Abstract
Most of the current research and development
results, dealing with authentication of mobile agents, describe
solutions that address only agent-to-platform authentication.
These solutions assign privileges to agents so that they can be
executed and then, by using the same privileges, also to
communicate with other agents running on the same platform.
They do not address broader agent-to-agent communication
security requirements. Moreover, communication protocols are
not based on any standards, what increases the possibilities of
communications between benign and malicious agents. In this
paper we describe agent-to-agent secure communication
methodology that guarantees authenticated, authorized and
confidential communication between agents. We use FIPA ACL
standard for effective and interoperable communication in our
agent-based system.
1. INTRODUCTION
Careful analysis of mobile agents security research
results created during the last decade reveals that significant
efforts have been made to solve threats that originate from
malicious agents attacking an agent platform or a malicious
agent platform attacking hosted agents [1,2,3]. There has
been little effort to address threats that stem from malicious
mobile agents that may effects benign agents during
communication between them. NIST in its report categorizes
these threats as agent-to-agent threats [4]. Malicious agents
can masquerade, i.e. act on behalf of another agent and then
exchange rogue information, which can be disastrous to
overall security of the system. Alternatively, malicious
agents can repudiate undesirable actions and can get
unauthorized access to critical resources of another
communicating agent, for instance agent's baggage, which
might contain some sensitive information.
There is a number of agent systems that all use simple
communication mechanisms, i.e, they usually adopt an
agent-based architecture based on a simple mobile agent
execution scenario. According to such architectures, mobile
agents are launched from a host machine, called Agent
Keywords- Mobile
Authentication of
Communication
Agents,
Mobile
Secure Communication,
Agents, Agent-to-agent
Home. They traverse predefmed hosts specified in their route,
execute remotely, and eventually return to Agent Home. This
architecture bypasses the issues of agent-to-agent
communication and therefore does not address the issues of
threats to a mobile agent originating from other, potentially
malicious agents, since mobile agents are not required to
communicate with other mobile agents during their execution at
remote hosts. However, it significantly deprives various mobile
agent-based applications from benefits of mobile agents'
paradigm. Mobile agents, being, "social" entities, communicate
with each other in order to achieve better performance and
goal-related benefits. For example, inter-agents communication
is essential when an operation is distributed between different
agents in order to enhance system throughput through
parallelism. In that situation, different agents need to share each
others' intermediate processing results, regardless of the agent
platform on which they are executing. Agents may also
collaborate with other agents in order to accomplish complex
tasks. Collaboration may be with static agents (located at agent
platforms), with the members of agent's own team, or remotely,
with other independent agents executing at other agent servers
(agent platforms). Therefore, mobile agents' collaboration is an
essential aspect of every mobile agents system, so that the
prerequisite for their effective and secure collaboration is to
mitigate all potential security threats for mobile agents'
communication. Among those threats, masquerading,
repudiation, denial of service, and unauthorized access are of
major concern [4].
In addition to having a secure communication, it is also
important to have meaningful communication among mobile
agents. Therefore, there is a need for a standard and predefined
format of communication messages acceptable and followed by
all vendors developing variety of different agent-based
applications. In other words, there should be a common
language based on shared vocabulary to be used in building
different applications. The Foundation for Intelligent Physical
Agents (FIPA) has provided an Abstract Architecture
Specification for multi-agents system. In those specifications,
FIPA has described standard message structure, message
transport protocol, and message validity requirements [5]. FIPA
specifications are known as Agents Communications Language
(ACL). However, there is no specification of strong security for
mobile agent communications.
ISBN 978-89-5519-146-2 - 1567 - Feb. 7-10, 2010 ICACT 2010
Authorized licensed use limited to: Thangal Kunju Musaliar College of Engineering. Downloaded on June 29,2010 at 07:29:23 UTC from IEEE Xplore. Restrictions apply.
