By Olga Gelbart rosa@seas.gwu.edu Mobile Agents By Olga Gelbart rosa@seas.gwu.edu.

Slides:



Advertisements
Similar presentations
Intermediate 2 Computing
Advertisements

Agents & Mobile Agents.
Information System Security AABFS-Jordan Summer 2006 Mobile Code Security Prepared by: Mossab Al Hunaity Supervised by: Dr. Loai Tawalbeh.
Mobile Agents Mouse House Creative Technologies Mike OBrien.
Mobile Code Security Yurii Kuzmin. What is Mobile Code? Term used to describe general-purpose executables that run in remote locations. Web browsers come.
Security Issues in Mobile Code Systems David M.Chess, High Integrity Computing Lab, IBM T.J. Watson Research Center Hawthorne, NY, USA Mobile code systems.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Christian Devalez (Sunday, 19 April 2015) Mobility and Progressive Application Streaming.
The Mobile Code Paradigm and Its Security Issues Anthony Chan and Michael Lyu September 27, 1999.
Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.
Internet, Intranet and Extranets
Agent Caching in APHIDS CPSC 527 Computer Communication Protocols Project Presentation Presented By: Jake Wires and Abhishek Gupta.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Context-based Information Sharing and Authorization in Mobile Ad Hoc Networks Incorporating QoS Constraints Sanjay Madria, Missouri University of Science.
Business Data Communications, Fourth Edition Chapter 10: Network Security.
Design, Implementation, and Experimentation on Mobile Agent Security for Electronic Commerce Applications Anthony H. W. Chan, Caris K. M. Wong, T. Y. Wong,
EEC-681/781 Distributed Computing Systems Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
The Mobile Code Paradigm and Its Security Issues Anthony Chan September 13, 1999.
AgentOS: The Agent-based Distributed Operating System for Mobile Networks Salimol Thomas Department of Computer Science Illinois Institute of Technology,
Tcl Agent : A flexible and secure mobile-agent system Paper by Robert S. Gray Dartmouth College Presented by Vipul Sawhney University of Pennsylvania.
Chapter 6: Hostile Code Guide to Computer Network Security.
Chapter 5 Roles and features. objectives Performing management tasks using the Server Manager console Understanding the Windows Server 2008 roles Understanding.
1 Networks, advantages & types of What is a network? Two or more computers that are interconnected so they can exchange data, information & resources.
1 Kyung Hee University Prof. Choong Seon HONG Network Control.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.
Csci5233 Computer Security1 Bishop: Chapter 27 System Security.
Mobile Agent Technology for the Management of Distributed Systems - a Case Study Claudia Raibulet& Claudio Demartini Politecnico di Torino, Dipartimento.
Active Monitoring in GRID environments using Mobile Agent technology Orazio Tomarchio Andrea Calvagna Dipartimento di Ingegneria Informatica e delle Telecomunicazioni.
3-Protecting Systems Dr. John P. Abraham Professor UTPA.
CSC8320. Outline Content from the book Recent Work Future Work.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
CDP Standard Grade1 Commercial Data Processing Standard Grade Computing Studies.
EIDE Design Considerations 1 EIDE Design Considerations Brian Wright Portland General Electric.
Firewall Technologies Prepared by: Dalia Al Dabbagh Manar Abd Al- Rhman University of Palestine
CH1. Hardware: CPU: Ex: compute server (executes processor-intensive applications for clients), Other servers, such as file servers, do some computation.
Advanced Computer Networks Topic 2: Characterization of Distributed Systems.
MOBILE AGENTS What is a software agent ? Definition of an Agent (End-User point of view): An agent is a program that assists people and acts on their behalf.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.
INTRODUCTION TO WEB APPLICATION Chapter 1. In this chapter, you will learn about:  The evolution of the Internet  The beginning of the World Wide Web,
Mobile Agents For Mobile Computing Department Of Computer Science – Dartmouth College Robert Gray David Kotz Saurab Nog Daniela Rus George Cybenko.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Mobile Agent Security Presented By Sayuri Yonekawa October 17, 2000.
ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.
Agent Based Transaction System CS790: Dr. Bruce Land Sanish Mondkar Sandeep Chakravarty.
D’Agents 1 Presented by Haiying Tan May, 2002 D’Agents: Security in a multiple-language, mobile-agent system Robert S. Gary, David Kotz, George Cybenko,
Web Server.
Web Services Security Patterns Alex Mackman CM Group Ltd
Mobile Agents M. L. Liu. Distributed Computing, M. L. Liu2 Introduction Mobile agent is a distributed computing paradigm. It has become viable, with recent.
1 Chapter 13: RADIUS in Remote Access Designs Designs That Include RADIUS Essential RADIUS Design Concepts Data Protection in RADIUS Designs RADIUS Design.
Institute for Visualization and Perception Research 1 © Copyright 1999 Haim Levkowitz Java-based mobile agents.
EEL 5937 Mobile agents EEL 5937 Multi Agent Systems Lotzi Bölöni.
Web Database Security Session 12 & 13 Matakuliah: Web Database Tahun: 2008.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Internet, Intranet and Extranets
Alternatives to Mobile Agents
Hot Topics:Mobility in the Cloud
Internet, Intranet and Extranets
Internet, Intranet and Extranets
Mobile Agents.
Mobile Agents M. L. Liu.
Unit V Mobile Middleware.
In Distributed Systems
Designing IIS Security (IIS – Internet Information Service)
Preventing Privilege Escalation
Presentation transcript:

