RDyMASS: Reliable and Dynamic Enforcement of Security Policies for Mobile Agent Systems

  • Houssem Aloulou
  • Monia Loulou
  • Slim Kallel
  • Ahmed Hadj Kacem
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5939)


Defining security policies is a crucial stage for an efficient implementation of security within mobile agent systems.To enforce these policies in a reliable way, it is necessary to make use of formal techniques which offer enough flexibility and expressiveness, and which provide a rigorous reasoning about the security of mobile agent systems security.

The migration of the agent between several systems can lead to inconsistencies between its policy and the policy of the system. These incoherencies may require a dynamic reconfiguration of the security policies of the system and the agent. This reconfiguration cannot be efficient without the use of mechanisms that improve the modularity of the security code.

In this paper, we aim to dynamically enforce security policies in mobile agent systems in modular and reliable way. For this purpose, we combine formal methods and aspect oriented programming. We propose a three-step approach to enforce security policies in the form of aspects that will be generated through a reliable specification of security policies.


Security policy Mobile agent systems Dynamic enforcement Aspect-oriented Programming 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Kiczales, G., Lamping, J., Mendhekar, A., Maeda, C., Lopes, C.V., Loingtier, J., Irwin, J.: Aspect-Oriented Programming. In: Aksit, M., Matsuoka, S. (eds.) ECOOP 1997. LNCS, vol. 1241, pp. 220–242. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  2. 2.
    Viega, J., Bloch, J.T., Ch, P.: Applying aspect-oriented programming to security. Cutter IT Journal 14, 31–39 (2001)Google Scholar
  3. 3.
    Talhi, C.: Memory-Constrained Security enforcement. PhD thesis, Faculty of Graduated Studies at Laval University, Canada (2007)Google Scholar
  4. 4.
    Erlingsson, U., Schneider, F.B.: SASI enforcement of security policies: A retrospective. In: Proceedings of the 1999 Workshop on New Security Paradigms, pp. 87–95. ACM, New York (1999)Google Scholar
  5. 5.
    Schneider, F.B.: Enforceable security policies. ACM Transactions on Information and System Security 3, 30–50 (2000)CrossRefGoogle Scholar
  6. 6.
    Woodcock, J., Davies, J.: Using Z: Specification Refinement and Proof. International Thomson Computer Press (1996)Google Scholar
  7. 7.
    Meisels, I., Saaltink, M.: The Z/EVES Reference Manual (for Version 1.5). Technical report, ORA Canada (1997)Google Scholar
  8. 8.
    Khan, K.: JBoss AOP: Framework for Organizing Cross Cutting Concerns (2006),
  9. 9.
    Loulou, M., Kacem, A.H., Jmaiel, M., Mosbah, M.: A Formal Security Framework for Mobile Agent Systems: Specification and Verification. In: Proceedings of the 3rd International Conference on Risks and Security of Internet and Systems, Tozeur, Tunisia, pp. 69–76. IEEE, Los Alamitos (2008)CrossRefGoogle Scholar
  10. 10.
    Kallel, S., Charfi, A., Mezini, M., Jmaiel, M., Klose, K.: From Formal Access Control Policies to Runtime Enforcement Aspects. In: Massacci, F., Redwine Jr., S.T., Zannone, N. (eds.) ESSoS 2009. LNCS, vol. 5429, pp. 16–31. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  11. 11.
    Greenwood, P., Blair, L.: A framework for policy driven auto-adaptive systems using dynamic framed aspects. In: Rashid, A., Aksit, M. (eds.) Transactions on Aspect-Oriented Software Development II. LNCS, vol. 4242, pp. 30–65. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  12. 12.
    Aglets: Mobile Agent System: Aglets (1996),
  13. 13.
    Dias, P., Ribeiro, C., Ferreira, P.: Enforcing history-based security policies in mobile agent systems. In: Proceedings of the 4th International Workshop on Policies for Distributed Systems and Networks, p. 231. IEEE Computer Society, Los Alamitos (2003)CrossRefGoogle Scholar
  14. 14.
    Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The ponder policy specification language. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 18–38. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  15. 15.
    Montanari, R., Stefanelli, C., Dulay, N.: Flexible security policies for mobile agent systems. Microprocessors and Microsystems 25, 93–99 (2001)CrossRefGoogle Scholar
  16. 16.
    McDonald, J.T., Yasinsac, A.: Application security models for mobile agent systems. Electronic Notes in Theoretical Computer Science 157, 43–59 (2006)CrossRefGoogle Scholar
  17. 17.
    Ugurlu, S., Erdogan, N.: A flexible policy architecture for mobile agents. In: Wiedermann, J., Tel, G., Pokorný, J., Bieliková, M., Štuller, J. (eds.) SOFSEM 2006. LNCS, vol. 3831, pp. 538–547. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  18. 18.
    Hashii, B., Malabarba, S., Pandey, R., Bishop, M.: Supporting reconfigurable security policies for mobile programs. International Journal of Computer and Telecommunications Netowrking 33, 77–93 (2000)Google Scholar
  19. 19.
    Georg, G., Ray, I., France, R.: Using aspects to design a secure system. In: Proceedings of the Eighth International Conference on Engineering of Complex Computer Systems, p. 117. IEEE Computer Society, Los Alamitos (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Houssem Aloulou
    • 1
  • Monia Loulou
    • 1
    • 2
  • Slim Kallel
    • 1
  • Ahmed Hadj Kacem
    • 1
  1. 1.Laboratory ReDCAD, B.P.SfaxTunisia
  2. 2.Laboratory LaBRI, UMR CNRSBordeauxFrance

Personalised recommendations