Data Privacy in Tuple Space Based Mobile Agent Systems

More recently, distributed variants of tuple spaces have been proposed to exploit the Linda model for programming distributed applications over wide area networks, possibly exploiting code mobility. However, the flexibility of the shared tuple space model opens possible security holes; it basically provides no access protection to the shared data. In this paper we investigate some possible scenarios where mobile agents can benefit from our cryptographic tuple space based framework, CryptoKlava, and sketch how to possibly implement such agents in order to keep the privacy of items collected by the mobile agent during its itinerary. The functionalities of the framework are general enough to be applied to other Java frameworks using multiple distributed tuples spaces possibly dealing with code mobility.     

一种面向移动Agent网络管理的安全模型

基于移动Agent的网络管理模型利用移动Agent对网络进行灵活的管理,但该模型中网络管理站、被管理节点和移动Agent存在的安全问题阻碍了其进一步的发展和应用.研究这些安全问题,利用Java卡和加密技术构建一个综合的安全模型,给出安全管理过程.实例分析表明该模型能够对网络管理过程有效地实施硬件和软件的安全保护.     

Location-dependent services for mobile users

One of the main issues in mobile services' research (M-service) is supporting M-service availability, regardless of the user's context (physical location, device employed, etc.). However, most scenarios also require the enforcement of context-awareness, to dynamically adapt M-services depending on the context in which they are requested. In this paper, we focus on the problem of adapting M-services depending on the users' location, whether physical (in space) or logical (within a specific distributed group/application). To this end, we propose a framework to model users' location via a multiplicity of local and active service contexts. First, service contexts represent the mean to access to M-services available within a physical locality. This leads to an intrinsic dependency of M-service on the users' physical location. Second, the execution of service contexts can be tuned depending on who is requesting what M-service. This enables adapting M-services to the logical location of users (e.g., a request can lead to different executions for users belonging to different groups/applications). The paper firstly describes the framework in general terms, showing how it can facilitate the design of distributed applications involving mobile users as well as mobile agents. Then, it shows how the MARS coordination middleware, implementing service contexts in terms of programmable tuple spaces, can be used to develop and deploy applications and M-services coherently with the above framework. A case study is introduced and discussed through the paper to clarify our approach and to show its effectiveness.     

Improved migration for mobile computing in distributed networks

A mobile ad hoc network (MANET) is a special type of wireless network in which a collection of mobile nodes with wireless network interfaces may form a temporary network, without the aids of any fixed infrastructure. Security has become a hot research topic in mobile ad hoc networks. In 1998, Volker and Mehrdad proposed a tree-based key management and access control scheme for the mobile agents to manage rights to access its own resources for the visited mobile nodes. Latter, Huang et al. showed that Volker and Mehrdad's scheme needs a large amount of storage and costs for managing and storing secret keys. Huang et al. further proposed a new and efficient scheme based on the elliptic curve cryptosystems to reduce costs and gain better efficiency. However, there is a security leak inherent in Huang et al.'s scheme that the malicious node can overstep his authority to access unauthorized information. This paper will propose a secure, robust, and efficient hierarchical key management scheme for MANETs. Some practical issues and solutions about dynamic key management are also considered and proposed. As compared with Huang et al.'s scheme, our proposed scheme can provide better security assurance, while requiring smaller key-size, lower computational complexities, and constant key management costs which is independent on the number of the confidential files and the visited nodes.     

移动代理人编程技术与移动用戶管理系统探讨

有自我控制与辨别身份能力的移动代理人编程技术,不但能够在网路上移动,也能够与其他代理人编程沟通及执行任务.由于移动代理人常常运作于异质的网路或作业系统(operating system)环境下,因此,一个具有整体逻辑性操作界面来存取实体结构的管理系统就显得越发重要.提出了一个能够追踪和维持移动代理人的管理系统,并且应用于远距教学(distance learning).此系统的主要目的在于提供移动代理人通用的存取环境.为了能使此系统完全运作,论述了移动代理人通信网路模组、移动代理人演化阶段来支援管理代理人与用户端代理人.另外,也将移动代理人所使用的工具编程整合成为角色扮演(role-setting)物件;此角色扮演物件是符合所谓应用编程驱使元件(application-driven component)的,因此,此系统也能够符合专业化利益的使用者的需求.     

