|
About Mobile Security
Search CSRC
Search Vulnerability
 Archive;
|
|
Mobile
Agent Systems
Mobile agents are autonomous software entities that can halt themselves,
ship themselves to another agent-enabled host on the network, and continue
execution, deciding where to go and what to do along the way. Mobile agents
are goal-oriented, can communicate with other agents, and can continue to
operate even after the machine that launched them has been removed from the
network. The mobile agent computing paradigm raises several privacy and
security concerns, which clearly are one of the main obstacles to the
widespread use and adaptation of this new technology. Mobile agents
applications are currently being developed by industry, government, and
academia for use in such areas as telecommunications systems, personal digital
assistants, information management, on-line auctions, service brokering,
contract negotiation, air traffic control, parallel processing, and computer
simulation. Mobile agent security issues include: authentication, identification,
secure messaging, certification, trusted third parties, non-repudiation, and
resource control. Mobile agent frameworks must be able to counter new threats
as agent hosts must be protected from malicious agents, agents must be
protected from malicious hosts, and agents must be protected from malicious
agents. This project is directed towards evaluating existing mobile agent
security mechanisms and developing new countermeasures for mobile agent security
threats.
Network Security Management
A number of advantages of using mobile code and mobile agent computing paradigms
have been proposed. These advantages include: overcoming network latency,
reducing network load, executing asynchronously and autonomously, adapting
dynamically, operating in heterogeneous environments, and having robust and
fault-tolerant behavior. Most of these advantages are applicable to narrow
application areas and more work needs to been done to verify these claims in an
operational environment. Moreover, one of the main obstacles to the widespread
adoption of mobile agents is the legitimate security concerns of system developers,
network administrators, and information officers. Many security mechanisms have
been proposed to mitigate agent-to-agent, agent-to-platform, and platform-to-agent
security risks. These security mechanisms may, however, introduce performance
constraints that could dictate design decisions or negate the benefit of using
mobile agents for certain applications. The focus of this research is to evaluate
these claimed advantages and determine the applicability and benefits of using
mobile agents for intrusion detection in large-scale enterprise applications,
high-speed networks, high-volume data management requirements, and highly
distributed and heterogeneous environments.
|