共查询到20条相似文献,搜索用时 15 毫秒
1.
Oscar Esparza Jose L. Muoz Joan Toms‐Buliart Miguel Soriano 《Wireless Communications and Mobile Computing》2011,11(11):1446-1462
Mobile agents are software entities consisting of code, data, and state that can migrate autonomously from host to host executing their code. In such scenario there are some security issues that must be considered. In particular, this paper deals with the protection of mobile agents against manipulation attacks performed by the host, which is one of the main security issues to solve in mobile agent systems. This paper introduces an infrastructure for mobile agent watermarking (MAW). MAW is a lightweight approach that can efficiently detect manipulation attacks performed by potentially malicious hosts that might seek to subvert the normal agent operation. MAW is the first proposal in the literature that adapts software watermarks to verify the execution integrity of an agent. The second contribution of this paper is a technique to punish a malicious host that performed a manipulation attack by using a trusted third party (TTP) called host revocation authority (HoRA). A proof‐of‐concept has also been developed and we present some performance evaluation results that demonstrate the usability of the proposed mechanisms. Copyright © 2010 John Wiley & Sons, Ltd. 相似文献
2.
一种改进的基于Web的移动代理的设计 总被引:1,自引:0,他引:1
移动代理系统的特点是移动性,自治性和智能性。在移动代理技术拥有完整性保护后,移动代理就可以免于被恶意的主机和其他代理攻击。传统的移动代理是由固定的代码段组成的,提出了一种改进的移动代理方法(MMA),这种方法可以在执行需求时动态添加新的代理代码模块,也可以删除冗余的代码模块。在基于Web的系统中这种方法比传统的静态方法更加灵活有效。 相似文献
3.
Building reusable mobile agents for network management 总被引:7,自引:0,他引:7
I. Satoh 《IEEE transactions on systems, man and cybernetics. Part C, Applications and reviews》2003,33(3):350-357
Mobile agents can migrate among nodes to perform a set of management tasks at each of the visited nodes. Existing mobile agent-based network management systems often assume that their mobile agents are designed to work in particular networks to raise the efficiency of agent migration among multiple nodes. Unfortunately, such mobile agents cannot be reused in different networks. This paper proposes a framework where a mobile agent for network management is composed of two kinds of software components, an itinerary part and a behavioral logic part. Both components are implemented as mobile agents. The former is a carrier designed for particular networks, and it can efficiently navigate other mobile agents among nodes in its target network. The latter defines management tasks performed at each node independently of any local network. This framework allows a mobile agent for network management to be reused in various networks without being modified. A prototype implementation of this framework and its application were built on a Java-based mobile agent system. 相似文献
4.
移动代理技术已经成为设计、实现分布式应用的一种极具前景的技术,现有许多移动代理系统已经在研究及商业领域得以实现.但是移动代理系统至今仍然没有得到很广泛的应用,其原因除了使用移动代理系统所涉及的安全性问题之外,另一个主要因素就是缺少一个对移动代理系统性能进行量化评价的基准.本文对于现有的能够对各种不同移动代理系统进行量化评测的基准进行综述,并且讨论哪些因素会对移动代理架构性能产生根本的影响. 相似文献
5.
移动代理通过遍历网络收集信息,由于网络的开放性,代理及其内部数据的安全受到巨大威胁。提出了一种基于安全移动代理的路由算法的设计思想,使用概率值来构造路由表,通过移动代理在网络节点间地迁移,来发现网络状态,更新节点路由表。同时在网络节点处建立信任表,定期生成TestDataAgent(测试代理)在虚拟空间中运行,并对其属性和关键数据进行检测以保证网络节点的可靠性,实现代理在网络中的安全。还用Grasshopper移动代理开发平台构造了一个简单网络模型,对此算法进行了验证。 相似文献
6.
使用移动Agent技术的网络管理 总被引:3,自引:0,他引:3
当今大型的通信网络往往集成了来自多家厂商的网络和通讯设备,而基于集中式方式的传统网络管理已难以满足用户的需求。移动agent是能够自动在网络各节点间移动并代表其它实体工作的软件实体,引起了人们广泛关注。文章介绍了有关移动agent的基本概念及其系统实现,并讨论了网络管理中移动agent技术的几个应用实例以表明移动agent是解决异构环境的复杂网管的有效途径。 相似文献
7.
