共查询到20条相似文献,搜索用时 15 毫秒
1.
The practicality of mobile agents hinges on realistic security techniques. Mobile agent systems are combination client/servers that transport, and provide an interface with host computers for, mobile agents. Transport of mobile agents takes place between mobile agent systems, which are located on heterogeneous platforms, making up an infrastructure that has the potential to scale to the size of any underlying network. Mobile agents can be rapidly deployed, and can respond to each other and their environment. These abilities expose flaws in current security technology. This article surveys the risks connected with the use of mobile agents, and security techniques available to protect mobile agents and their hosts. The inadequacies of the security techniques developed from the information fortress model are identified. They are the result of using a good model in an inappropriate context (i.e. a closed system model in a globally distributed networking computing base). Problems with commercially available techniques include: (1) conflicts between security techniques protecting hosts and mobile agents, (2) inability to handle multiple collaborative mobile agents, and (3) emphasis on the credentials of software instead of on the integrity of software to determine the level of trust. 相似文献
2.
Oscar Esparza Jose L. Muoz Joan Toms‐Buliart Miguel Soriano 《Wireless Communications and Mobile Computing》2011,11(11):1446-1462
Mobile agents are software entities consisting of code, data, and state that can migrate autonomously from host to host executing their code. In such scenario there are some security issues that must be considered. In particular, this paper deals with the protection of mobile agents against manipulation attacks performed by the host, which is one of the main security issues to solve in mobile agent systems. This paper introduces an infrastructure for mobile agent watermarking (MAW). MAW is a lightweight approach that can efficiently detect manipulation attacks performed by potentially malicious hosts that might seek to subvert the normal agent operation. MAW is the first proposal in the literature that adapts software watermarks to verify the execution integrity of an agent. The second contribution of this paper is a technique to punish a malicious host that performed a manipulation attack by using a trusted third party (TTP) called host revocation authority (HoRA). A proof‐of‐concept has also been developed and we present some performance evaluation results that demonstrate the usability of the proposed mechanisms. Copyright © 2010 John Wiley & Sons, Ltd. 相似文献
3.
Building reusable mobile agents for network management 总被引:7,自引:0,他引:7
I. Satoh 《IEEE transactions on systems, man and cybernetics. Part C, Applications and reviews》2003,33(3):350-357
Mobile agents can migrate among nodes to perform a set of management tasks at each of the visited nodes. Existing mobile agent-based network management systems often assume that their mobile agents are designed to work in particular networks to raise the efficiency of agent migration among multiple nodes. Unfortunately, such mobile agents cannot be reused in different networks. This paper proposes a framework where a mobile agent for network management is composed of two kinds of software components, an itinerary part and a behavioral logic part. Both components are implemented as mobile agents. The former is a carrier designed for particular networks, and it can efficiently navigate other mobile agents among nodes in its target network. The latter defines management tasks performed at each node independently of any local network. This framework allows a mobile agent for network management to be reused in various networks without being modified. A prototype implementation of this framework and its application were built on a Java-based mobile agent system. 相似文献
4.
Agents need resources and protection from hostile influences, in both natural and artificial environments. This paper specifically considers social insects and software mobile agent systems, in order to understand how the need for mobility, resource acquisition and security can influence the design and operation of agent systems. Evolution has honed the movement, resource-gathering and defensive skills of the social insects in a multitude of ways. The paper reviews some of these strategies and assesses whether they may provide useful insights into the design and implementation of mobile software agents. This process is necessary as current mobile agent systems have been handicapped by a lack of convincing security measures which has prevented their adoption in mainstream computing services.This paper therefore examines the strategies for movement, resource acquisition and defence adopted by the social insects and considers how they may be applied to enhance the design of mobile agents. 相似文献
5.
杨晨 《信息技术与标准化》2011,(3):18-21
企业的信息化、智能化为移动代理的应用提供了广阔的平台,但是移动代理系统安全保障成为制约其应用的关键。从代理保护和代理平台保护两个方面阐述了移动代理系统关键信息安全保障技术,分析了移动代理安全标准化现状,提出了未来移动代理安全保障技术及标准化研究建议。 相似文献
6.
移动代理技术已经成为设计、实现分布式应用的一种极具前景的技术,现有许多移动代理系统已经在研究及商业领域得以实现.但是移动代理系统至今仍然没有得到很广泛的应用,其原因除了使用移动代理系统所涉及的安全性问题之外,另一个主要因素就是缺少一个对移动代理系统性能进行量化评价的基准.本文对于现有的能够对各种不同移动代理系统进行量化评测的基准进行综述,并且讨论哪些因素会对移动代理架构性能产生根本的影响. 相似文献
7.
一种改进的基于Web的移动代理的设计 总被引:1,自引:0,他引:1
移动代理系统的特点是移动性,自治性和智能性。在移动代理技术拥有完整性保护后,移动代理就可以免于被恶意的主机和其他代理攻击。传统的移动代理是由固定的代码段组成的,提出了一种改进的移动代理方法(MMA),这种方法可以在执行需求时动态添加新的代理代码模块,也可以删除冗余的代码模块。在基于Web的系统中这种方法比传统的静态方法更加灵活有效。 相似文献
8.
