SMASH: Modular Security for Mobile Agents

  • Adam Pridgen
  • Christine Julien
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4408)


Mobile agent systems of the future will be used for secure information delivery and retrieval, off-line searching and purchasing, and even system software updates. As part of such applications, agent and platform integrity must be maintained, confidentiality between agents and the intended platform parties must be preserved, and accountability of agents and their platform counterparts must be stringent. SMASH, Secure Modular Mobile Agent System.H, is an agent system designed using modular components that allow agents to be easily constructed and the system to be easily extended. To facilitate security functionality, the SMASH platform incorporates existing hardware and software security solutions to provide access control, accountability, and integrity. Agents are further protected using a series of standard cryptographic functions. While SMASH promotes high assurance applications, the system also promotes an open network environment, permitting agents to move freely among the platforms and execute unprivileged actions without authenticating. In this paper, we elaborate on the components and capabilities of SMASH and present an application that benefits from each of these elements.


Multiagent System Mobile Agent Trusted Platform Module Modular Security Trust Computing Group 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Roth, V.: Obstacles to the Adoption of Mobile Agents. In: Proc. of the IEEE Int’l. Conf. on Mobile Data Management, January 2004, pp. 296–297. IEEE Computer Society Press, Los Alamitos (2004)CrossRefGoogle Scholar
  2. 2.
    Ong, S.K., Sun, W.W.: Application of mobile agents in a web-based real-time monitoring system. The International Journal of Advanced Manufacturing Technology, 33–40 (2003)Google Scholar
  3. 3.
    Aye, T., Tun, K.M.L.: A collaborative mobile agent-based workflow system. In: Proc. 6th Asia-Pacific Symposium on Information and Telecommunication Technologies, APSITT, November 2005, pp. 59–65 (2005)Google Scholar
  4. 4.
    San, K.M., Thant, H.A., Aung, S.S., Tun, K.M.L., Naing, T.T., Thein, N.L.: Mobile agent based collaborative learning system. In: Proc. 6th Asia-Pacific Symposium on Information and Telecommunication Technologies, APSITT, November 2005, pp. 83–88 (2005)Google Scholar
  5. 5.
    Huang, J., Liu, D.-Y., Yang, B.: Online autonomous auction model based on agent. In: Proc. of 2004 International Conference on Machine Learning and Cybernetics, vol. 1, pp. 89–94 (2004)Google Scholar
  6. 6.
    Jansen, W.: Intrusion detection with mobile agents. Computer Communications 25 (2002)Google Scholar
  7. 7.
    Gray, R.S., Kotz, D., Cybenko, G., Rus, D.: D’Agents: Security in a Multiple-Language, Mobile-Agent System. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, pp. 154–187. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  8. 8.
    Seleznyov, A., Ahmed, M.O., Hailes, S.: Agent-based Middleware Architecture for Distributed Access Control. In: Proc. of the 22nd Int’l. Multi-Conf. on Applied Informatics: Artificial Intelligence and Applications, pp. 200–205 (2004)Google Scholar
  9. 9.
    The National Security Agency: The SELinux Project (2005),
  10. 10.
    Trusted Computing Group: Trusted Computing Group Hompage (2005),
  11. 11.
    Stallings, W.: Cryptography and Network Security: Principles and Practices, 4th edn. Prentice-Hall, Englewood Cliffs (2006)Google Scholar
  12. 12.
    Pathak, V., Iftode, L.: Byzantine fault tolerant public key authentication in peer-to-peer systems. Computer Networks (Special issue on Management in Peer-to-Peer Systems: Trust, Reputation and Security) 50(4) (2006)Google Scholar
  13. 13.
    McCarty, B.: SELinux NSA’s Open Source Security Enhanced Linux, 1st edn. OŔeilly Media, Inc., Sebastobol (2004)Google Scholar
  14. 14.
    Jochen, M., Marvel, L., Pollock, L.: A Framework for Tamper Detection Marking of Mobile Applications. In: Proc. of the 14th Int’l. Symp. on Software Reliability Engineering, pp. 143–152 (2003)Google Scholar
  15. 15.
    Page, J., Zaslavsky, A., Indrawan, M.: Countering Security Vulnerabilities in Agent Execution Using a Self Executing Security Examination. In: Proc. of the 3rd Int’l Joint Conf. on Autonomous Agents and Multiagent Systems, pp. 1486–1487 (2004)Google Scholar
  16. 16.
    Hohl, F.: A Framework to Protect Mobile Agents by Using Reference States. In: Proc. of the 20th IEEE Int’l. Conf. on Distributed Computing Systems, pp. 410–419 (2000)Google Scholar
  17. 17.
    Farmer, W., Guttman, J., Swarup, V.: Security for Mobile Agents: Authentication and State Appraisal. In: Martella, G., Kurth, H., Montolivo, E., Bertino, E. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 118–130. Springer, Heidelberg (1996)Google Scholar
  18. 18.
    Vigna, G.: Cryptographic Traces for Mobile Agents. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, pp. 137–153. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  19. 19.
    Cabri, G., Leonardi, L., Zambonelli, F.: MARS: A Programmable Coordination Architecture for Mobile Agents. IEEE Internet Computing 4(4), 26–35 (2000), doi:10.1109/4236.865084CrossRefGoogle Scholar
  20. 20.
    Suri, N., Bradshaw, J.M., Breedy, M.R., Groth, P.T., Hill, G.A., Jeffers, R., Mitrovich, T.S., Pouliot, B.R., Smith, D.S.: NOMADS: Toward a Strong and Safe Mobile Agent System. In: Proc. of the 4th Int’l. Conf. on Autonomous Agents, pp. 163–164 (2000)Google Scholar
  21. 21.
    Karjoth, G., Lange, D.B., Oshima, M.: A Security Model for Aglets. IEEE Internet Computing 1(4), 68–77 (1997)CrossRefGoogle Scholar
  22. 22.
    Karnik, N.M., Tripathi, A.R.: Security in the Ajanta mobile agent system. Software—Practice and Experience 31(4), 301–329 (2001)zbMATHCrossRefGoogle Scholar
  23. 23.
    Marques, P., Santos, N.: The Security Architecture of the M&M Mobile Agent Framework. In: Proc. of the SPIE’s Int’l. Symp. on The Convergence of Information Technologies and Communications (2001)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Adam Pridgen
    • 1
  • Christine Julien
    • 1
  1. 1.The Center for Excellence in Distributed Global Environments, The Department of Electrical and Computer Engineering, The University of Texas at Austin 

Personalised recommendations