Skip to main content
SpringerLink
Log in

A survey of security issue in multi-agent systems

  • Published:
Artificial Intelligence Review Aims and scope Submit manuscript

Abstract

Multi-agent systems have attracted the attention of researchers because of agents’ automatic, pro-active, and dynamic problem solving behaviors. Consequently, there has been a rapid development in agent technology which has enabled us to provide or receive useful and convenient services in a variety of areas such as banking, transportation, e-business, and healthcare. In many of these services, it is, however, necessary that security is guaranteed. Unless we guarantee the security services based on agent-based systems, these services will face significant deployment problems. In this paper, we survey existing work related to security in multi-agent systems, especially focused on access control and trust/reputation, and then present our analyses. We also present existing problems and discuss future research challenges.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  • Abadi M, Burrows M, Lampson B, Plotkin G (1992) A calculus for access control in distributed systems. In: Feigenbaum J (eds) CRYPTO 1991, LNCS 576. Springer, Berlin, pp 1–23

    Google Scholar 

  • Abdul-Rahman A (2005) A framework for decentralised trust reasoning. Ph.D. Thesis, Department of Computer Science, University College London, UK

  • Abdul-Rahman A, Hailes S (2000) Supporting trust in virtual communities. In: Proceedings of the 33rd international conference on system sciences. IEEE Computer Society, p 6007

  • Aglets (2002) Aglets. http://www.trl.ibm.com/aglets/. Accessed 1 Apr 2011

  • Arts D, Gil Y (2007) A survey of trust in computer science and the semantic web. J Web Semant 5: 58–71

    Article  Google Scholar 

  • Bäumer C, Magedanz T (1999) Grasshopper—a mobile agent platform for active telecommunication networks. In: Albayrak S (eds) Intelligent agents for telecommunication applications, LNCS 1699. Springer, Berlin, pp 19–32

    Chapter  Google Scholar 

  • Bell DE, La Padula L (1976) Secure computer system: unified exposition and multics interpretation. ESD-TR-75-306 ESA/AFSC, The MITRE Corporation

  • Berkovits S, Guttman JD, Swarup V (1998) Authentication for mobile agents. In: Vigna G (eds) Mobile agents and security, LNCS 1419. Springer, Berlin, pp 114–136

    Chapter  Google Scholar 

  • Bertino E, Bonatti PA, Ferrari E (2001) TRBAC: a temporal role-based access control model. ACM Trans Inf Syst Security 4(3): 191–233

    Article  Google Scholar 

  • Beydoun G, Gonzalez-Perez C, Henderson-Sellers B, Low G et al (2006) Developing and evaluating a generic metamodel for MAS work products. In: Garcia A (eds) Software engineering for multi-agent systems IV, LNCS 3914. Springer, Berlin, pp 126–142

    Chapter  Google Scholar 

  • Beydoun G, Low G, Mouratidis H, Henderson-Sellers B (2009) A security-aware metamodel for multi-agent systems (MAS). Inf Softw Technol 51: 832–845

    Article  Google Scholar 

  • Boella G, van der Torre LWN (2004) Permission and authorization in policies for virtual communities of agents. In: Proceedings of the 3rd international workshop on agents and peer-to-peer computing, pp 86–97

  • Borselius N (2002) Mobile agent security. Electron Commun Eng J 14(5): 211–218

    Article  Google Scholar 

  • Bresciani P, Giorgini P, Giunchiglia F, Mylopoulos J, Perini A (2004a) TROPOS: an agent-oriented software development methodology. J Auton Agents Multi Agent Syst 8(3): 203–236

    Article  Google Scholar 

  • Bresciani P, Giorgini P, Mouratidis H, Manson G (2004b) Multi-agent systems and security requirements analysis. In: Proceedings of software engineering for multi-agent systems, LNCS 2940. Springer, Berlin, pp 35–48

  • Bürkle A, Hertel A, Müller W, Wieser M (2009) Evaluating the security of mobile agent platforms. Auton Agents Multi Agent Syst 18(2): 295–311

    Article  Google Scholar 

  • Chandran SM, Joshi JBD (2005) LoT RBAC: a location and time-based RBAC model. In: Proceedings of the 6th international conference on web information systems engineering (WISE 2005)

  • Chess D, Harrison C, Kershenbaum A (1996) Mobile agents: are they a good idea? In: Proceedings of 2nd international workshop on mobile object systems, LNCS 1222. Springer, Berlin, pp 25–47

  • Covington M, Fogla P, Zhan Z, Ahamad M (2002) A context-aware security architecture for emerging applications. In: Proceedings of the 18th annual computer security applications conference, pp 249–258