Agents need resources and protection from hostile influences, in both natural and artificial environments. This paper specifically considers social insects and software mobile agent systems, in order to understand how the need for mobility, resource acquisition and security can influence the design and operation of agent systems. Evolution has honed the movement, resource-gathering and defensive skills of the social insects in a multitude of ways. The paper reviews some of these strategies and assesses whether they may provide useful insights into the design and implementation of mobile software agents. This process is necessary as current mobile agent systems have been handicapped by a lack of convincing security measures which has prevented their adoption in mainstream computing services.This paper therefore examines the strategies for movement, resource acquisition and defence adopted by the social insects and considers how they may be applied to enhance the design of mobile agents. 相似文献
8.
Support for host mobility an essential and necessary feature for roaming users who connect to wireless networks via access
points. Access points may have different capabilities, be connected to different networks and be installed by different providers.
A mobile host will discover multiple access points in this environment. In such an environment, a mobile host should be able
to use the best available connection to communicate with a correspondent host and perhaps use multiple connections for different
hosts. In areas with wireless local area network access, pockets with limited or no coverage could exist. Such restricted
connectivity could be compensated by neighbor hosts who form an ad hoc network and relay packets until they reach an access
point. This paper describes and discusses a proposed solution towards enabling and supporting connectivity in wireless networks.
In the proposed solution the network layer software will evaluate and decide which wireless network connections to use. A
Running Variance Metric (RVM) and a Relative Network Load(RNL) are used to measure the traffic load of access points in wireless access networks. RVM and RNL can be efficiently used
for both infrastructure networks and ad hoc networks. Multihomed Mobile IP (M-MIP) is an extension of Mobile IP that enables
mobile hosts to use multiple care-of addresses simultaneously. The extension enhances network connectivity by enabling the
mobile host, the home agent and correspondent hosts to evaluate and select the best connection. A proposed gateway architecture
using M-MIP that integrates wired IP networks with ad hoc networks is described. The M-MIP and gateway architecture using
the RVM and RNL metrics have been validated with simulation studies and results are presented. 相似文献
9.
A Mobile IP allows IP hosts to move between different networks without changing their IP addresses. Mobile IP systems supporting local registration were introduced to reduce the number of times a home registration with the remotely located home agent was needed. The local registration Mobile IP scheme enhanced performance by processing registration requests of mobile nodes at a local agent. The local registration approach may affect other aspects of the Mobile IP systems such as fault tolerance. In this paper, we briefly review previous solutions for supporting fault tolerance in local registration Mobile IP systems and propose a fault tolerance protocol with a backup foreign agent in a hierarchical local registration mobile IP to enhance the efficiency of such systems against foreign agent failures. We also describe the specification of the proposed protocol using LOTOS and perform its validation using MiniLite. Finally, we analyze the performance of our proposed fault tolerance protocol through simulation. 相似文献
10.
移动Agent的安全性是限制其广泛应用的一个重要因素。论文提出了一种改进的基于层次化身份加密的移动Agent安全方案,更简单、高效地实现了分布式环境下移动Agent与主机的相互认证,同时实现了对移动Agent的路径追踪,为移动Agent系统提供了可靠的安全性和稳健性保证,具有较高的实用价值。 相似文献
11.
移动代理系统提供了一个新的计算方式,程序以软件代理的形式出现,它能在一台主机上停止它的执行,通过移动到另一台主机上恢复执行。随着移动软件混合性的增加,也伴随着对安全的威胁。尤其是对拒绝服务攻击这类消耗系统资源的攻击,目前还没有什么好的方法。提出了将电子货币引入系统来抵御这类攻击,并给出了一个应用模型。 相似文献
12.
