A Security Scheme for Mobile Agent Platforms in Large-Scale Systems

  • Michelle S. Wangham
  • Joni da Silva Fraga
  • Rafael R. Obelheiro
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2828)


Mobile agents have recently started being deployed in large-scale distributed systems. However, this new technology brings some security concerns of its own. In this work, we propose a security scheme for protecting mobile agent platforms in large-scale systems. This scheme comprises a mutual authentication protocol for the platforms involved, a mobile agent authenticator, and a method for generation of protection domains. It is based on SPKI/SDSI chains of trust, and takes advantage of the flexibility of the SPKI/SDSI certificate delegation infrastructure to provide decentralized authorization and authentication control.


Mobile Agent Mutual Authentication Security Scheme Access Control Model Agent Platform 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Vigna, G. (ed.): Mobile Agents and Security. LNCS, vol. 1419. Springer, Heidelberg (1998)Google Scholar
  2. 2.
    Farmer, W., Guttman, J., Swarup, V.: Security for mobile agents: Issues and requirements. In: Proc. 19th National Information System Security Conference (1996)Google Scholar
  3. 3.
    Jansen, W., Karygiannis, T.: Mobile agent security. Technical Report NIST Special Publication 800-19, National Institute of Standards and Technology (1999) Google Scholar
  4. 4.
    Sun: Java 2 SDK security documentation (2003),
  5. 5.
    Levy, J., Ousterhout, J., Welch, B.: The Safe-Tcl security model. Technical Report SMLI TR-97-60, Sun Microsystems (1997)Google Scholar
  6. 6.
    Gray, R., Kotz, D., Cybenko, G., Rus, D.: D’Agents: Security in a multiplelanguage, mobile agent systems. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, pp. 154–187. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  7. 7.
    Karnik, N.: Security in Mobile Agent Systems. PhD thesis, University of Minnesota (1998)Google Scholar
  8. 8.
    Ordille, J.: When agents roam, who can you trust? In: 1st Conference on Emerging Technologies and Applications in Communications (1996)Google Scholar
  9. 9.
    Necula, G., Lee, P.: Safe, untrusted agents using proof-carrying code. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, pp. 61–91. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  10. 10.
    Ellison, C.M., Frantz, B., Lampson, B., Rivest, R., Thomas, B., Ylönen, T.: SPKI requirements. RFC 2693, Internet Engineering Task Force (1999)Google Scholar
  11. 11.
    Clarke, D.E.: SPKI/SDSI HTTP server/certificate chain discovery in SPKI/SDSI. Master’s thesis, Massachusetts Institute of Technology, MIT (2001)Google Scholar
  12. 12.
    Nikander, P., Partanen, J.: Distributed policy management for JDK 1.2. In: Proc. 1999 Network and Distributed Systems Security Symposium (1999)Google Scholar
  13. 13.
    Santin, A., Fraga, J., Mello, E., Siqueira, F.: Extending the SPKI/SDSI model through federation webs. In: Proc. 7th IFIP Conference on Communications and Multimedia Security (2003)Google Scholar
  14. 14.
    Yee, B.: A sanctuary for mobile agents. In: Vitek, J. (ed.) Secure Internet Programming. LNCS, vol. 1603, pp. 261–273. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  15. 15.
    Karjoth, G., Asokan, N., Gulcu, C.: Protecting the computing results of freeroaming agents. In: Proc. 2nd International Workshop on Mobile Agents (1998)Google Scholar
  16. 16.
    Roth, V.: On the robustness of some cryptographic protocols for mobile agent protection. In: Picco, G.P. (ed.) MA 2001. LNCS, vol. 2240, pp. 1–14. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  17. 17.
    Morcos, A.: A Java implementation of Simple Distributed Security Infrastructure. Master’s thesis, Massachusetts Institute of Technology (1998)Google Scholar
  18. 18.
    Molva, R., Roudier, Y.: A distributed access control model for Java. In: Cuppens, F., Deswarte, Y., Gollmann, D., Waidner, M. (eds.) ESORICS 2000. LNCS, vol. 1895, Springer, Heidelberg (2000)CrossRefGoogle Scholar
  19. 19.
    Rabelo, R., Wangham, M., Schmidt, R., Fraga, J.: Trust building in the creation of virtual enterprises in mobile agent-based architectures. In: 4th IFIP Working Conference on Virtual Enterprises (2003)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2003

Authors and Affiliations

  • Michelle S. Wangham
    • 1
  • Joni da Silva Fraga
    • 1
  • Rafael R. Obelheiro
    • 1
  1. 1.Department of Automation and SystemsFederal University of Santa CatarinaFlorianópolisBrazil

Personalised recommendations