The Security Architecture of the M&M Mobile Agent Framework



In the Mobile Agent programming model, small threads of execution migrate from machine to machine, performing their operations locally. For being able to deploy such a model into real world applications, security is a vital concern. In the M&M project we have developed a system that departures from the traditional platform-based execution model for mobile agents. In M&M there are no agent platforms. Instead there is a component framework that allows the applications to become able of sending and receiving agents by themselves in a straightforward manner. In this paper we examine the security mechanisms available in M&M, and how integration with existing applications is done. One difficult aspect of this work is that all the features must work with the security mechanisms that already exist on the applications. This is so because the components are integrated from within into the applications, which already have security mechanisms in place. Currently, M&M provides features like fine-grain security permissions, encryption of agents and data, certificate distribution using LDAP and cryptographic primitives for agents. For validating the approach and solutions found, we have integrated the framework into several off-the-shelf web servers, having the security mechanisms running, with no problems.


Mobile Agents

Cited by

Year 2007 : 1 citations

 1. Adam Pridgen and Christine Julien; "SMASH: Modular Security for Mobile Agents"; in Lecture Notes in Computer Science 4408, Springer-Verlag, August 2007

Year 2006 : 2 citations

 1. A. Pridgen and C. Julien, "A Secure Modular Mobile Agent System", Technical Report TR-UTEDGE-2006-003, University of Texas at Austin, 2006

 2. Adam Pridgen and Christine Julien; "A Secure Modular Mobile Agent System?; in Proceedings of the 2006 International Workshop on Software Engineering for Large-Scale Multi-agent Systems; ACM, May 2006

Year 2004 : 1 citations

 1. Elmarie Biermann, "A Framework for the Protection of Mobile Agents Against Malicious Hosts?, Ph.D Thesis, University of South Africa, September 2004