  • Cremonini M, Omicini A, Zambonelli F (2000) Coordination and access control in open distributed agent systems: the TuCSoN approach. In: Porto A, Roman GC (eds) Coordination languages and models, LNCS 2906. Springer, Berlin, pp 369–390

    Google Scholar 

  • Damiani M, Bertino E, Catania B, Perlasca P (2007) GEO-RBAC: a spatially aware RBAC. ACM Trans Inf Syst Security (TISSEC) 10(1): 1–42

    Article  Google Scholar 

  • Farmer WM, Guttman J, Swarup V (1996) Security for mobile agents: authentication and state appraisal. In: Proceedings of the 4th European symposium on research in computer security, pp 118–130

  • Ferber J (1999) Multi-agent system: an introduction to distributed artificial intelligence. Addison Wesley Longman, Harlow

    Google Scholar 

  • FIPA (2002a) FIPA abstract architecture specification, SC00001L. http://www.fipa.org/specs/fipa00001/SC00001L.pdf

  • FIPA (2002b) FIPA agent massage transport service specification, SC00067F. http://www.fipa.org/specs/fipa00067/SC00067F.pdf

  • FIPA (2002c) FIPA MAS security white paper, f-out-000113

  • FIPA (2004) FIPA agent management specification, SC00023K. http://www.fipa.org/specs/fipa00023/SC00023K.pdf

  • Fischmeister S, Vigna G, Kemmerer RA (2001) Evaluating the security of three Java-based mobile agent systems. In: Proceedings of the 5th international conference on mobile agents, pp 31–41

  • Franklin S, Graesser A (1996) Is it an agent, or just a program? a taxonomy for autonomous agents. In: Proceedings of the workshop on intelligent agents III, LNCS 1193. Agent Theories, Architectures, and Languages, London, pp 21–35

  • Ghanea-Hercock RA, Gifford I (2001) Top-secret multi-agent systems. Electron Notes Theor Comput Sci 63: 77–90

    Article  Google Scholar 

  • Grandison T, Sloman M (2000) A survey of trust in internet applications. IEEE Commun Surv Tutor 3(4): 2–16

    Article  Google Scholar 

  • Greenberg MS, Byington JC, Harper DG (1998) Mobile agents and security. IEEE Commun Mag 36(7): 76–85

    Article  Google Scholar 

  • Griffiths N (2005) Task delegation using experience-based multi-dimensional trust. In: Proceedings of AAMAS’05, Utrecht, Netherlands, pp 489–496

  • Hohl F (1998) Time limited blackbox security: protecting mobile agents from malicious hosts. In: Vigna G (eds) Mobile agents and security, LNAI 1419. Springer, Berlin, pp 92–113

    Chapter  Google Scholar 

  • Hu Y, Tang C (2003) Agent-oriented public key infrastructure for multi-agent E-service. In: Proceedings of the 7th international conference on knowledge-based intelligent information and engineering systems, pp 114–136

  • Huynh D (2009) A personalized framework for trust assessment. In: Proceedings of ACM symposium on applied computing, Honolulu, pp 1302–1307

  • Huynh D, Jennings NR, Shadbolt NR (2004) FIRE: developing an integrated trust and reputation model for open multi-agent Systems. In: Proceedings of 16th ECAI, pp 18–22

  • Huynh D, Jennings NR, Shadbolt NR (2006a) An integrated trust and reputation model for open multi-agent systems. Auton Agent Multi Agent Syst 13: 119–154

    Article  Google Scholar 

  • Huynh D, Jennings NR, Shadbolt NR (2006b) Certified reputation: how an agent can trust a stranger. In: Proceedings of AAMAS’06, Hakodate, Japan, pp 1217–1224

  • JADE (2007) http://jade.tilab.com/

  • Jansen WA (2000) Countermeasure for mobile agent security. Comput Commun 23(17): 1667–1676

    Article  Google Scholar 

  • Jennings NR, Sycara K, Wooldridge M (1998) A roadmap of agent research and development. Auton Agents Multi Agent Syst 1(1): 7–38

    Article  Google Scholar 

  • Joshi JBD, Bertino E, Latif U, Ghafoor A (2005) A generalized temporal role-based access control model. IEEE Trans Knowl Data Eng 17(1): 4–23

    Article  Google Scholar 

  • Jumping Beans (2006) http://jumpingbeans.com/, Accessed 1 Apr 2011

  • Jung Y, Masoumzadeh A, Joshi JBD, Kim M (2008) RiBAC: role interaction based access control model for community computing. In: Proceedings of 4th international conference on collaborative computing: networking, applications and worksharing

  • Lampson BW (1974) Protection. SIGOPS Oper Syst Rev 8(1): 18–24

    Article  Google Scholar 

  • Lampson B, Abadi M, Burrows M, Wobber E (1992) Authentication in distributed systems: theory and practice. ACM Trans Comput Syst 10: 265–310