Engineering mobile agent applications via context-dependent coordination

The design and development of Internet applications requiring dynamic and possibly mobile access to Internet resources can take advantage of an approach based on autonomous mobile agents. However, mobility introduces peculiar issues related to the modeling and management of the agents' coordination activities. This paper introduces context-dependent coordination as a framework for the design and development of Internet applications based on mobile agents, and shows how it can be supported by a proper coordination infrastructure. Context-dependent coordination is centered on the notion of programmable coordination media, as the software abstraction via which an agent in an Internet site can access to local resources and coordinate with local agents. Programmability stems from the fact that the behavior of the media can be fully configured to influence agents' coordination activities. This enables local administrators to configure coordination media so as to enact site-dependent coordination policies, and mobile agents to configure the accessed coordination media to obtain an application-dependent behavior of the media themselves. Several application examples shows that exploiting context-dependent coordination promotes a clear separation of concerns in design and development, and can make applications more modular and easier to be maintained. The MARS system is assumed as an exemplar coordination infrastructure to clarify the concepts expressed and to show their actual implementation.     

SecSpaces: a Data-driven Coordination Model for Environments Open to Untrusted Agent

In this paper we initiate an investigation about security problems which occur when exploiting a Linda-like data driven coordination model in an open environment. In this scenario, there is no guarantee that all the agents accessing the shared tuple space are trusted. Starting from the analysis of the few proposals already available in the literature, we present a novel coordination model which provides mechanisms to manage tuple access control. The first mechanism supports logical partitions of the shared repository: in this way we can restrict the access to tuples inside a partition, simply by limiting the access to the partition itself. The second mechanism consists of adding to the tuples some extra information which exploit asymmetric cryptography in order, e.g., to authenticate the producer of a tuple or to identify its reader/consumer. Finally, we support the possibility to define access control policies based on the kind of operations an agent performs on a tuple, thus discriminating between (destructive) input and (non-destructive) read operations.     

移动代理应用中上下文相关的客观协调

移动代理之间需要进行交互合作才能完成系统任务,每个移动代理也需要与它运行所在的移动代理环境进行交互。文章提出了一种在移动代理应用系统中的上下文相关的客观协调模型,适合移动代理系统中移动代理之间的交互和移动代理与移动代理环境之间的交互,它把全局的耦合交互转变成本地独立的元组空间交互,用可编程的元组空间解决由代理移动引起的上下文相关协调问题,而且环境相关的协调策略和应用相关的协调策略可以集成到可编程的元组空间中。     

基于移动代理、关键主机隐藏技术的IDS体系结构

本文介绍了一种安全灵活的入侵检测系统体系结构，通过运用关键主机隐藏技术，使关键主机对于主动探测，被动监听均不可见，提高了系统自身的安全性，同时，通过引入移动代理，限制入侵检测系统各部分之间的通信等机制，增强本体系结构对于拒绝服务攻击的抵抗力，系统通过使用智能移动代理在网络节点上收集处理信息，提高了入侵检检测系统的灵活性，减少了网络负载。     

