Security - Telenor
Security - Telenor
Security - Telenor
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
46<br />
Assume some agent a carries with it a set of<br />
objects D, which is to be distributed to other<br />
systems via agent platforms. Each of the objects<br />
D has a usage policy A[⋅,D] that is to be enforced<br />
irrespective of which domain they exist<br />
in. A[⋅,D] is interpreted as: the rights for an arbitrary<br />
subject to objects in D.<br />
The platform can control the agent’s action by<br />
inserting execution monitoring into the agent.<br />
This enables the platform a fairly general and<br />
detailed control of the agent’s actions.<br />
The interesting thing is that embedded agents<br />
may come into their own here. Many data types<br />
are constructed such that they effectively depend<br />
on embedded agents to be displayed and/or used<br />
correctly. This means that the platform must use<br />
the data by executing the agent. The agent effectively<br />
provides a service to the platform. Thus it<br />
is possible to implement a certain control of<br />
usage by constructing an agent with execution<br />
monitoring. This time however, the agent monitors<br />
the platform’s requests, and terminates if the<br />
platform attempts a series of requests that violate<br />
the data’s security policy.<br />
There are two problems with this approach:<br />
1. it requires some method of enforcing agent<br />
execution integrity;<br />
2. it probably requires the data to be encrypted,<br />
and thus the agent to be capable of encrypting<br />
and/or decrypting data using encrypted code.<br />
9 Conclusion<br />
This article has outlined some of the major challenges<br />
in making agents viable as a computing<br />
paradigm in contexts where a high level of security<br />
is necessary.<br />
Among the main challenges facing constructors<br />
of secure mobile agent systems are:<br />
1. enabling the secure generation of strong cryptographic<br />
functions by mobile agents;<br />
2. ensuring sufficient fault-tolerance;<br />
3. enforcing agent policies; and<br />
4. handling policy interactions.<br />
Work on these issues has started in earnest only<br />
recently. It may be a while before one can conclusively<br />
state whether or not mobile agents will<br />
be sufficiently securable for applications in, for<br />
example, electronic commerce.<br />
References<br />
1 Anderson, R, Needham, R. Programming<br />
Satan’s computer. In: Computer Science<br />
Today : Trends & Developments. van<br />
Leeuwen, J (ed.). Lecture Notes in Computer<br />
Science, vol. 1000. Berlin, Springer, 1995.<br />
2 Chess, D M. <strong>Security</strong> issues in mobile code<br />
systems. In: Mobile Agents and <strong>Security</strong>.<br />
Vigna, G (ed.). Lecture Notes in Computer<br />
Science, vol. 1419. Berlin, Springer, 1998.<br />
3 Cohen, F. Computer Viruses. PhD thesis.<br />
University of Southern California (USC),<br />
1985.<br />
4 Denning, D. Cryptography and Data <strong>Security</strong>.<br />
Reading, Mass., Addison-Wesley, 1982.<br />
5 Farmer, W M, Guttman, J D, Swarup, V.<br />
<strong>Security</strong> for mobile agents : Authentication<br />
and state appraisal. In: Proceedings of the<br />
European Symposium on Research in Computer<br />
SEcurity (ESORICS), number 1146 in<br />
LNCS, 118–130. Berlin, Springer, 1996.<br />
6 Johansen, D et al. Nap : Practical fault-tolerance<br />
for itinerant computations. In: Proceedings<br />
of the 19th IEEE International Conference<br />
on Distributed Computing Systems<br />
(ICDCS ’99). Gouda, M G (ed.). 180–189,<br />
1999.<br />
7 Sander, T, Tschudin, C F. Protecting mobile<br />
agents against malicious hosts. In: Mobile<br />
Agents and <strong>Security</strong>, LNCS State-of-the-Art<br />
Survey. Vigna, G (ed.). Berlin, Springer,<br />
1998.<br />
8 Schneider, F B. Enforceable security policies.<br />
Cornell University, Ithaca, New York<br />
14853, Dept. of Computer Science, 1998.<br />
(Technical report.) (Revision of July 24,<br />
1999.)<br />
9 Vigna, G. Cryptographic traces for mobile<br />
agents. In: Mobile Agents and <strong>Security</strong>.<br />
Vigna, G (ed.). Lecture Notes in Computer<br />
Science, vol. 1419. Springer, 1998.<br />
Telektronikk 3.2000