    Article  Google Scholar 

  • Li B, Xing M, Zhu J, Che T (2008) A dynamic trust model for the multi-agent systems. In: Proceedings of international symposiums on information processing, pp 500–504

  • Liau C (2003) Belief, information acquisition, and trust in multi-agent systems—a modal logic formulation. Artif Intell 149(1): 31–60

    Article  MathSciNet  MATH  Google Scholar 

  • Lim Choi Keung SN, Griffiths N et al (2008) Towards improved partner selection using recommendations and trust. In: Falcone R (eds) Trust in agent societies, LNAI 5396. Springer, Berlin, pp 43–64

    Chapter  Google Scholar 

  • Mouratidis H (2007) Secure tropos: a security-oriented extension of the tropos methodology. Int J Softw Eng Knowl Eng (IJSEKE) 17(2): 285–309

    Article  Google Scholar 

  • Mouratidis H, Giorgini P (2009) Enhancing secure tropos to effectively deal with security requirements in the development of multiagent systems. In: Barley M, Mouratidis H, Unruh A, Spears D, Scerri P, Massacci F (eds) Safety and security in multiagent systems, LNAI 4324. Springer, Berlin, pp 8–26

    Chapter  Google Scholar 

  • Mouratidis H, Giorgini P, Manson G (2003) Modeling secure multiagent system. In: Proceedings of the 2nd international joint conference on autonomous agents and multiagent systems, Melbourne, pp 859–866

  • Mui L, Mohtashemi M, Halberstadt A (2002) A computational model of trust and reputation. In: Proceedings of the 35th international conference on system science, pp 280–287

  • Necula GC, Lee P (1998) Safe, untrusted agents using proof-carrying code. In: Vigna G (eds) Mobile agents and security, LNCS 1419. Springer, Berlin, pp 61–91

    Chapter  Google Scholar 

  • Novák P, Rollo M, Hodík J, Vlcek T (2003) Communication security in multi-agent systems. In: Proceedings of the 3rd international central and eastern European conference on multi-agent systems, pp 454–463

  • Omicini A, Ricci A, Viroli M (2005) RBAC for organisation and security in an agent coordination infrastructure. Electron Notes Theor Comput Sci 128(5): 65–85

    Article  Google Scholar 

  • Poggi A, Tomaiuolo M, Vitaglione G (2004) A security infrastructure for trust management in multi-agent systems. In: Falcone R, Barber S, Sabater-Mir J, Singh M (eds) Trusting agents for trusting electronic societies, LNCS 3577. Springer, Berlin, pp 162–179

    Google Scholar 

  • Poslad S, Charlton P, Calisti M (2002) Specifying standard security mechanisms in multi-agent systems. In: Proceedings of autonomous agents and multi-agent systems (AAMAS 2002)

  • Pujol JM, Sanguesa R, Delgado J (2002) Extracting reputation in multi agent systems by means of social network topology. In: Proceedings of autonomous agents and multi-agent systems (AAMAS 2002), Bologna, pp 467–474

  • Ramchurn SD, Huynh D, Jennings NR (2004) Trust in multi-agent systems. Knowl Eng Rev 19(1): 1–25

    Article  Google Scholar 

  • Resnick P, Kuwabara K, Zeckhauser R, Friedman E (2000) Reputation systems. Commun ACM 43(12): 45–48

    Article  Google Scholar 

  • Riordan J, Schneier B (1998) Environmental key generation towards clueless agents. In: Vigna G (eds) Mobile agents and security, LNCS 1419. Springer, Berlin, pp 15–24

    Chapter  Google Scholar 

  • Roth V (1998) Secure recording of itineraries through cooperating agents. In: Proceedings of 4th workshop on mobile object systems: secure internet mobile computations. INRIA, France, pp 147–154

  • Sabater J, Sierra C (2001) REGRET: a reputation model for gregarious societies. In: Proceedings of 4th workshop on deception, fraud and trust in agent societies, Montreal, Canada, pp 61–69

  • Sabater J, Sierra C (2002) Reputation and social network analysis in multi-agent systems. In: Proceedings of 1st AAMAS, Bologna, pp 475–482

  • Sabater J, Sierra C (2005) Review on computational trust and reputation models. Artif Intell Rev 24: 33–60

    Article  MATH  Google Scholar 

  • Samarati P, De Capitani di Vimercati S (2001) Access control: policies, models, and mechanisms. In: Focardi R, Gorrieri R (eds) Foundations of security analysis and design, LNCS 2171. Springer, Berlin, pp 137–196

