Negotiation of Network Security Policy by Means of Agents

  • Pablo Martin
  • Agustin Orfila
  • Javier Carbo
Conference paper
Part of the Advances in Intelligent and Soft Computing book series (AINSC, volume 55)


Nowadays many intranets are deployed without enforcing any network security policy and just relying on security technologies such as firewalls or antivirus. In addition, the number and type of network entities are no longer fixed. Typically, laptops, PDAs or mobile phones need to have access to network resources occasionally. Therefore, it is important to design flexible systems that allow an easy administration of connectivity without compromising security. This article shows how software agents may provide secure configurations to a computer network in a distributed, autonomous and dynamic manner. Thus, here we describe the system architecture of a prototype, the negotiation protocol it uses and how it works in a sample scenario.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Beale, J., Deraison, R., Meer, H., Temmingh, R., Walt, C.V.D.: Nessus Network Auditing. Syngress Publishing (2004)Google Scholar
  2. 2.
    Bellifemine, F., Caire, G., Poggi, A., Rimassa, G.: Jade: A software framework for developing multi-agent applications. lessons learned. Information and Software Technology 50(1-2), 10–21 (2008)CrossRefGoogle Scholar
  3. 3.
    Bishop, M.A.: The Art and Science of Computer Security. Addison-Wesley Longman Publishing Co., Inc., Boston (2002)Google Scholar
  4. 4.
    FIPA: FIPA ACL Message Structure Specification. FIPA (2001),
  5. 5.
    Ioannidis, S., Keromytis, A.D., Bellovin, S.M., Smith, J.M.: Implementing a distributed firewall. In: CCS 2000: Proceedings of the 7th ACM conference on Computer and communications security, pp. 190–199. ACM, New York (2000)CrossRefGoogle Scholar
  6. 6.
    Krügel, C., Toth, T., Kirda, E.: Sparta, a mobile agent based instrusion detection system. In: Proceedings of the IFIP TC11 WG11.4 First Annual Working Conference on Network Security, pp. 187–200. Kluwer, B.V., Deventer (2001)Google Scholar
  7. 7.
    Udupi, Y.B., Singh, M.P.: Multiagent policy architecture for virtual business organizations. In: Proceedings of the IEEE International Conference on Services Computing, SCC 2006, pp. 44–51. IEEE Computer Society, Washington (2006)CrossRefGoogle Scholar
  8. 8.
    Udupi, Y.B., Singh, M.P.: Governance of cross-organizational service agreements: A policy-based approach. In: Proceedings of the 2007 IEEE International Conference on Services Computing, SCC 2007, pp. 36–43. IEEE Computer Society, Salt Lake City (2007)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Pablo Martin
    • 1
  • Agustin Orfila
    • 1
  • Javier Carbo
    • 1
  1. 1.Universidad Carlos III de MadridLeganesSpain

Personalised recommendations