ono. Aglets Specification 1.1 Draft. Whitepaper Draft 0.65, Sept. 8 1998.
J. Ousterhout, J. Levy, and B. Welch. The Safe-Tcl Security Model. In G. Vigna, editor, Mobile Agents and Security, volume 1419 of LNCS. Springer, 1998.
JamesW. Stamos and David K. Gifford. Implementing Remote Evaluation. IEEE Trans. on Soft. Eng., 16(7):710–722, July 1990.
G. Vigna. Mobile Code Technologies, Paradigms, and Applications. PhD thesis, Politecnico di Milano, 1997.
G. Vigna, editor. Mobile Agents and Security, volume 1419 of LNCS. Springer, 1998.
J. Vitek, M. Serrano, and D. Thanos. Security and Communications in Mobile Object Systems. In J. Vitek and C. Tschudin, editors, Mobile Object Systems: Towards the Programmable Internet, LNCS 1222. Springer-Verlag, April 1997.
J.E. White. Telescript Technology: Mobile Agents. In J. Bradshaw, editor, Software Agents. AAAI Press/MIT Press, 1996.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Fischmeister, S., Vigna, G., Kemmerer, R.A. (2001). Evaluating the Security of Three Java-Based Mobile Agent Systems. In: Picco, G.P. (eds) Mobile Agents. MA 2001. Lecture Notes in Computer Science, vol 2240. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45647-3_3
Download citation
DOI: https://doi.org/10.1007/3-540-45647-3_3
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42952-4
Online ISBN: 978-3-540-45647-6
eBook Packages: Springer Book Archive