    Chapter  Google Scholar 

  • Sandhu R, Samarati P (1996) Authentication, access control, and audit. ACM Comput Surv 28(1): 241–243

    Article  Google Scholar 

  • Sandhu R, Coyne EJ, Feinstein HL, Youman CE (1996) Role-based access control models. Computer 29(2): 38–47

    Article  Google Scholar 

  • Schillo M, Funk P, Rovatsos M (2000) Using trust for detecting deceitful agents in artificial societies. Appl Artif Intell 14((8): 825–848

    Article  Google Scholar 

  • Sekar R, Ramakrishnan CR, Ramakrishnan IV, Smolka SA (2001) Model-carrying code (MCC): a new paradigm for moblie-code security. In: Proceedings the new security paradigms workshop (NSPW2001), pp 23–30

  • SeMoA (2007) http://semoa.sourceforge.net/

  • Such J, Alberola J, Garcia-Fornes A, Espinosa A, Botti V (2009) Kerberos-based secure multiagent platform. In: Hindriks KV, Pokahr A, Sardina S (eds) Programming multi-agent systems, LNCS 5442. Springer, Berlin, pp 197–210

    Chapter  Google Scholar 

  • van’t Noordende GJ, Brazier FMT, Tanenbaum AS (2004) Security in a mobile agent system. In: Proceedings of the 1st IEEE symposium on multi-agent security and survivability, pp 35–45

  • Vigna G (1997) Protecting mobile agents through tracing. In: Proceedings of the 3rd ECOOP workshop on mobile object systems, Jyvälskylä

  • Vuong ST, Fu P (2001) A security architecture and design for mobile intelligent agent systems. ACM SIGAPP Appl Comput Rev 9(3): 21–30

    Article  Google Scholar 

  • Wang Y, Singh MP (2006a) Trust representation and aggregation in a distributed agent system. In: Proceedings of 21st AAAI, pp 1425–1430

  • Wang Y, Singh MP (2006b) Trust via evidence combination: a mathematical approach based on certainty. TR 2006-11, North Carolina State University, Raleigh

  • Wang Y, Singh MP (2007) Formal trust model for multiagent systems. In: Proceedings of the 20th international joint conference on artificial intelligence (IJCAI’07), pp 1551–1556

  • Wang S, Hu J, Liu A, Wang J (2005) Security frame and evaluation in mobile agent system. In: Proceedings of 2nd international conference on mobile technology, applications, and systems, pp 1–6

  • Wangham MS, da Silva Fraga J, Schmidt R, Rabelo RJ (2004) MASS: a mobile agent security scheme for the creation of virtual enterprises. In: Proceedings of the 1st international workshop on mobility aware technologies and applications, pp 234–243

  • Wen W, Mizoguchi F (2000) An authorization-based trust model for multiagent systems. Appl Artif Intell 14(9): 909–925

    Article  Google Scholar 

  • Wilikens M, Feriti S, Sanna A, Masera M (2002) A context-related authorization and access control method based on RBAC. In Proceedings of the 7th ACM symposium on access control models and technologies, pp 117–124

  • Wooldridge M, Jennings NR (1995) Intelligent agents: theory and practice. Knowl Eng Rev 10: 115–152

    Article  Google Scholar 

  • Young A, Yung M (1997) Sliding encryption: a cryptographic tool for mobile agents. In: Proceedings of the 4th international workshop of fast software encryption, LNCS 1267, pp 230–241

  • Yu B, Singh MP (2002) Distributed reputation management for electronic commerce. Comput Intell 18(4): 535–549

    Article  MathSciNet  Google Scholar 

  • Yu B, Singh MP (2003) Searching social networks. In: Proceedings 2nd of AAMAS, pp 65–72

  • Zacharia G, Maes P (2000) Trust through reputation mechanism. Appl Artif Intell 14: 881–907

    Article  Google Scholar 

  • Zhang G, Parashar M (2004) Context-aware dynamic access control for pervasive applications. In: Proceedings of communication networks and distributed systems modeling and simulation conference

Download references

Author information

Authors and Affiliations

  1. LERSAIS, School of Information Sciences, University of Pittsburgh, 410 IS Building, 135 N. Bellefield Avenue, Pittsburgh, PA, 15260, USA

    Youna Jung, Minsoo Kim, Amirreza Masoumzadeh & James B. D. Joshi

Authors
  1. Youna Jung
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Minsoo Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Amirreza Masoumzadeh
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. James B. D. Joshi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Youna Jung.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Jung, Y., Kim, M., Masoumzadeh, A. et al. A survey of security issue in multi-agent systems. Artif Intell Rev 37, 239–260 (2012). https://doi.org/10.1007/s10462-011-9228-8

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10462-011-9228-8

Keywords

Search

Navigation