Internet Connectivity for Ad Hoc Mobile Networks 总被引:7,自引:0,他引:7
Sun Yuan Belding-Royer Elizabeth M. Perkins Charles E. 《International Journal of Wireless Information Networks》2002,9(2):75-88
The growing deployment rate of wireless LANs indicates that wireless networking is rapidly becoming a prevalent form of communication. As users become more accustomed to the use of mobile devices, they increasingly want the additional benefit of roaming. The Mobile IP protocol has been developed as a solution for allowing users to roam outside of their home networks while still retaining network connectivity. The problem with this solution, however, is that the deployment of foreign agents is expensive because their coverage areas are limited due to fading and interference. To reduce the number of foreign agents needed while still maintaining the same coverage, ad hoc network functionality can cooperate with Mobile IP such that multihop routes between mobile nodes and foreign agents can be utilized. In this work, we present a method for enabling the cooperation of Mobile IP and the Ad hoc On-Demand Distance Vector (AODV) routing protocol, such that mobile nodes that are not within direct transmission range of a foreign agent can still obtain Internet connectivity. In addition, we describe how duplicate address detection can be used in these networks to obtain a unique co-located care-of address when a foreign agent is not available. 相似文献
13.
14.
The Research on Mobile-agent Security 总被引:1,自引:0,他引:1
1 IntroductionInterestinnetwork centric programmingandapplicationshassurgedinrecentyearsowingtovari ousfactors,suchastheexponentialgrowthoftheInternetuser base,andthewidespreadadoptionoftheWorldwideWebasaplatformforinformationdissemination,electroniccomm… 相似文献
15.
将移动代理和主动网络思想融入到下一代网络的研究中,提出基于移动代理的主动网络的概念和模型,但同时也引入了传统安全领域中所没有的安全问题。为解决MANet(mobile agents based acitve network)面临的安全威胁,对基于移动代理的主动网络安全架构模型进行了研究,讨论移动代理的安全技术和主动网络中的安全问题,重点讨论主动结点的安全问题,设计了一个通用性的主动结点安全性框架模型。一个良好的安全机制已经成为衡量网络好坏的一个重要指标。 相似文献
16.
Code mobility can be defined as the capability to dynamically change the bindings between code fragments and the location in which they are executed. The concept of code mobility is not new, but in recent years has become a hot topic. Web browsers are able to download programs attached to web pages that are executed locally. On the other hand, mobile agent technology allows for agents to autonomously migrate to new hosts. A major concern involved in the use of these technologies is security: the integrity of the receiving host must not be compromised by the execution of mobile code. The local host needs to define a security policy that specifies which resources are made available to mobile code, potentially untrusted. On the other hand, the runtime system must, somehow, enforce such policy. In this paper, we present a survey of different techniques aimed at resolving the problem of secure resource management, and argue within which context they are appropriate. 相似文献
17.
基于移动Agent的智能电子商务模型的设计与实现 总被引:1,自引:0,他引:1
基于移动Agent技术的智能电子商务模型是一个新的研究课题.在分析现有电子商务模型存在问题的基础上,构建了一个建立在Internet开放采购模型OBI之上、支持B2B模式的智能电子商务模型IECMMA,提出了一个针对该模型的改进的电子商务安全方案.设计了一个基于时间策略的智能购物算法,并利用IBM公司的移动A-gent开发工具ASDK实现了该模型的主要功能.实验结果表明,该模型是切实可行的. 相似文献
18.
自移动代理提出以来,安全性问题一直是制约其广泛应用的一个最主要的因素。作为分布式C/S计算模式的延伸,目前备受关注的多移动代理协作为提高整个移动代理系统安全性提供了一个新的思路。该文通过分析基于拉格朗日插值的密钥分割和多重签名方案应用于多移动代理系统中出现的问题,给出了一个改进的、更有实际应用价值的算法。最后,给出了一个基于此算法的电子交易的案例。 相似文献
19.
20.
In information security and network management, attacks based on vulnerabilities have grown in importance. Malicious attackers break into hosts using a variety of techniques. The most common method is to exploit known vulnerabilities. Although patches have long been available for vulnerabilities, system administrators have generally been reluctant to patch their hosts immediately because they perceive the patches to be annoying and complex. To solve these problems, we propose a security vulnerability evaluation and patch framework called PKG‐VUL, which evaluates the software installed on hosts to decide whether the hosts are vulnerable and then applies patches to vulnerable hosts. All these operations are accomplished by the widely used simple network management protocol (SNMP). Therefore, system administrators can easily manage their vulnerable hosts through PKG‐VUL included in the SNMP‐based network management systems as a module. The evaluation results demonstrate the applicability of PKG‐VUL and its performance in terms of devised criteria. 相似文献