为解决分布式网络管理的安全问题,利用移动Agent框架作为底层平台,应用VMC概念将移动Agent和SNMPAgent相融合,构建一种基于可信移动Agent的安全体系结构。实验结果表明,采用此体系结构的网络管理系统能够确保移动Agent的可信性。因此,该体系结构在受到Agent到Agent平台或Agent到Agent攻击情况下的安全性得到评估,证明在网络管理任务中其性能是可信的。 相似文献
9.
10.
移动Agent的安全性是限制其广泛应用的一个重要因素。论文提出了一种改进的基于层次化身份加密的移动Agent安全方案,更简单、高效地实现了分布式环境下移动Agent与主机的相互认证,同时实现了对移动Agent的路径追踪,为移动Agent系统提供了可靠的安全性和稳健性保证,具有较高的实用价值。 相似文献
11.
Yi Ping Zhong Yiping Zhang Shiyong 《电子科学学刊(英文版)》2006,23(3):417-422
This paper focuses on investigating immunological principles in designing a multi-agent security architecture for intrusion detection and response in mobile ad hoc networks. In this approach, the immunity-based agents monitor the situation in the network. These agents can take appropriate actions according to the underlying security policies. Specifically, their activities are coordinated in a hierarchical fashion while sensing, communicating, decision and generating responses. Such an agent can learn and adapt to its environment dynamically and can detect both known and unknown intrusions. The proposed intrusion detection architecture is designed to be flexible, extendible, and adaptable that can perform real-time monitoring. This paper provides the conceptual view and a general framework of the proposed system. In the end, the architecture is illustrated by an example to show it can prevent the attack efficiently. 相似文献
12.
移动代理是一种新的分布式计算模式,安全是其必须解决的问题。针对基于Java移动代理系统的移动代理权限问题,尝试提出一种解决方案。该方案主要包括2个方面内容:一是利用Java2安全机制实现移动代理权限的特化;二是采用资源代理模式实现移动代理基于角色的权限特化,对敏感资源进行双重保护。该方案既采取粗粒度的角色解决方案,又结合采取了低粒度的基于Java安全的解决方案,能有效地实现移动代理存取权限的特化。 相似文献
13.
14.
Hui Chen Lam P.P.Y. Chan H.C.B. Dillon T.S. Cao Jiannong Lee R.S.T. 《IEEE transactions on systems, man and cybernetics. Part C, Applications and reviews》2007,37(6):1174-1189
We present MAGICS, a mobile agent-based system for supporting business-to-consumer electronic commerce (e-commerce) or mobile commerce (m-commerce) applications. To use the system, consumers first provide their buying requirements to a proxy/agent server through a Web browser or a wireless application protocol (WAP) terminal. Having obtained the requirements, mobile agents are generated to carry out tasks for the consumers including getting offers from merchants, evaluating offers, and even completing purchases. In the case of mobile commerce, consumers can generate a mobile agent to conduct a search and evaluation in the digital marketspace before making a purchase in the physical marketplace. To make it possible to choose an offer that best satisfies the consumer's requirement(s), we present a mathematical model for evaluating multiple decision factors. To test the basic functions of the mobile agent-based Internet commerce system (MAGICS), we have built a prototype system. To minimize the average cost of a product (including the cost of sending agents), we have also developed an analytical model that can determine how many agents should be sent to compare prices. Four different price distributions and some real price information are analyzed based on the model. The analysis provides valuable insights into the design of mobile agent-based shopping applications for m-commerce, in particular, and for e-commerce, in general. 相似文献
15.
16.
17.
将移动代理和主动网络思想融入到下一代网络的研究中,提出基于移动代理的主动网络的概念和模型,但同时也引入了传统安全领域中所没有的安全问题。为解决MANet(mobile agents based acitve network)面临的安全威胁,对基于移动代理的主动网络安全架构模型进行了研究,讨论移动代理的安全技术和主动网络中的安全问题,重点讨论主动结点的安全问题,设计了一个通用性的主动结点安全性框架模型。一个良好的安全机制已经成为衡量网络好坏的一个重要指标。 相似文献
18.
移动Agent作为新一代网络分布处理技术,能在网路上任意移动,自动执行使用者所设计和赋予的工作任务。移动Agent的安全问题是该项技术能否成功应用的关键。对移动Agent可能存在的安全问题以及遭受的攻击类型作了较详细的论述。从检测和保护两方面来阐述目前解决移动Agent安全问题的方法以及存在的问题。最后,引入具有监控和授权功能的安全管理器,提出了一种新的移动Agent系统安全模型,并分析了该模型的整个工作流程。 相似文献
19.
20.
移动代理通过遍历网络收集信息,由于网络的开放性,代理及其内部数据的安全受到巨大威胁。提出了一种基于安全移动代理的路由算法的设计思想,使用概率值来构造路由表,通过移动代理在网络节点间地迁移,来发现网络状态,更新节点路由表。同时在网络节点处建立信任表,定期生成TestDataAgent(测试代理)在虚拟空间中运行,并对其属性和关键数据进行检测以保证网络节点的可靠性,实现代理在网络中的安全。还用Grasshopper移动代理开发平台构造了一个简单网络模型,对此算法进行了验证。 相似文献