By Olga Gelbart rosa@seas.gwu.edu Mobile Agents By Olga Gelbart rosa@seas.gwu.edu

What is an agent? A program (“software agent”), e.g., Personal assistant (mail filter, scheduling) Information agent (tactical picture agent) E-commerce agent (stock trader, bidder) Recommendation agent (Firefly, Amazon.com) A program that can interact with users, applications, and agents collaborate with the user Software agents help with repetitive tasks http://agent.cs.dartmouth.edu/

Is everything an “agent”? Not all programs are agents Agents are customized persistent autonomous adaptive http://agent.cs.dartmouth.edu/

What is a mobile agent? Mobile agent: Agent that Search engine Machine A Machine B Mobile agent: Agent that migrates from machine to machine in a heterogeneous network at times of its own choosing http://agent.cs.dartmouth.edu/

Definition In a broad sense, an agent is any program that acts on behalf of a (human) user. A mobile agent then is a program which represents a user in a computer network, and is capable of migrating autonomously from node to node, to performs some computation on behalf of the user.

How it works? Agent Host A Host B Host C Network

Mobile Agent Attributes Code State Execution state Object state Name Identifier Authority Agent system type Location

Evolution of the “mobile agent” paradigm

Assumptions about computer systems violated by mobile agents Whenever a program attempts some action, we can easily identify a person to whom that action can be attributed, and it is safe to assume that that person intends the action to be taken. Only persons that are know to the system can execute programs on the system. There is one security domain corresponding to each user; all actions within that domain can be treated the same way. Single-user systems require no security. Essentially all programs are obtained from easily identifiable and generally trusted sources The users of a given piece of software are restrained by law and custom from various actions against the manufacturer’s interests

Assumptions violated by mobile agents (cont’d) Significant security threats come from attackers running programs with the intent of accomplishing unauthorized results. Programs cross administrative boundaries only rarely, and only when people intentionally transmit them. A given instance of a program runs entirely on one machine; processes do not cross administrative boundaries at all. A given program runs on only one particular operating system. Computer security is provided by the operating system

Benefits of mobile agents Bandwidth conservation Reduction of latency Reduction of completion time Asynchronous (disconnected) communications Load balancing Dynamic deployment Reduction of communication Communication latency can be reduced since an agent can carry a sequence of service requests across the network, and there is no need to send these requests separately. Moving the agent to the data source can reduce communication bandwidth. In this case, only the resulting data is transmitted to the client thus reducing the data before transmission. Reduction of network connection time is also important. In the case of mobile code, a client needs to be connected only twice: while sending an agent and while receiving results back. Asynchronous tasks This goes in hand with reducing network connection time: after transferring a task to the network (via a mobile agent), a client can disconnect from the network and connect again only to receive results (which can be hours of days later). Clearly, this allows for execution on asynchronous tasks. Dynamic Protocols and Intelligent Data Some initial mutual protocol is required for the client and the server to start communication and for the server to receive a mobile agent. But after the initial communication is established a mobile agent can dynamically adapt to an appropriate protocol required for communication back to its home server. For example, an agent transmitting news updates can use a specialized multicast protocol for transmission to clients utilizing different communication protocol. An agent can dynamically adapt to this kind of situation. Software Deployment Mobile agents can be used for automation of software installations and upgrades. Temporary Applications Java applets can serve as examples of temporary applications: small applications, which do not require installation, can be temporarily downloaded and discarded when their task is finished. Route planners for travelers are examples of such applications. Distributed Heterogeneous Computing Mobile agents can provide a communications infrastructure for tasks in a distributed environment. For example, agents can collect data on one node and transfer is to another (an agent collects raw data from a system and submits it to a graph plotter server – can be faster than transmitting a whole image). Scalable applications As an example, we can look at a searching program. In a typical client-server situation, retrieved documents (from various data sources) are transferred to the client and sorted or filtered there. The client as part of the network creates a bottleneck. Mobile agents can perform content-based filtering on the spot and also get rid duplicate or redundant documents before transferring results back to the client.

