Among security services for stored data protection two are the most important: availability and integ-
rity. The data unavailable is useless for a potential user. Also, the data illegally defected or falsified is a worthless source of information. No other protection has sense if the data’s content is destroyed. In the case of executables we face analogous problems. Except others, the executables must be available and protected against falsification (that is unauthorized changes of the designed functioning, internal state and the carried data). The problem of availability has been successfully solved by a concept of mobile agents that simply go to the destination place and work in there. However, this solution made the problem of integrity of the mobile code or mobile agent even more important than in the case of the stored data. The falsified mobile agent is not only useless. It can be even harmful as an active party making some unplanned actions. Therefore, pre- serving agents’ integrity is a fundamental condition of their proper functioning.
In this chapter we made an overview of the existing protocols and methods for preserving the agent’s integrity. The basic definitions and notions were introduced. The most important mechanisms were presented and discussed. We also proposed a new concept for detection of the tempering of an agent, based on a zero-knowledge proof system. The proposed scheme secures both, an agent’s execution state and the internal data along with its code. For the practical implementation the system requires some additional research and development work, but it looks to be a promising solution to the problem of providing an agent with effective and strong countermeasures against attacks on its integrity.
rEfErEncEs
Alves-Foss, J., Harrison, S., & Lee, H. (2004, January 5-8). The use of encrypted functions for mobile agent security. In Proceedings of the 37th Hawaii International Conference on System Sci- ences—Track 9 (pp. 90297b). US: IEEE Computer Society Press.
Benachenhou, L., & Pierre, S. (2006). Protection of a mobile agent with a reference clone. Computer
Burmester, M., Chrissikopoulos, V., & Kotzaniko-
laou, P. (2000). Secure transactions with mobile agents in hostile environments. In E. Dawson, A. Clark, & C. Boyd (Eds.), Information security and privacy. Proceedings of the 5th Australasian Con- ference ACISP (LNCS 1841, pp. 289-297). Berlin, Germany: Springer.
Coilberg, Ch., Thomborson, C., & Low, D. (1997). A taxonomy of obfuscating transformations (Tech. Rep. No. 148). Australia: The University of Auck- land.
Corradi, A., Cremonini, M., Montanari, R., & Stefanelli, C. (1999). Mobile agents integrity for electronic commerce applications. Information Systems, 24(6), 519-533.
Esparza, O., Fernandez, M., Soriano, M., Munoz, J. L., & Forne, J. (2003). Mobile agents watermarking and fingerprinting: Tracing malicious hosts. In V. Maŕík, W. Retschitzegger, & O. Štĕpánková (Eds.),
Proceedings of the Database and Expert Systems Applications (DEXA 2003) (LNCS 2736, pp. 927- 936). Berlin, Germany: Springer.
Goldreich, O. (2002). Zero-knowledge twenty years after its invention (E-print 186/2002). E- print, IACR.
Hohl, F. (1998). Time limited blackbox security: Protecting mobile agents from malicious hosts. In G. Vigna (Ed.), Mobile agents and security (LNCS 1419, pp. 92-113). Berlin, Germany: Springer. Jansen, W. A. (2000). Countermeasures for mobile agent security. [Special issue]. Computer Commu- nications, 23(17), 1667-1676.
Jansen, W. A., & Karygiannis, T. (1999). Mobile agents security (NIST Special Publication 800-19). Gaithersburg, MD: National Institute of Standards and Technology.
Karjoth, G., Asokan, N., & Gulcu, C. (1999). Protect- ing the computation results of free-roaming agents. In K. Rothermel & F. Hohl (Eds.), Proceedings of the Second International Workshop on Mobile
Agents (MA ’98) (LNCS 1477, pp. 195-207). Berlin, Germany: Springer.
Kulesza, K., & Kotulski, Z. (2003). Decision systems in distributed environments: Mobile agents and their role in modern e-commerce. In A. Lapinska (Ed.), Proceedings of the Conference “Information in XXI Century Society” (pp. 271-282). Olsztyn: Warmia-Mazury University Publishing.
Kulesza, K., Kotulski, Z., & Kulesza, K. (2006). On mobile agents resistant to traffic analysis.
Electronic Notes in Theoretical Computer Science, 142,181-193.
Low, D. (1998). Protecting Java code via code obfuscation. Crossroads,4(3), 21-23.
Man, C., & Wei, V. (2001). A taxonomy for attacks on mobile agent. In Proceedings of the Interna- tional Conference on Trends in Communications, EUROCON’2001 (pp. 385-388). IEEE Computer Society Press.
Oppliger, R. (2000). Security technologies for the World Wide Web. Computer Security Series. Nor- wood, MA: Artech House Publishers.
Pieprzyk, J., Hardjono, T., & Seberry, J. (2003). Fundamentals of computer security. Berlin, Ger- many: Springer.