In this paper we present a methodology that can be used
by any mobile agent system for agent-to-agent authentication
and secure communication. We have defined the format of
messages and we used standardized solution for a complete
set of security services needed by agents to securely
communicate with each other. We have used our existing
mobile agent system, MagicNET (described in section 3) for
prototype implementation of the proposed methodology. Due
to the space limitation, we will only mention the
components, roles and agent platform architecture related to
our proposed methodology, not the complete description of
the MagicNET system.
The rest of the paper is structured as follows: section 2
highlights the related work in this area. Section 3 gives brief
introduction of the MagicNET system along with detail
description of secure methodology for mobile agents'
communication. Section 4 concludes the paper, while section
5 suggests potential future research and development
directions.
2. RELATED WORKAND STANDARDS
Neeran M . Karnik et.al [6] in their paper "Ajanta Mobile
Agent System" proposed RMI interfaces for agents
communication. Agents communicate with one another on a
single platform or with remote agents on another platform. In
the case of remote communications, some mechanisms for
remote communication are necessary. Ajanta agents for this
purpose use RMI interface (with enhanced security features).
So called proxy interposition concept is used, where a proxy
module is located between an agent and the outside object
during communication. All incoming RMI invocations are
intercepted by the proxy. The caller object (external object)
can also authenticate itself by providing authentication data.
Authentication mechanism is based on a challenge-response
protocol. However, their work is not compliant with FIPA
specifications.
Yuh-Jong Hu [7] highlighted security requirements for
agents' delegation, with authentication and authorization in a
multi-agent environment. They proposed an agent-oriented
PKI for identification, authorization, and trust management.
They also proposed different delegation mechanisms, such as
threshold, chain-ruled, and conditional. That enabled them
to enhance communicative acts in FIPA ACL. Although
they verify certificates during delegation assignment, they
do not provide certificate revocation process after delegation.
Varadharajan and Foster [8] proposed a model that
supports delegation of privileges as agents move from one
host to another. Delegation is a temporary responsibility that
permits a child agent or cloned agent to act on behalf of the
delegator agent. They address certain aspects, like
verification if the delegator has actually transferred
privileges to the delegated agent and whether it is the
delegated agent that is making particular request.
Mobile Agents System Interoperability Facility [9],
(MASIF) is a standard that defines the interoperability
between different agent systems. First, MASIF describes the
process of agents management that specifies how system
administrators create, suspend, resume, or terminate agents.
Second, it facilitates migration of mobile agents from one
platform to another. Third, it helps agents and agent systems to
identify each other by using well-defmed agents' and agent
system's namespaces. Fourth, it specifies the types of agent
systems and standardizes their location syntax, so that agent
systems can easily locate each other. However, MASIF does
not describe formats required to build communication messages
for mobile agents.
FIPA is an international organization which is committed
to promote the technology of intelligent agents by developing
specifications that support interoperability between agents and
agent-based applications. Like MASIF, FIPA also addresses
agent management system and agents' migration. In addition to
previous developments, FIPA introduced an Agent
Communication Language (ACL) for agents' communication.
An FIPA ACL message contains a set of one or more message
parameters. The exact parameters needed for effective agent
communication vary according to the situation. The only
mandatory parameter in all ACL messages is the performative
that describes the purpose of communication. However, it is
expected that most ACL messages will also contain
identification of the sender and the receiver and an indicator of
the content of a message. Specific implementations are free to
include user-defmed message parameters. In order to provide
transport level security for agents' communications, FIPA
specified a special parameter known as envelope parameter for
an ACL message [5].
Finally, PKCS7 standard specifies the syntax of any
cryptographic data (such as a digital signature or digital
envelope) associated with a message [10]. The purpose of the
PKCS7 is to provide a standard syntax and a platformindependent
representation of the cryptographic data. The
standard defines five different message types for different use
cases. Among all these data types, PKCS7
SignedAndEnvelopedData type provides data
confidentiality and integrity together with sender's and
receiver's authenticity.

DOWNLOAD FULL REPORT
http://doi.ieeecomputersociety10.1109/NSS.2009.33