230 likes | 413 Views
Collaborative vs. Mobile Agents. A security overview on both infrastructure and ad-hoc networks Carlisle House. Overview. General agent security risks Collaborative agents and their security risks Mobile agents and their security risks Security comparison
E N D
Collaborative vs. Mobile Agents A security overview on both infrastructure and ad-hoc networks Carlisle House
Overview • General agent security risks • Collaborative agents and their security risks • Mobile agents and their security risks • Security comparison • Agent behavior in infrastructure and ad-hoc networks • Distributed downloading
General Agent Security Risks • Four main security situations • Protecting host from agent • Protecting agent from other agents • Protecting agents from machines • Protecting a group of machines from an agent
General Agent Security Risks • Authentication • Communication • Code tampering / modification
Collaborative Agents • Emphasize autonomy and cooperation • Solve large problems with static distributed computing • Allow for interconnecting and interoperation of multiple existing legacy systems. • Inter-agent coordination still ongoing issue
Security-based collaborative agent systems • Agent mechanisms distributed throughout network nodes • Usually have centralized agent server • Examples: • Cherubim • Seraphim
Collaborative agent security issues • Authentication upon network entry • Encryption for communication system • Transfer of rule set and agent code
Mobile Agents • Computational software processes capable of roaming networks • Also autonomous and cooperative • Reduced communication costs and limited resources • Easier coordination • Can be implemented for dynamic distributed computing
Security-based mobile agent systems • Roaming agents assessing host computer security as well as network health • Can have multiple mobile agents within network • Examples: • MAST • Aglets
Authentication How often? Associate and Disassociate issues Code integrity Communication issues Mobile agent security issues
Collaborative Communication issues mainly deal with network protection and integrity Authentication only needed beginning of session Mobile Communication issues deal with code space and OS access Authentication needed more often Agents more exposed to a variety of threats Comparison between systems
Agent system behavior • Looked at infrastructure and ad-hoc wireless network topologies • Network simulation implemented using Java • Observe system behavior on both systems • Performance • Security
Collaborative System • 64 node systems with centralized server components • Modified Cherubim system • Components tested • Node scanning mechanism (viral and patch) • Firewall • Communication transfer • Dynamic rule sets and patches
Mobile system • 64 node roaming network system with three agents • Firewall • Viral scanning • Patch management • Modified Aglets system
Collaborative Less network strain System more “up to date” More tolerant to heterogeneous network system Mobile Higher network utilization System requires more time for security purposes Observed infrastructure behavior
Collaborative Requires more complexity Central-based server system somewhat detrimental Mobile Better performance on ad-hoc network No need for complete server system Same amount of network utilization Ad-Hoc Observation
Distributed downloading • Attempt to improve efficiency • Similar to p2p systems • Modify both mobile and collaborative viral definition and patch delivery systems • Hope to decrease set up time
Collaborative Less complex to implement Performance increase Infrastrucure – 10% Ad-hoc – 3% Setup time Overall setup time decreased by 12% Mobile More complex Performance increase Infrastructure – 5% Ad-hoc – 4% Setup time Overall setup time decreased by 3% Distributed outcome
Conclusions • Collaborative agents have less security risks when compared to mobile agents • Collaborative agents better suited for use with infrastructure networks • Collaborative agents utilized distributed downloading better than mobile agents • Mobile agents perfect for ad-hoc networks
References • Abdalla, Michel. Cirne, Walfredo. Franklin, Leslie. Tabbara, Abdallah. “Security Issues in Agent Based Computing.” In 15th Brazilian Symposium on Computer Networks, Sao Carlos, Brazil, May 1997. • Domel, Peter. “Mobile Telescript Agents and the Web.” Proceedings of the 4th Annual Tcl/Tk Workshop, 1996. • Gray, Robert. Kotz, David. Nog, Saurab. Rus, Daniela. Cybenko, George. “Mobile Agents for Mobile Computing.” In Technical Report PCS-TR96-285, May 1996. • Gray, D. Kotz, G. Cybenko, and D. Rus, "D'Agents: Security in a Multiple Language Mobile-agent System ", Mobile Agents and Security, Lecture Notes in Computer Science, No. 1419, pages 154-187, Springer-Verlag, 1998. • Jansen, Wayne. “Countermeasures for Mobile Agent Security.” Computer Communications, Special Issue on Advances in Research and Application and Network Security, Summer 2000. • Kotz, David. Gray, Robert. Rue, Daniela. “Future Directions for Mobile Agent Research.” DS Online, 2002. • Kramer, Kwindla Hultman. Minar, Nelson. Maes, Pattie. “Tutorial: Mobile Software Agents for Dynamic Routing.” Mobile Computing and Communications Review, Vol. 3, No. 2, pp 12-16, 1999.
References • Liu, Zhaoyu. Prasad Naldurg, Seung Yi. Tin Qian. Roy H. Campbell. M. Dennis Mickunas. “An Agent Based Architecture for Supporting Application Level Security.” In the DARPA Information Survivability Conference and Exposition, Hilton Head Island, SC, January 2000. • Nwana, Hyacinth. “Software Agents: An Overview.” Knowledge Engineering Review, Vol. II, No 3, pp 1-40, September 1996. • Pashalidis, A. Fleury, M “Secure Network Management within an Open-source Mobile Agent Framework.” JNSM: Vol. 12, No. 1, 2004. • Rus, Daniela. Gray, Robert. Kotz, David. “Transportable Information Agents.” Technical Report: PCSTR96 -278, Department of Computer Science, Dartmouth College, 1996. • Sultanik E, Artz D, Anderson G, Kam M, Regli W, Peysakhov M, Sevy J, Belov N, Morizio N, and Mroczkowski A. "Secure mobile agents on ad hoc wireless networks." in The 15th Innovative Applications of Artificial Intelligence Conference, American Association for Artificial Intelligence, 2003. • Tripathi, Anand. Koka, Muralidhar. Karanth, Sandeep. Osipkov, Ivan. Talkad, Harsha. Ahmed, Tanvir. Johnson, David. Dier, Scott. “Robustness and Security in a Mobile-Agent based Network Monitoring System.” In Technical Report TR 04-003, January 2004.
Questions Thanks for listening.