Reason 1: Bandwidth conservation Text documents, numerical data, etc. Dataset Client/Proxy Server Dataset Client/Proxy Server http://agent.cs.dartmouth.edu/

Reason 2: Reduce latency Sumatra chat server (a “reflector”) 1. Observe high average latency to clients 2. Move to better location http://agent.cs.dartmouth.edu/

Reason 3: Reduce Completion Time Efficiency 1. Send code with unique query Low bandwidth channel Mobile users 3. Return requested data 2. Perform multi-step queries on large, remote, heterogeneous databases http://agent.cs.dartmouth.edu/

Reason 4: X X X X Disconnected communication and operation Before After http://agent.cs.dartmouth.edu/

Reason 5: Load balancing Jobs/Load Jobs/Load migrate in a heterogeneous network of machines http://agent.cs.dartmouth.edu/

Reason 6: Dynamic Deployment Unique needs: maps, weather, tactical updates.... Command post Tactical updates Map, terrain databases Weather http://agent.cs.dartmouth.edu/

Threats posed by mobile agents Destruction of data, hardware, current environment Denial of service block execution take up memory prevention of access to resources/network Breach of privacy / theft of resources obtain/transmit privileged information use of covert channels Harassment Display of annoying/offensive information screen flicker Repudiation ability to deny an event / action ever happened Destruction of: files on the internal / external data storage. These files can be an kind ranging from configuration (operating system specific) to data files. This can be either deletion of corruption. Hardware : hardware-intensive executions which eventually may destroy it destruction of current execution environment: processes, stack, etc Denial of service: block execution of other processes take up all memory by replication prevention of access to data resources internally or from the network (a host is a server on some kind of a network) Breach of privacy & theft of resources: Malicious mobile agents can obtain privilege levels higher than required for an agent execution and gain unauthorized access to private information stored in internal data storage or external data storage (which could be a disk array or a database server). This private information (such as medical data or financial records) can then be take by the agent when it leaves and transmitted. Secret recording from a computer microphone and the following transmission of information to an unauthorized cite. Us of covert channels to transfer information to an unauthorized cite. Harassment: Display of annoying or offensive materials onto computer screen, periodic screen flicker are more damaging to the human user than to the computer itself, but should still be considered, since this is a threat to human working conditions. It’s dangerous especially if the screen flicker is introduced at a frequency known to cause seizures in sensitive people. Repudiation: ability to deny an event ever happened and get away with it. This is more of an “after effect”, but is still important. If an unwanted event happens, there should be some way to prove that it was caused by a malicious mobile agent.

Protection methods against malicious mobile agents Authenticating credentials certificates and digital signatures Access Control and Authorization Reference monitor security domains policies Software-based Fault Isolation Java’s “sandbox” Monitoring auditing of agent’s activities setting limits Proxy-based approach to host protection Code Verification - proof-carrying code

Threats to mobile agents Denial of service Unauthorized use or access of code/data Unauthorized modification or corruption code/data Unauthorized access, modification, corruption, or repeat of agent external communication

Possible attacks on mobile agents Denial of service Impersonation Host Agent Replay Eavesdropping Communication Code & data Tamper attack

Protection of mobile agents Encryption code payload Code obfuscation Time-limited black-box security

Application: Technical reports GUI on home machine Machine n Machine 1 ... 1. Send agent 2. Send child agents / collect partial results 3. Return merged and filtered results Dynamically selected proxy site http://agent.cs.dartmouth.edu/

Application: Military Wired network Wireless Network Technical specs Troop positions Orders and memos http://agent.cs.dartmouth.edu/

Application: e-commerce Arbiter VendorA VendorB Bank Agent Agent Yellow pages http://agent.cs.dartmouth.edu/

Mobile agent systems

More examples and “bots” Tryllian mobile agent system Bots mysimon.com amazon.com - customer preferences

Current trends lead to mobile agents Increased need for personalization Server-side Information overload “Customization” Mobile code to server or proxy Too many unique, dispersed clients to handle Diversified population Proxy-based Multiple sites to visit Mobile Agents Bandwidth gap Avoid large transfers Mobile code to client Avoid “star” itinerary Mobile users and devices Disconnected Operation High latency

Migrating to migrating code Applets Proxies that accept servlets Services that Proxies provided by existing ISP’s Mobile Agents Intranet Internet

Conclusion: Cons Security is too big a concern Overhead for moving code is too high Not backward compatible with Fortran, C …. Networks will be so fast, performance not an issue

Conclusion: Pros A unifying framework for making many applications more efficient Treats data and code symmetrically Multiple-language support possible Supports disconnected networks in a way that other technologies cannot Cleaner programming model

For more information... Mysimon.com D’Agents: http://agent.cs.dartmouth.edu/ Tryllian: http://www.tryllian.com Aglets: http://www.trl.ibm.co.jp/aglets

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.