Journal of Network and Systems Management

, Volume 19, Issue 2, pp 230–256

Security Schemes for a Mobile Agent Based Network and System Management Framework

Article

Abstract

In previous research work, we proposed an integrated framework to guide the design of a Mobile Agent based Network Management (MANM) system, namely the Mobile Agent based framework for Security enhanced Autonomous network and system Management (MASAM). This framework offered two distinct advantages: (1) the provision of a secure agent-based management infrastructure and (2) the capability of achieving enhanced network management functionalities. In this paper, we propose two novel security schemes, namely the Visibility Domain Protection Scheme (VDPS) and the Visa Based Authentication Scheme (VBAS), for protection of management information and authentication and resource access control of management agents, respectively. These schemes seamlessly fit into the modular MASAM framework and facilitate two major security components defined in its abstract architecture. The efficiency of the two security schemes, focusing on the aspects of security and performance, is demonstrated and evaluation results are compared with the SNMPv3 standard.

Keywords

Network management Agent-based management framework Security scheme Security evaluation 

References

  1. 1.
    Shin, K.S., Jung, J.H., Cheon, J.Y., Choi, S.B.: Real-time network monitoring scheme based on SNMP for dynamic information. J. Netw. Comput. Appl. 30(1), 331–353 (2007)CrossRefGoogle Scholar
  2. 2.
    Pashalidis, A., Fleury, M.: Secure network management within an open-source mobile agent framework. J. Netw. Syst. Manage. 12(1), 9–31 (2004)CrossRefGoogle Scholar
  3. 3.
    Papavassiliou, S., Puliafito, A., Tomarchio, O., Ye, J.: Mobile agent-based approach for efficient network management and resource allocation: framework and applications. IEEE J. Selected Areas Commun 20(4), 858–872 (2002)CrossRefGoogle Scholar
  4. 4.
    Martin, A., Leon, C., Monedero, I.: The evolution of OSI network management by integrated the expert knowledge. In: Proceedings of 7th international conference on intelligent data engineering and automated learning (IDEAL 2006), Burgos, Spain, pp. 402–409 (2006)Google Scholar
  5. 5.
    Cabrera, J.B., Lewis, L., Qin, X., Gutierrez, C. et al.: Proactive intrusion detection and SNMP-based security management: new experiments and validation. IFIP/IEEE 8th international symposium on integrated network management, Colorado Springs, CO, USA, pp. 93–96 (2003)Google Scholar
  6. 6.
    Apostolopoulos, T.K., Daskalou, V.C.: Role of the time parameter in a network security management model. In: Proceedings of the 1997 2nd IEEE symposium on computers and communications, Alexandria, Egypt, pp. 528–532 (1997)Google Scholar
  7. 7.
    Jiang, G.: Multiple vulnerabilities in SNMP. IEEE J. Comput. 35(4), 2–4 (2002)Google Scholar
  8. 8.
    Zhou, Y., Xiao, D.: Mobile agent-based policy management for wireless sensor networks. In: Proceedings of 2005 IEEE international conference on wireless communications, networking and mobile computing, Wuhan, China, pp. 1207–1210 (2005)Google Scholar
  9. 9.
    Wang, L., Lu, X., Shi, H.: Distributed intelligent network management model based on CORBA. J. Comput. Measure. Control 13(10), 1119–1151 (2005)Google Scholar
  10. 10.
    Young-Min, K., Won-Ki, H.: An implementation methodology of a gateway for inter-domain management between CORBA and SNMP. J. KISS Comput. Practices 6(1), 58–67 (2000)Google Scholar
  11. 11.
    Stavroulaki, V., Demestichas, K., Adamopoulou, E., Demestichas, P.: Distributed Web-based management framework for ambient reconfigurable services in the intelligent environment. J. Mobile Netw. Appl. 11(6), 889–900 (2006)CrossRefGoogle Scholar
  12. 12.
    Fong, C.-h.: A mobile agent framework for security enhanced and autonomic network and system management. PhD Thesis, University of Ulster, UK (2008)Google Scholar
  13. 13.
    The Foundation for Intelligent Physical Agents (FIPA). Official Web Site, 2007, Available online at http://www.fipa.org/
  14. 14.
    FIPA Abstract Architecture Specification. Version L, FIPA00001, FIPA Specification, 2002, Available online at http://www.fipa.org/specs/fipa00001/SC00001L.pdf
  15. 15.
    FIPA ACL Message Structure Specification. Version G, FIPA00061, FIPA Specification, 2002, Available online at http://www.fipa.org/specs/fipa00061/SC00061G.pdf
  16. 16.
    Helin, H., Laukkanen, M.: Towards efficient and reliable agent communication in wireless environments. Cooperative information agents V: 5th international workshop, CIA 2001, Modena, Italy, September 6–8, 2001. Proceedings, pp 258, (2001)Google Scholar
  17. 17.
    FIPA Agent Message Transport Protocol for IIOP Specification. Version G, FIPA00075, FIPA Specification, 2002, Available online at http://www.fipa.org/specs/fipa00075/SC00075G.pdf
  18. 18.
    Barker, E., Barker, W., Burr, W., Polk, W. et al.: Recommendation for Key Management—Part 1: General (Revised). NIST Special Publication 800-57, National Institute of Standards and Technology (NIST), 2007, Available online at http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-Part1-revised2_Mar08-2007.pdf
  19. 19.
    SNMPv3 White Paper. SNMP Research International, 2007, Available online at http://www.snmp.com/snmpv3/v3white.shtml
  20. 20.
    Eung-Gu, Y., Keum-Suk, L.: A mobile agent security management. In: 18th International conference on advanced information networking and applications, Fukuoka, Japan, pp 360–365 (2004)Google Scholar
  21. 21.
    Fong, C.-h., Parr, G.P., Morrow P.J.: Performance evaluation of a mobile agent based framework for security event management in IP networks. In: Managing next generation networks and services. Springer, pp 476–486 (2007)Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2010

Authors and Affiliations

  1. 1.Faculty of Computing and EngineeringUniversity of UlsterColeraineUK

Personalised recommendations