Change search
Refine search result
1 - 10 of 10
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the 'Create feeds' function.
  • 1. Giambruno, A.
    et al.
    Shibli, Muhammad Awais
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV. National University of Sciences and Technology, Pakistan .
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Lioy, A.
    MagicNET: XACML authorization policies for mobile agents2009In: International Conference for Internet Technology and Secured Transactions, ICITST 2009, 2009, 5402600- p.Conference paper (Refereed)
    Abstract [en]

    One approach to authorization of mobile agents is to use XACML policies by assigning roles to agents and then enforcing role-based authorization. In this paper we show how traditional XACML polices, used for user access control in distributed environments, can be used for mobile agents' access control. We use such polices to manage delegation of access rights from users to agents while at the same time following the core principles of the XACML standard. We also propose a combination of policies that map users to their mobile agents and make access control decisions for mobile agents by evaluating complex policy sets.

  • 2.
    Shibli, Awais
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Security Infrastructure and Applicationsfor Mobile Agents2010Doctoral thesis, monograph (Other academic)
    Abstract [en]

    Research areas of this dissertation are security for mobile agents, for applications based on mobile agents, and for distributed network environments in which mobile agents execute. Mobile agents paradigm has captured researchers’ and industry’s interests long time ago because of its innovative capabilities and attractive applications. The ability of mobile agents to autonomously migrate from host to host, transferring their code and internal state, enables them to accomplish tasks in network and distributed environments more conveniently, robustly, and efficiently than traditional client-server applications. But, in spite of significant benefits of the mobile agent paradigm, the technology is still mainly in a research domain and so far it has not been adopted on a large scale by the industry and users. One of the reasons for that is security related issues and security concerns.

    Current research in the area of mobile agents’ security is focused mainly on protection and security of agents and agents’ runtime platforms. But most of the currently available mobile agent systems do not support comprehensive security requirements for a general mobile agents paradigm. Therefore, there is a need for a complete and comprehensive security infrastructure for mobile agents, not only in the form of security services and mechanisms for agents’ runtime execution, but also as a complete set of infrastructural components, along with methodology for creation, classification, adoption, and validation of mobile agents before their deployment in real-environments. In addition, protection of mobile agents code and their baggage during execution is also needed. The lack of such concept, infrastructure and security solutions is hindrance for wider adoption of mobile agent systems at the time of this research.

    In our research, we solve these comprehensive requirements with solutions that can be classified in two groups: The first group is solutions for designing, implementation and deployment of a security infrastructure for mobile agents, along with methodology for secure deployment and execution of mobile agents. The proposed infrastructure for mobile agents is based on a methodology for creation, classification and validation of trusted mobile agents. It includes security architecture for publishing, discovery and adoption of mobile agents. Moreover, it provides integrated system for mobile agent deployment that supports launching, authorization and execution of mobile agents. Mobile agents execution is based on a protective approach, as compared to traditional detective or preventive methods, that not only provides code protection, but code execution and data privacy as well.

    The second group is solutions for use of security infrastructure and, in particular, secure and trusted mobile agents for real-life applications. The main result in this group is the design and implementation of a network intrusion detection and prevention system based on mobile agents. The system efficiently solves several problems of existing IDS/IPS. It can detect new vulnerabilities before they are exploited by hackers, it can process and filter large volumes of log entries, it reacts to intrusions in real–time, it provides protection against unknown attacks, it supports and improves commercial IDS/IPS products, and it also efficiently handles software patches. The system not only improves use of existing popular IDS/IPS, but it also eliminates several of their core problems. In addition, it is self–protected by full encryption, both of mobile agents and their execution platforms, and therefore not vulnerable to attacks against its own components and resources.

