Change search
ReferencesLink to record
Permanent link

Direct link
Security Infrastructure and Applicationsfor Mobile Agents
KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV. (Information Systems Security, SecLab)
2010 (English)Doctoral thesis, monograph (Other academic)
Abstract [en]

Research areas of this dissertation are security for mobile agents, for applications based on mobile agents, and for distributed network environments in which mobile agents execute. Mobile agents paradigm has captured researchers’ and industry’s interests long time ago because of its innovative capabilities and attractive applications. The ability of mobile agents to autonomously migrate from host to host, transferring their code and internal state, enables them to accomplish tasks in network and distributed environments more conveniently, robustly, and efficiently than traditional client-server applications. But, in spite of significant benefits of the mobile agent paradigm, the technology is still mainly in a research domain and so far it has not been adopted on a large scale by the industry and users. One of the reasons for that is security related issues and security concerns.

Current research in the area of mobile agents’ security is focused mainly on protection and security of agents and agents’ runtime platforms. But most of the currently available mobile agent systems do not support comprehensive security requirements for a general mobile agents paradigm. Therefore, there is a need for a complete and comprehensive security infrastructure for mobile agents, not only in the form of security services and mechanisms for agents’ runtime execution, but also as a complete set of infrastructural components, along with methodology for creation, classification, adoption, and validation of mobile agents before their deployment in real-environments. In addition, protection of mobile agents code and their baggage during execution is also needed. The lack of such concept, infrastructure and security solutions is hindrance for wider adoption of mobile agent systems at the time of this research.

In our research, we solve these comprehensive requirements with solutions that can be classified in two groups: The first group is solutions for designing, implementation and deployment of a security infrastructure for mobile agents, along with methodology for secure deployment and execution of mobile agents. The proposed infrastructure for mobile agents is based on a methodology for creation, classification and validation of trusted mobile agents. It includes security architecture for publishing, discovery and adoption of mobile agents. Moreover, it provides integrated system for mobile agent deployment that supports launching, authorization and execution of mobile agents. Mobile agents execution is based on a protective approach, as compared to traditional detective or preventive methods, that not only provides code protection, but code execution and data privacy as well.

The second group is solutions for use of security infrastructure and, in particular, secure and trusted mobile agents for real-life applications. The main result in this group is the design and implementation of a network intrusion detection and prevention system based on mobile agents. The system efficiently solves several problems of existing IDS/IPS. It can detect new vulnerabilities before they are exploited by hackers, it can process and filter large volumes of log entries, it reacts to intrusions in real–time, it provides protection against unknown attacks, it supports and improves commercial IDS/IPS products, and it also efficiently handles software patches. The system not only improves use of existing popular IDS/IPS, but it also eliminates several of their core problems. In addition, it is self–protected by full encryption, both of mobile agents and their execution platforms, and therefore not vulnerable to attacks against its own components and resources.

Place, publisher, year, edition, pages
Stockholm: KTH , 2010. , viii, 144 p.
Trita-ICT-COS, ISSN 1653-6347 ; 1003
Keyword [en]
Mobile Agents Security, Access Control, Network Security, Trusted Mobile Agents
National Category
Computer and Information Science
URN: urn:nbn:se:kth:diva-12764OAI: diva2:318756
Public defence
2010-06-10, Sal D, Isafjordsgatan 39, Kista, Forum - Kista, 13:00 (English)
QC20100525Available from: 2010-05-25 Created: 2010-05-10 Last updated: 2010-07-01Bibliographically approved

Open Access in DiVA

fulltext(3145 kB)2378 downloads
File information
File name FULLTEXT01.pdfFile size 3145 kBChecksum SHA-512
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Shibli, Awais
By organisation
Computer and Systems Sciences, DSV
Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 2378 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 324 hits
ReferencesLink to record
Permanent link

Direct link