Riordan, J., & Schneier, B. (1998). Environmental key generation towards clueless agents. In G. Vinga (Ed.), Mobile agents and security (pp. 15-24). Berlin, Germany: Springer.
Sabater, J., & Sierra, C. (2005). Review on com- putational trust and reputation models. Artificial Intelligence Review, 24 (1), 33-60.
Sander, T., & Tschudin, Ch. F. (1998, May 3-6). Towards mobile cryptography. In Proceedings of
the 1998 IEEE Symposium on Security and Privacy (pp. 215-224). IEEE Computer Society Press. Schneider, F. B. (1997). Towards fault-tolerant and secure agentry. In M. Mavronicolas (Ed.), Proceed- ings 11th International Workshop on Distributed Al-
gorithms (pp. 1-14). Berlin, Germany: Springer. Shao, M., & Zhou, J. (2006). Protecting mobile-agent data collection against blocking attacks. Computer Standards & Interfaces, 28(5), 600-611.
Tixier, J., Dusserre, G., Salvi, O., & Gaston, D. (2002). Review of 62 risk analysis methodologies of industrial plants. Journal of Loss Prevention in
the Process Industries, 15(4), 291-303.
Vigna, G. (1997). Protecting mobile agents through tracing. In Proceedings of the 3rd ECOOP Workshop on Mobile Object Systems. Jyvälskylä, Finland. Vigna, G. (1998). Cryptographic traces for mobile agents. In G. Vigna (Ed.), Mobile agents and secu- rity (LNCS 1419, pp. 137-153). Berlin, Germany: Springer.
Wang, T., Guan, S., & Chan, T. (2002). Integrity protection for code-on-demand mobile agents in e-commerce. Journal of Systems and Software,
60(3), 211-221.
Yee, B. S. (1999). A sanctuary for mobile agents. In J. Vitek & C. D. Jensen (Eds.), Secure Internet programming: Security issues for mobile and dis- tributed objects (LNCS 1603, pp. 261-273). Berlin, Germany: Springer.
Zacharia, G., & Maes, P. (2000). Trust management through reputation mechanisms. Applied Artificial Intelligence, 14(9), 881-907.
Zwierko, A., & Kotulski, Z. (2005). Mobile agents: Preserving privacy and anonymity. In L. Bolc, Z. Michalewicz, & T. Nishida (Eds.), Proceedings of IMTCI2004, International Workshop on Intelligent Media Technology for Communicative Intelligence (LNAI 3490, pp. 246-258). Berlin, Germany: Springer.
Zwierko, A., & Kotulski, Z. (2007). Integrity of mo- bile agents: A new approach. International Journal of Network Security, 2(4), 201-211.
Zwierko, A., & Kotulski, Z. (2007). A lightweight e-voting system with distributed trust. Electronic
Notes in Theoretical Computer Science, 168, 109-
126.
kEy tErMs
Agent Platform (Host): Agent platform is a computer where an agent’s code or program is
executed. The software agent cannot perform its actions outside hosts. The host protects agents against external attacks.
Cryptographic Protocol: Cryptographic pro- tocolis a sequence of steps performed by two or more parties to obtain a goal precisely according to assumed rules. To assure this purpose the parties use cryptographic services and techniques. They realize the protocol exchanging tokens.
Intelligent Software Agent: Intelligent soft- ware agentis an agent that uses artificial intelligence in the pursuit of its goals in contacts with hosts and other agents.
Mobile Agent: Mobile agent is an agent that can move among different platforms (hosts) at different times while the stationary agent resides permanently at a single platform (host).
Security Services: Security servicesguarantee protecting agents against attacks. During agent’s transportation the code is protected as a usual file. At the host site, the agent is open for modifications and very specific methods must be applied for protection. For the agent’s protection the following security services can be utilized:
• Confidentiality: Confidentiality is any private data stored on a platform or carried by an agent that must remain confidential. Mobile agents also need to keep their present location and the whole route confidential.
• Integrity: Integrity exists when the agent platform protects agents from unauthorized modification of their code, state, and data and ensure that only authorized agents or processes carry out any modification of the shared data.
• Accountability: Accountability exists when each agent on a given platform must be held accountable for its actions: must be uniquely identified, authenticated, and audited.
• Availability: Availability exists when every agent (local, remote) is able to access data and services on an agent platform, which responsible to provide them.
• Anonymity: Anonymity is when agents’ actions and data are anonymous for hosts and other agents; still accountability should be enabled.
Software Agent: Software agent is a piece of code or computer program that can exercise an individual’s or organization’s authority, work autonomously at host toward a goal, and meet and interact with other agents.
Strong Mobility: Strong mobilityof an agent means that a running program along with its particular (actual) state is moving from one host site to another.
Weak Mobility: Weak mobility of an agent means that only the agent’s code is migrating and no execution state is sent along with an agent program.