The Internet is an open and global programming environment where applications and services mostly follow the traditional client/server model. The use of new programming paradigms based on mobile entities, such as mobile agents (MA), can accelerate the process of diffusion of new applications and services in the areas of e-commerce, network and systems management, and mobile computing. However, the lack of security is one of the main obstacles to a wide diffusion of MA. On the one hand, mobility increases the potential of security breaches because of the injection of possibly malicious MAs; on the other hand, it introduces the new issue of protecting MAs against integrity and secrecy attacks from their execution environments. This paper discusses the security issues introduced by the MA technology and proposes a security architecture composed of a wide set of services and components, which adequately fulfil the requirements of several application areas. The implementation of the security framework in the secure and open MA system has provided the support for the development of a secure electronic marketplace prototype that demonstrates the effectiveness of adopting the MA technology in the Internet environment.
Security of mobile agents on the Internet
Stefanelli C.
2001
Abstract
The Internet is an open and global programming environment where applications and services mostly follow the traditional client/server model. The use of new programming paradigms based on mobile entities, such as mobile agents (MA), can accelerate the process of diffusion of new applications and services in the areas of e-commerce, network and systems management, and mobile computing. However, the lack of security is one of the main obstacles to a wide diffusion of MA. On the one hand, mobility increases the potential of security breaches because of the injection of possibly malicious MAs; on the other hand, it introduces the new issue of protecting MAs against integrity and secrecy attacks from their execution environments. This paper discusses the security issues introduced by the MA technology and proposes a security architecture composed of a wide set of services and components, which adequately fulfil the requirements of several application areas. The implementation of the security framework in the secure and open MA system has provided the support for the development of a secure electronic marketplace prototype that demonstrates the effectiveness of adopting the MA technology in the Internet environment.I documenti in SFERA sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.