Multicast routing in mobile ad hoc networks by using a multiagent system

Multicast routing in mobile ad hoc networks (MANETs) poses several challenges due to inherent characteristics of the network such as node mobility, reliability, scarce resources, etc. This paper proposes an Agent Based Multicast Routing Scheme (ABMRS) in MANETs, which uses a set of static and mobile agents. Five types of agents are used in the scheme: Route manager static agent, Network initiation mobile agent, Network management static agent, Multicast initiation mobile agent and Multicast management static agent. The scheme operates in the following steps: (1) to identify reliable nodes; (2) to connect reliable nodes through intermediate nodes; (3) to construct a backbone for multicasting using reliable nodes and intermediate nodes; (4) to join multicast group members to the backbone; (5) to perform backbone and group members management in case of mobility. The scheme has been simulated in various network scenarios to test operation effectiveness in terms of performance parameters such as packet delivery ratio, control overheads and group reliability. Also, a comparison of proposed scheme with MAODV (Multicast Ad hoc on-demand Distance Vector) protocol is presented. ABMRS performs better than MAODV as observed from the simulation. ABMRS offers flexible and adaptable multicast services and also supports component based software development.     

一个基于CORBA和移动智能体的分布式网箱集成框架

文中分析了当前主流网管系统在体系结构上的缺陷,阐述了分布对象技术（CORBA）与移动智能体技术各自在网管领域的应用方法与优势。结合这些优势,给出了一个基于CORBA和移动智能体的分布式网管集成框架,并进一步通过实验模拟证实了其可行性。     

Active network supports for mobile IP

The basic mobile IP protocol is difficult to implement on the traditional IP network and not flexible and efficient under certain conditions.For example,firewalls or boundary routers may drop packets sent by mobile nodes for security reasons.Traditional networking devices such as routers cannot dynamically load and unload extended services to achieve different qualities of services.In this paper,a new scheme of using the active network to support the mobile IP is presented.The Softnet,a prototype of active networks based on mobile agents,is introduced.The active network is characterized by the programmability of its intermediate nodes and therefore presents dynaic and flexible behaviors.Special services can be dynamically deployed onto the active nodes in the Softnet.This property is definitely required in implementing the mobile IP protocols.The SOftnet.This property is definitely required in implementing the mobile IP protocols.The Softnet.This property is definitely required in implementing the mobile IP protocols.The Softnet supports not only the basic mobile IP protocol but also other extended mobile IP protocols.Virtual networks for mobile IP services are dynamically formed by mobile agents in the Softnet to provide different qualities of services.     

Hierarchical management protocol for constructing a QoS communication path in wireless Ad Hoc networks

An Ad Hoc network consists of mobile hosts that can dynamically construct a wireless network without base stations. Due to the limited communication range, a source host usually needs other hosts to relay messages to the destination in a multi-hop manner. Consequently, establishing a routing path from the source to the destination is a basic requirement for providing communication service between any pair of mobile hosts. This study proposes a two-level management approach for efficiently constructing and maintaining a QoS routing path in Ad Hoc wireless networks, significantly reducing the quantity of control packets. In the first phase, the mobile hosts are partitioned into a number of complete graphs, each represented by a Supernode managed by an agent. The Ad Hoc network topology is thus transformed to an Agent-based Graph (AG). In the second phase, some agents of a larger degree than neighboring agents are selected as core nodes. The core nodes then virtually construct a Core Graph (CG). The proposed two-level hierarchical management and bandwidth-looking-ahead technologies can efficiently establish and maintain a QoS communication path at a low control packet cost. Simulation results indicate that the proposed management model significantly reduces the number of control packets in areas with very large numbers of mobile hosts.     

WCL: A co-ordination language for geographically distributed agents

In this paper a tuple space based co-ordination language, and a run-time system which supports it, is described. The co-ordination language is called WCL, and it is designed to support agent co-ordination over the Internet between agents which are geographically distributed. WCL uses tuple spaces as used in Linda. WCL provides a richer set of primitives than traditional tuple space based systems, and provides asynchronous and synchronous tuple space access, bulk tuple primitives, and streaming primitives which, as a whole, provide a complete framework more suited to co-ordination over the Internet compared with the Linda primitives. The primitives emphasise efficiency and location transparency (of data and agents) and this is exploited in the current run-time system used to support WCL. The run-time system described in this paper is distributed and uses location transparency and dynamic analysis of tuple space usage to migrate tuple spaces around the distributed system. Some initial experimental results are given which demonstrate the performance gains of using the tuple space migration. The paper motivates the inclusion of many of the primitives, and demonstrates how a well designed set of primitives provides performance and efficiency. The JavaSpace primitives are used as an example of how the choice of primitives can detrimentally affect the efficiency of the language, and exclude required co-ordination constructs.     

