SOMA Security


The Mobile Agent (MA) paradigm seems to be a promising technology for developing applications in open, distributed and heterogeneous environments, such as the Internet. Mobile agents can overcome some of the limits of the traditional Client/Server model because of their intrinsic features, such as flexibility, autonomy, and efficiency and can easily integrate with the web to improve application accessibility. Many application areas, such as electronic commerce, mobile computing, network management and information retrieval can benefit from the application of the MA technology.

However, the main technical obstacle to a wider acceptance of the MA paradigm seems to be security. Achieving security is fundamental for the successful deployment of mobile agents systems, especially for electronic commerce applications. The MA paradigm can be considered an interesting case study for the security research community for the symmetry of the security concerns: both execution environments and agents are susceptible to several attacks. Appropriate security mechanisms must be provided not only to protect agent execution environments against malicious behavior of incoming agents, but also to guarantee to users that any violation of the secrecy and of the integrity of their agents is at least detected if not prevented. The problem of the protection of hosts against malicious agents has been extensively investigated. Technologies such as Java sandboxes, type safe languages, and software fault isolation provide effective solutions to this security issue. On the other hand, the protection of mobile agents against malicious behavior of execution environments is specific to MA technology and represents a challenging research area with only a few proposals. Mobility introduces new threats that have not been extensively taken into account in most of the proposed MA systems: mobile agents can be tampered by malicious execution environments, may be denied from roaming or may be illegaly cloned to cause denial of service.

These considerations have led us to design and implement SOMA by considering security as a key property to be accounted for and integrated at any system layer. SOMA permits to protect both:

To achieve this goal, the SOMA framework supports the definition and the enforcement of flexible security policies to govern the interactions of agents with both other agents and with the available resources in the execution sites. Whenever possible, SOMA security model has been implemented by taking into account the standard security solutions employed in distributed systems. In fact, the design and the exploitation of ad hoc security mechanisms could require too great an effort. More important point is that non standard tools are unlikely to be accepted in open environments [1], [2].

 

 
Page updated on Tuesday, 08-Jan-2002 23:38:30 CET
In case of problems, or if you find any bug, please contact us.