  • 3.
    Shibli, Muhammad Awais
    et al.
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV. NUST School of Electrical Engineering and Computer Sciences, Pakistan .
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Intrusion detection and prevention system using secure mobile agents2008In: SECRYPT - Int. Conf. Secur. Cryptography, Proc., 2008, 107-113 p.Conference paper (Refereed)
    Abstract [en]

    The paper describes design and architecture of the intrusion detection and prevention system based on secure mobile agents along with the analysis of commercial products and current research efforts in the area. Once system will be operational it will be the first comprehensive real-life application using mobile agents that will not only provide security to network resources but also provide security and protection to the mobile agents system itself. The system efficiently solves several problems with the existing IDS/IPS solutions: it can detect new vulnerabilities, it can process and filter large volumes of logs, it reacts to intrusions in real-time, provides protection against unknown attacks, supports and improves IDS/IPS commercial products by different vendors, and handles software patches. The system not only improves the existing IDS/IPS solutions, but it also eliminates several of their core problems. In addition, it is self-protected by full encryption, both mobile agents and their platforms, and therefore not vulnerable to attacks against its own components and resources.

  • 4.
    Shibli, Muhammad Awais
    et al.
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Magicnet: Security architecture for authorization of mobile agents2009In: Proceedings of the 3rd International Conference on Internet Technologies and Applications, ITA 09, 2009, 506-513 p.Conference paper (Refereed)
    Abstract [en]

    Controlling access to resources at remote hosts by mobile agents during their execution is a challenging problem. Current solutions use mainly methodology that detects agents' incorrect access attempts to a particular resource. For that purpose agents' execution logs are checked in order to identify malicious activities or misuse of resources at a particular host. As an alternative, instead of detective approach, we focus on preventive approach for control of access by mobile agents. While detective approach may provide some protection, its primary shortcoming is that it does not provide protection of resources in advance, before access, and in fact requires post-fact manual intervention and activation of countermeasures. With our solution we provide a solution to authenticate and authorize agents at remote hosts before executing any action. The architecture of our system is based on RBAC XACML policies and SAML standards.

  • 5.
    Shibli, Muhammad Awais
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    MagicNET: Security Architecture for Creation, Classification, and Validation of Trusted Mobile Agents2009In: 11TH INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION TECHNOLOGY, VOLS I-III, PROCEEDINGS, - UBIQUITOUS ICT CONVERGENCE MAKES LIFE BETTER!, TAEJON: ELECTRONICS TELECOMMUNICATIONS RESEARCH INST , 2009, 1467-1471 p.Conference paper (Refereed)
    Abstract [en]

    Most of the current research and development results dealing with security of mobile agents describe solutions only for usage of mobile agents. These contributions usually assume agents posses unique and recognizable identities, cryptographic keys, assigned assurance level, and various other security parameters. But, very few papers describe how to create, classify, and evaluate mobile agents before their adoption and deployment. These are the issues we address in this paper: how mobile agents are created, validated, tested, and classified before their deployment. Based on certain security parameters, we establish classification scheme for mobile agents into three assurance levels: low, medium, and high. Our solution and procedures are based on a comprehensive security service-oriented architecture. We also describe roles, procedures, and security components used in that architecture. The most important results are the definition of assurance levels for mobile agents and procedures for their classification into those assurance levels.

  • 6.
    Shibli, Muhammad Awais
    et al.
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV. NUST, Islamabad, Pakistan .
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    MagicNET: Security architecture for discovery and adoption of mobile agents2010In: 2009 Proceedings of the 1st International Workshop on Security and Communication Networks, IWSCN 2009, 2010, 5683056- p.Conference paper (Refereed)
    Abstract [en]

    Current research in the area of security for mobile agents deals mainly with the runtime issues of agents' protection. Mobile agent systems do not address precisely the process of acquiring mobile agents by their owners, but they assume that the agents are somehow already available for use. This assumption is acceptable for experimental or prototyping environments, but it is inadequate for the real world scenarios where agents should be trusted and reliable, but agent creators and agent owners are separated and manage agents from mutually remote locations. Thus, the issue of agents' adoption for use in serious, sensitive and business networks is very important if agents are used in real-life applications. In this paper we describe the architecture and procedures for secure, verifiable and authenticated discovery and adoption of mobile agents. The main contribution is that in this process agent's code and its functionality can be verified, so that such agents can be deployed in serious applications and scenarios.

