Mobile Agents and Security - PowerPoint PPT Presentation

About This Presentation
Title:

Mobile Agents and Security

Description:

... by malicious hosts ('brain-flush' the agent of the lowest price it remembers) ... set the local price as the lowest price, and push the agent to return ... – PowerPoint PPT presentation

Number of Views:54
Avg rating:3.0/5.0
Slides: 23
Provided by: CSE
Category:

less

Transcript and Presenter's Notes

Title: Mobile Agents and Security


1
Mobile Agents and Security
  • Presented by Chan Hing Wing, Anthony
  • March 29, 1999
  • Room 1027, SHB, CUHK

2
Introduction
  • Problem of the Client/Server Paradigm
  • Mobile Code Paradigms and Technologies
  • Security Issues in Distributed Systems
  • Security Concerns for Mobile Code Paradigms
  • Security Services of Mobile Code Technologies

3
The Client/Server Paradigm
  • Client/Server Paradigm
  • conventional design paradigm (i.e., example or
    pattern, Webster) of distributed applications
  • two processes (client and server) running on two
    different hosts communicate by message exchange
  • Example a simple network file server
  • handle only one file per client request (I.e., no
    mput / mget)
  • file listing service also provided
  • How to delete all files starting with f?

4
Problems, Client/Server
  • The only way
  • list all files on server
  • figure out files starting with f
  • delete files one by one
  • Problems
  • large number of exchanged messages (2n2 messages
    for deleting n files)
  • requirement of user-computer interactivity
  • Solution
  • upgrade the server and client (to provide
    mdelete)
  • inflexible how about next time I want mput/mget?
  • any other solution?

5
The Mobile Code Paradigm
  • It would be great if I could send a
    self-executing code fragment (instead of a single
    instruction) to the server side, that decides
    which file to delete for me dynamically!
  • Advantages
  • reduced network traffic (only code sending, and
    perhaps an acknowledgement)
  • no need for user-computer interactivity

6
Mobile Code Paradigm (MCP)
  • Common examples of mobile code
  • rsh in Unix (remote evaluation)
  • SQL queries (remote evaluation)
  • downloading Java applets (code on demand)
  • Other possible applications (mobile agent)
  • mobile computing
  • electronic commerce, etc.

7
MCP Classification
  • know-how the code to be executed
  • resources input/output of code
  • processor abstract machine that carries out
    holds the state of computation

8
Mobile Agents
  • Mobile Agents
  • The most interesting form of mobile code one
    form of Intelligent Agents, which is a hot
    topic in the AI field
  • Mobility programs can move across different
    machines and platforms, and run on different host
    machines
  • Agency programs act autonomously for the their
    users / owners
  • Agents can move with different execution states,
    therefore, they can co-operate to perform complex
    tasks

9
Supporting Technologies
  • Client/Server Sockets / RPC / CORBA
  • Remote evaluation rsh, SQL, etc.
  • Code on demand Java applets
  • Mobile Agents?
  • Many Mobile Agent Systems (MAS) being developed,
    e.g., Aglets from IBM, Odyssey from General
    Magic, and Objectspaces Voyager (ORB)
  • OMG is drafting the Mobile Agent System
    Interoperability Facility (MASIF) to allow for
    cross-MAS agents under CORBA

10
Security Issues in Distributed Systems
  • General system security requirements
  • integrity
  • authenticity
  • confidentiality
  • availability, for both code and data
  • Widely adopted security model
  • each particular computing base forms a
    security fortress, everything (code, data,
    users, computers) in the same fortress are trusted

11
Client/Server Security
  • Client/Server security
  • usually adopt the security fortress model
  • major challenges
  • client/server authentication (establishing trust
    with another side)
  • data/request confidentiality across insecure
    channel (by encryption)
  • already well developed

12
Mobile Code Security Concerns
  • Remote evaluation
  • fortress model also applicable
  • challenges
  • code sender/receiver authentication
  • code encryption across the channel
  • Code on demand
  • can also apply the fortress model
  • challenges
  • client building trust on downloaded code
    (sandboxing, applet signing)
  • server verifying the correct client
    (authentication)

13
Mobile Agent Security
  • More complex/challenging because of
  • roaming agents
  • co-operating agents
  • security fortress model does not apply well
  • Two aspects
  • host security
  • protecting the host against malicious agents
  • agent security
  • protecting the agents against malicious host

14
Host security
  • Agent Integrity
  • sandboxing, run-time verification, proof-carrying
    code
  • Agent Authentication
  • digital signatures (analogy signed applets)
  • Authorization
  • access control lists
  • Allocation (against denial-of-service attack)
  • market-based mechanism

15
Agent Security
  • Example
  • An agent roams around the Internet to look for
    the lowest price of a air ticket it remembers
    the lowest price it finds most recently
  • Data tampering change of execution state of
    agents by malicious hosts (brain-flush the
    agent of the lowest price it remembers)
  • Execution tampering change of code or execution
    sequence by malicious hosts (deliberately set the
    local price as the lowest price, and push the
    agent to return immediately)

16
Agent Protection
  • Some proposed approaches
  • Agent tampering detection
  • range verification, timing information
  • addition of dummy items and functions
  • state appraisal functions, cryptographic
    watermarks
  • Agent tampering prevention
  • shared secrets, interlocking of agents
  • a fault-tolerance approach
  • execution of encrypted functions
  • Not very well developed

17
Security Services, RPC
  • Sockets no security services at all!
  • Sun RPC
  • secure RPC services for authentication (man
    secure_rpc) with four options
  • Kerberos v5 authentication, per-session key
    generation
  • ssleay free library functions implementing
    SSLv3, for authentication and encryption
  • Proposed standard Generic Security Services
    Application Program Interface version 2 (GSS-API
    v.2) (RFC2078)

18
Security Services, CORBA
  • CORBA Security Services specification
  • required implementation of objects Credentials,
    Principal Authenticator, Security Context, Access
    Control, etc.
  • support authentication, authorization, security
    auditing, etc.
  • however, existing implementation of the
    specification is unknown
  • some vendors add their own security add-on for
    their ORB product (e.g., SSL pack for Visibroker)

19
Security Services of MAS
  • Aglets and Odyssey
  • Host protection based on Java security model
    (sandboxing and signed applets)
  • No information about agent protection
  • Voyager
  • SSL for communication security
  • No details available about host and agent security

20
Conclusion
  • Mobile agents as a emerging paradigm to
    substitute/complement client/server
  • Mobile agent systems being developed worldwide
  • Security concerns as a blocking factor
  • Two different views mobile agents as security
    challenge / chance

21
Questions and Answers
22
The End
Write a Comment
User Comments (0)
About PowerShow.com