Programming mobile context-aware applications with TOTAM

In tuple space approaches to context-aware mobile systems, the notion of context is defined by the presence or absence of certain tuples in the tuple space. Existing approaches define such presence either by collocation of devices holding the tuples or by replication of tuples across all devices. We show that both approaches can lead to an erroneous perception of context. Collocation ties the perception of context to network connectivity which does not always yield the expected result. Tuple replication can cause that a certain context is perceived even if the device has left the context a long time ago. We propose a tuple space approach in which tuples themselves carry a predicate that determines whether they are in the right context or not. We present a practical API for our approach and show its use by means of the implementation of various mobile applications. Benchmarks show that our approach can lead to a significant increase in performance compared to other approaches.     

VPNs: Only Part of the Remote Access Security Solution

Today’s mobile workforce has found that having remote access to network resources and data can substantially increase productivity and is becoming increasingly popular. Employees can access information, network resources, and the Internet, regardless of their geographic location. Remote access offers workers cost savings on commuting and flexible work schedules, whilst enabling businesses to economize on valuable office space.     

Coordination for Internet Application Development

The adoption of a powerful and expressive coordination model represents a key-point for the effective design and development of Internet applications. In this paper, we present the TuCSoN coordination model for Internet applications based on network-aware and mobile agents, and show how the adoption of TuCSoN can positively benefit the design and development of such applications, firstly in general terms, then via a TuCSoN-coordinated sample application. This is achieved by providing for an Internet interaction space made up of a multiplicity of independently programmable communication abstractions, called tuple centres, whose behaviour can be defined so as to embody the laws of coordination.     

基于移动Agent的分布式QoS路由研究

该文提出了一种基于移动Agent的分布式QoS路由计算方法，该方法采用移动Agent搜索网络，寻找满足QoS请求的路径，并对选定路径进行资源预留，算法集QoS路由计算和资源预留于一体，网络中每个结点只需维持局部状态信息，引入移动Agent后，系统更具灵活性与适应性，并使系统能够同时支持尽力而为的数据传输和实时的数据传输。     

Research on social relations cognitive model of mobile nodes in Internet of Things

Interaction and communication between humans with smart mobile devices are a new trend of development in Internet of Things (IoT). With the powerful sensing capability of smart device and human mobility, various services could be provided by building a trusted chain between service requesters and suppliers. The cognition of social relations between mobile nodes is the basis of final mobile-aware services. It involves many decision factors, such as time, space and activity patterns. Using social network theory, a new cognitive model for social relations of mobile nodes in IoT is proposed. Firstly, nodes' social relations are reasoned and quantified from multiple perspectives based on the summary of social characteristics of mobile nodes and the definition of different decision factors. Then the location factor, interconnection factor, service evaluation factor and feedback aggregation factor are defined to solve the shortcomings in existing quantitative models. Finally, the weight distribution is set up by information entropy and rough set theory for these decision factors; it can overcome the shortage of traditional methods, in which the weight is set up by subjective ways and hence their dynamic adaptability is poor. We compare our cognitive model to existing models using MIT dataset by defining a variety of test indicators, such as network overall density (NOD), the degree center potential (DCP), the network distribution index (EI), etc. Simulation results show that, the cognitive model has better internal structure and significant validity in network analysis, and thus can provide mobile-aware service effectively in dynamic environment.     

MARS: a programmable coordination architecture for mobile agents

Mobile agents offer much promise, but agent mobility and Internet openness make coordination more difficult. Mobile Agent Reactive Spaces (MARS), a Linda-like coordination architecture with programming features, can handle a heterogeneous network while still allowing simple and flexible application design