  • 7.
    Shibli, Muhammad Awais
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture, Communication Systems, CoS.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture, Communication Systems, CoS.
    Giambruno, Alessandro
    Lioy, Antonio
    MagicNET: Security System for Development, Validation and Adoption of Mobile Agents2009In: NSS: 2009 3RD INTERNATIONAL CONFERENCE ON NETWORK AND SYSTEM SECURITY, NEW YORK: IEEE , 2009, 389-396 p.Conference paper (Refereed)
    Abstract [en]

    Current research in the area of mobile agents' security mainly deals with protection and security for agents and agents' runtime platforms. Mobile agent systems usually do not provide an extensive security methodology for the entire agent's life cycle, from agent's creation to its deployment and execution. In this paper we propose a comprehensive secure system for deployment of mobile agents. The system provides methodology that spans a number of phases in agent's lifetime: it starts from agent creation and ends with agent's execution. It addresses classification, validation, publishing, discovery, adoption, authentication and authorization of agents. Our system is based on secure web services and uses RBAC XACML policies and SAML protocol.

  • 8.
    Shibli, Muhammad Awais
    et al.
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Yousaf, Imran
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Dar, Kashif
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
    MagicNET: Secure communication methodology for mobile agents2010In: The 12th International Conference on Advanced Communication Technology: lCT for Green Growth and Sustainable Development, Phoenix Park, Korea, Feb. 7-10, 2010, proceedings : ICACT 2010, 2010, 1567-1573 p.Conference paper (Refereed)
    Abstract [en]

    Most of the current research and development results, dealing with authentication of mobile agents, describe solutions that address only agent-to-platform authentication. These solutions assign privileges to agents so that they can be executed and then, by using the same privileges, also to communicate with other agents running on the same platform. They do not address broader agent-to-agent communication security requirements. Moreover, communication protocols are not based on any standards, what increases the possibilities of communications between benign and malicious agents. In this paper we describe agent-to-agent secure communication methodology that guarantees authenticated, authorized and confidential communication between agents. We use FIPA ACL standard for effective and interoperable communication in our agent-based system.

  • 9.
    Shibli, Muhammad Awais
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Yousaf, Imran
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    MagicNET: Security System for Protection of Mobile Agents2011In: 2010 24TH IEEE INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS (AINA), 2011, 1233-1240 p.Conference paper (Refereed)
    Abstract [en]

    Protection of Mobile agents is one of the most difficult problems in the area of mobile agents' security. There is not a single, comprehensive solution that provides complete protection of agents against malicious hosts. Existing solutions either only detect or to some extent prevent attacks on agents. With detective mechanisms integrity of an agent's code/state is being checked, but there are no effective solutions for confidentiality of agent's code and baggage. In this paper, we propose a system which provides protection of agent's code against illegal modifications, protection during agents' execution, and also protection of agent's baggage. Design of the system is based on a protective approach, which provides better security compared to traditional detective or preventive methods.

  • 10.
    Stirparo, Pasquale
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Shibli, Muhammad Awais
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Vulnerability Analysis and Patches Management using Secure Mobile Agents2009In: 11TH INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION TECHNOLOGY, VOLS I-III, PROCEEDINGS, - UBIQUITOUS ICT CONVERGENCE MAKES LIFE BETTER!, TAEJON: ELECTRONICS TELECOMMUNICATIONS RESEARCH INST , 2009, 1054-1058 p.Conference paper (Refereed)
    Abstract [en]

    There are many software applications being developed daily all over the world, but unfortunately those applications usually contain problems and vulnerabilities because of poor programming practices or poor development strategy used by developers. Those vulnerabilities are exploited by hackers for their malicious intents. To eliminate this problem we have designed and developed the system for comprehensive analysis of vulnerabilities and management of patches. Our system a) autonomously collects the most current information about vulnerabilities, b) analyzes hosts in the local network for potential vulnerabilities, and finally c) applies autonomously appropriate patches. Our testing results show significant decrease in intrusions and at the same time improved network management for system administrators.

1 - 10 of 10
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf