A Security Approach for Mobile Agent Based Crawler
Mobile agents are active objects that can autonomously migrate in a network to perform tasks on behalf of their owners. Though they offer an important new method of performing transactions and information retrieval in networks, mobile agents also raise several security issues related to the protection of host resources as well as the data carried by an agent itself. Mobile agent technology offers a new computing paradigm in which a program, in the form of a software agent, can suspend its execution on a host computer, transfer itself to another agent-enabled host on the network, and resume execution on the new host. Mobile Agent (MA) technology raises significant security concerns and requires a thorough security framework with a wide range of strategies and mechanisms for the protection of both agent platform and mobile agents against possibly malicious reciprocal behavior. The security infrastructure should have the ability to flexibly and dynamically offer different solutions to achieve different qualities of security service depending on application requirements. The protection of mobile agent systems continues to be an active area of research that will enable future applications to utilize this paradigm of computing. Agent systems and mobile applications must balance security requirements with available security mechanisms in order to meet application level security goals.
A security solution has been introduced, which protects both the mobile agent itself and the host resources that encrypt the data before passing it to mobile agent and decrypt it on the visited host sides i.e. it transfers the URL to the Mobile Agent System that will pass that encrypted URL to the server where it will be decrypted and used. The methods of Encryption/Decryption used are a Public-key Cipher System and a Symmetric Cipher System that focuses on submitting data to the server securely. The proposed approach solves the problem of malicious host that can harm mobile agent or the information it contain.
KeywordsUniform resource locator (URL) Mobile agent (MA) Hyper Text Transfer Protocol (HTTP)
Unable to display preview. Download preview PDF.
- 1.Anderson, J.P.: Computer Security Threat Monitoring and Surveillance. Technical Report, James P. Anderson Co., Fort Washington, PA (April 1980)Google Scholar
- 2.Asaka, M., Okazawa, S., Taguchi, A., Goto, S.: A Method of Tracing Intruders by Use of Mobile Agents. In: INET 1999 Conference (June 1999)Google Scholar
- 3.Balasubramaniyan, J., Garcia-Fernandez, J.O., Isacoff, D., Spafford, E.H., Zamboni, D.: An Architecture for Intrusion Detection using Autonomous Agents. Department of Computer Sciences, Purdue University, Coast TR 98-05 (1998)Google Scholar
- 4.Boudaoud, K., Labiod, H.: MA-NID: A Multi-Agent System for Network Intrusion Detection. In: Eighth International Conference on Intelligent Systems (June 1999)Google Scholar
- 5.Cabri, G., Leonardi, L., Zambonelli, F.: The Impact of the Coordination Model in the Design of Mobile Agent Applications. In: Twenty-Second Computer Software and Applications Conference, COMPSAC (August 1998)Google Scholar
- 6.Jansen, W., Karygiannis, T.: Privilege Management Mobile Agents. In: Twenty-Third National Information Systems Security Conference, pp. 362–370 (October 2000)Google Scholar
- 7.Karjoth, G., Asokan, N., Gülcü, C.: Protecting the Computation Results of Free-Roaming Agents. In: Second International Workshop on Mobile Agents, Stuttgart, Germany (September 1998)Google Scholar
- 8.Lange, D., Oshima, M.: Programming and Deploying Java Mobile Agents with Aglets. Addison-Wesley (1998) ISBN:0-201-32582-9Google Scholar
- 9.Martino, S.: A Mobile Agent Approach to Intrusion Detection. In: Joint Research Centre-Institute for Systems, Informatics and Safety, Italy (June 1999)Google Scholar
- 10.Yee, B.S.: A Sanctuary for Mobile Agents. Technical Report CS97-537, University of California in San Diego (April 28, 1997)Google Scholar