Abstract
Mobile Agents are autonomous software entities able to move from one host to another. However, this mobility is not all the time safe, as a hosting platform may receive agents with malicious behaviors. In this paper, we attempt to deal with this security problem by proposing a solution based on a strengthened cryptographic authentication and an access control policy. The proposed authentication process is performed through a resistant MITM Diffie-Hellman key exchange protocol, while the resources access control policy is elaborated basing an enhanced DAC model where Shamir-Threshold Scheme is used to manage and share access rights. We have conducted detailed experiments and practical investigations to evaluate the security of our approach and its effectiveness to resist face to some well known attacks.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Giovanni Caire, F.C.: JADE tutorial: jade programming for beginners. TILAB (2007)
Foundation for Intelligent Physical Agents, Geneva, Switzerland, FIPA ACL Message Structure Specification (2003)
Jansen, W., Karygiannis, T.: Mobile Agent Security, pp. 800–819. NIST Special Publication (1999)
Jung, Y., Kim, M., Masoumzadeh, A., Joshi, J.B.: A survey of security issue in multi-agent systems. Artificial Intelligence Review 37(3), 239–260 (2012)
Borselius, N.: Mobile agent security. Electron. Commun. Eng. J. 14(5), 211–218 (2002)
Pirzadeh, H., Dub, D., Hamou-Lhadj, A.: An extended proof-carrying code framework for security enforcement. In: Transactions on Computational Science XI, pp. 249–269. Springer, Berlin (2010)
Cao, C., Lu, J.: Path-history-based Access Control for Mobile Agents. International Journal of Parallel, Emergent and Distributed Systems 21(3), 215–225 (2006)
Tsiligiridis, T.A.: Security for mobile agents: privileges and state appraisal mechanism. Neural Parallel Sci. Comput. 12(2), 153–162 (2004)
Tuohimaa, S., Laine, M., Leppnen, V.: Dynamic rights in model-carrying code. In: Proceedings of the International Conference on Computer Systems and Technologies, pp. 1–7 (2006)
Arun, V., Shunmuganathan, K.L.: Secure sand-box for mobile computing host with shielded mobile agent. Indian J. Appl. Res. 3(9), 296–297 (2013)
Aumasson, J.: On the pseudo-random generator ISAAC. IACR Cryptology ePrint Archive, 2006:438
Jaffar, A., Martinez, C.J.: Detail power analysis of the SHA-3 hashing algorithm candidates on xilinx spartan-3E. Int. J. Comput. Electr. Eng. 5(4), 410–413 (2013)
Phan, R.W.: Fixing the integrated Diffie-Hellman-DSA key exchange protocol. IEEE Commun. Lett. 9(6), 570–572 (2005)
Ennahbaoui, M., Elhajji, S.: Swot analysis of access control models. Int. J. Secur. Appl. 8(3), 407–424 (2014)
Blakley, G.R., Kabatiansky, G.: Shamirs threshold scheme. In: Encyclopedia of Cryptography and Security, pp. 1193–1194. Springer, US (2011)
Announcing the Advanced Encryption Standard (AES). Federal Information Processing Standards Publication 197, NIST (2001)
Ismail, L.: A secure mobile agents platform. J. Commun. 3(2), 1–12 (2008)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Idrissi, H., Souidi, E.M., Revel, A. (2015). Security of Mobile Agent Platforms Using Access Control and Cryptography . In: Jezic, G., Howlett, R., Jain, L. (eds) Agent and Multi-Agent Systems: Technologies and Applications. Smart Innovation, Systems and Technologies, vol 38. Springer, Cham. https://doi.org/10.1007/978-3-319-19728-9_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-19728-9_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19727-2
Online ISBN: 978-3-319-19728-9
eBook Packages: EngineeringEngineering (R0)