Mobile Agents - PowerPoint PPT Presentation

About This Presentation

Title:

Mobile Agents

Description:

Mobile Agents based on material written by Olga Gelbart rosa_at_seas.gwu.edu What is an agent? A program ( software agent ), e.g., Personal assistant (mail filter ... – PowerPoint PPT presentation

Number of Views:73

Avg rating:3.0/5.0

Slides: 33

Provided by: OlgaGe6

Learn more at: https://www2.seas.gwu.edu

Category:

more less

Transcript and Presenter's Notes

Title: Mobile Agents

1
Mobile Agents

based on material written by
Olga Gelbart
rosa_at_seas.gwu.edu

2
What is an agent?

A program (software agent), e.g.,
Personal assistant (mail filter, scheduling)
Information agent (tactical picture agent)
E-commerce agent (stock trader, bidder)
Recommendation agent (Firefly, Amazon.com)
A program that can
interact with users, applications, and agents
collaborate with the user
Software agents help with repetitive tasks

3
Is everything an agent?

Not all programs are agents
Agents are
customized
persistent
autonomous
adaptive

4
What is a mobile agent?
Search engine
Machine A
Machine B

Mobile agent Agent that
migrates from machine to machine
in a heterogeneous network
at times of its own choosing

5
Definition

In a broad sense, an agent is any program that
acts on behalf of a (human) user. A mobile agent
then is a program which represents a user in a
computer network, and is capable of migrating
autonomously from node to node, to performs some
computation on behalf of the user.

6
How it works?
7
Mobile Agent Attributes

Code
State
Execution state
Object state
Name
Identifier
Authority
Agent system type
Location

8
Evolution of the mobile agent paradigm
9
Assumptions about computer systems violated by
mobile agents

Whenever a program attempts some action, we can
easily identify a person to whom that action can
be attributed, and it is safe to assume that that
person intends the action to be taken.
Only persons that are know to the system can
execute programs on the system.
There is one security domain corresponding to
each user all actions within that domain can be
treated the same way.
Single-user systems require no security.
Essentially all programs are obtained from easily
identifiable and generally trusted sources
The users of a given piece of software are
restrained by law and custom from various actions
against the manufacturers interests

10
Assumptions violated by mobile agents (contd)

Significant security threats come from attackers
running programs with the intent of accomplishing
unauthorized results.
Programs cross administrative boundaries only
rarely, and only when people intentionally
transmit them.
A given instance of a program runs entirely on
one machine processes do not cross
administrative boundaries at all.
A given program runs on only one particular
operating system.
Computer security is provided by the operating
system

11
Benefits of mobile agents

Bandwidth conservation
Reduction of latency
Reduction of completion time
Asynchronous (disconnected) communications
Load balancing
Dynamic deployment

12
Reason 1 Bandwidth conservation
Text documents, numerical data, etc.
Client/Proxy
Server
Dataset
Client/Proxy
Server
13
Reason 2 Reduce latency
Sumatra chat server (a reflector)
1. Observe high average latency to clients
2. Move to better location
14
Reason 3 Reduce Completion Time
Efficiency
1. Send code with unique query
Low bandwidth channel
Mobile users
3. Return requested data
2. Perform multi-step queries on large,
remote, heterogeneous databases
15
Reason 4
Disconnected communication and operation
X
X
Before
X
X
After
16
Reason 5 Load balancing
Jobs/Load
Jobs/Load migrate in a heterogeneous network of
machines
17
Reason 6 Dynamic Deployment
18
Threats posed by mobile agents

Destruction of
data, hardware, current environment
Denial of service
block execution
take up memory
prevention of access to resources/network
Breach of privacy / theft of resources
obtain/transmit privileged information
use of covert channels
Harassment
Display of annoying/offensive information
screen flicker
Repudiation
ability to deny an event / action ever happened

19
Protection methods against malicious mobile agents

Authenticating credentials
certificates and digital signatures
Access Control and Authorization
Reference monitor
security domains
policies
Software-based Fault Isolation
Javas sandbox
Monitoring
auditing of agents activities
setting limits
Proxy-based approach to host protection
Code Verification - proof-carrying code

20
Threats to mobile agents

Denial of service
Unauthorized use or access of code/data
Unauthorized modification or corruption code/data
Unauthorized access, modification, corruption, or
repeat of agent external communication

21
Possible attacks on mobile agents

Denial of service
Impersonation
Host
Agent
Replay
Eavesdropping
Communication
Code data
Tamper attack
Communication
Code data

22
Protection of mobile agents

Encryption
code
payload
Code obfuscation
Time-limited black-box security

23
Application Technical reports
GUI on home machine
...
2. Send child agents / collect partial results
1. Send agent
3. Return merged and filtered results
Dynamically selected proxy site
24
Application Military
Wireless Network
Troop positions
Technical specs
Orders and memos
25
Application e-commerce
Arbiter
VendorA
VendorB
Bank
Agent
Yellow pages
Agent
26
Mobile agent systems
27
More examples and bots

Tryllian mobile agent system
Bots
mysimon.com
amazon.com - customer preferences

28
Current trends lead to mobile agents
Server-side
Information overload
Mobile code to server or proxy
Customization
Too many unique, dispersed clients to handle
Diversified population
Proxy-based
Increased need for personalization
Multiple sites to visit
Mobile Agents
Bandwidth gap
Avoid large transfers
Mobile code to client
Avoid star itinerary
Mobile users and devices
Disconnected Operation
High latency
29
Migrating to migrating code
30
Conclusion Cons