Abstract
Enterprise security is complicated by the use of mobile devices. These devices roam outside the protections of the enterprise core network. They operate closer to threats while simultaneously being farther from the enterprise, which makes compromise more likely and response more difficult. This paper describes an approach using software agents installed on endpoint devices to maintain security of these devices and their associated enterprise. These agents monitor local activity, prevent harmful behavior, allow remote management, and report back to the enterprise. The challenge in this environment is the security of the agents and their communication with the enterprise. This work presents an agent architecture that operates within a high-security Enterprise Level Security (ELS) architecture that preserves end-to-end integrity, encryption, and accountability. This architecture uses secure hardware for sensitive key operations and device attestation. Software agents leverage this hardware security to provide services consistent with the ELS framework. Additional agents leverage this baseline security to provide additional features and functions. This enables an enterprise to manage and secure all endpoint device agents and their communications with other enterprise services.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Apple. iOS Security, iOS 12.1, November 2018. https://www.apple.com/business/site/docs/iOS_Security_Guide.pdf
Assink, A.: The Potential of Agent Architectures (2016). https://dzone.com/articles/the-potential-of-agent-architectures
Berkovits, S., Guttman, J.D., Swarup, V.: Authentication for mobile agents. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, pp. 114–136. Springer, Heidelberg (1998). https://doi.org/10.1007/3-540-68671-1_7
Foltz, K., Simpson, W.: Secure endpoint device agent architecture. In: Proceedings of 21st International Conference on Enterprise Information Systems (ICEIS 2019), Heraklion, Greece, 3–5 May 2019
Foltz, K., Simpson, W.: Enterprise level security with homomorphic encryption. In: Proceedings of 19th International Conference on Enterprise Information Systems (ICEIS 2017), Porto, Portugal, 26–29 April 2017
Foltz, K., Simpson, W.R.: The virtual application data center. In: Proceedings of Information Security Solutions Europe (ISSE 2016), Paris, France (2016a)
Foltz, K., Simpson, W.R.: Enterprise level security – basic security model. In: Proceedings of the 7th International Multi-Conference on Complexity, Informatics, and Cybernetics: (IMCIC 2016). Orlando, FL (2016b)
Foltz, K., Simpson, W.R.: Federation for a secure enterprise. In: Proceedings of the Twenty-first International Command and Control Research and Technology Symposium (ICCRTS 2016). London, UK (2016c)
Liu, Z., Wang, Y.: A secure agent architecture for sensor networks. In: Proceedings of the International Conference on Artificial Intelligence, IC-AI 2003, Las Vegas, Nevada 2003
Šimo, B., Balogh, Z., Habala, O., Budinská, I., Hluchý, L.: Architecture of the Secure Agent Infrastructure for Management of Crisis Situations. Institute of Informatics, Slovak Academy of Sciences, Dúbravská cesta 9, 845 07 Bratislava, Slovakia (2009) http://www.secricom.eu/images/articles/UISAV_simo_final.pdf
Simpson, W.R.: Enterprise Level Security – Securing Information Systems in an Uncertain World, p. 397. CRC Press, Boca Raton (2016)
Trias, E.D., et al.: Enterprise level security. In: Proceedings of the 35th MILCOM Conference, pp. 31–36 (2016). https://doi.org/10.1109/milcom.2016.7795297. http://ieeexplore.ieee.org/document/7795297/
Trusted Computing Group. TPM 2.0 Library Specification, 29 September 2016. https://trustedcomputinggroup.org/resource/tpm-library-specification/
Varadharajan, V., Foster, D.: A security architecture for mobile agent based applications. World Wide Web 6, 93 (2003). https://doi.org/10.1023/A:1022360516731
Wang, A.I., Sørensen, C.-F., Indal, E.: A Mobile Agent Architecture for Heterogeneous Devices. Department of Computer and Information Science, Norwegian University of Science and Technology, N-7491 Trondheim, Norway (2003). https://pdfs.semanticscholar.org/874b/20fbd73f5c598c8032db0c6c9e5708bc7cec.pdf?_ga=2.107853322.929957899.1544120432-1559163387.1544120432
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Foltz, K., Simpson, W.R. (2020). Enterprise Security with Endpoint Agents. In: Filipe, J., Śmiałek, M., Brodsky, A., Hammoudi, S. (eds) Enterprise Information Systems. ICEIS 2019. Lecture Notes in Business Information Processing, vol 378. Springer, Cham. https://doi.org/10.1007/978-3-030-40783-4_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-40783-4_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-40782-7
Online ISBN: 978-3-030-40783-4
eBook Packages: Computer ScienceComputer Science (R0)