Upload
gyles-flowers
View
225
Download
0
Tags:
Embed Size (px)
Citation preview
MagicNET: Security Architecture for Creation,
Classification, and Validation of Trusted Mobile Agents
Presented By Mr. Muhammad Awais Shibli
Presentation Overview 1. Background
2. Mobile Agents
3. System Components
4. Roles in the Proposed System
5. Components of the System
6. Operations of the System
7. Conclusion
Mobile Agents
Mobile agents are self-contained software modules with additional credentials and accumulated data. They roam a network, moving autonomously from one server to another, perform their designated tasks, and finally, eventually, return to their control station.
Background
Wider Adoption of Mobile Agents Security Solutions
– Platform– Agent
Still Problem !!!!
– Experimental envirnoment– Close Envirnoment
Issues need to address
Creation of mobile agents Specification of classification parameters. Validation procedures. Enforcement of roles and procedures Distribution of agents
System Components
MagicNET stands for Mobile Agents Intelligent Community Network, has developed at secLab at DSV Department at KTH.
MagicNET provide complete infrastructural and functional component for secure mobile agent research and development.
It provide support to build secure & trusted mobile agents, provide agents repository (agents’ store), Mobile Agents Servers (for their runtime execution), Mobile Agent Control Station, Infrastructural servers.
Assurance Levels for Mobile Agents
“Distributed trust management involves proving that an agent has the ability to access some service/resource solely by verifying that its credentials comply with the security policy of the requested service”[4]
Second Approach
“ . . . trust (or symmetrically, distrust) is a particular level of the subjective probability with which an agent will perform a particular action, both before it can monitor such action (or independently of his capacity to monitor it) and in a context in which it affects its own action”
Properties andAttributes
Assurance LevelLow Medium High
Creator’s Signature No Yes Sign Validation
Yes Cert Validation
Owner’s Signature
No YesSign Validation
YesCert Validation
Appraiser’s Signature No Yes Sign Validation
Yes Cert Validation
Privileged Authority’s Signature
No YesSign Validation
YesCert Validation
Service Registrar’s Signature
No YesSign Validation
YesCert Validation
Code Encryption No Yes, symmetric keyTriple DES 168 bits key
Yes, symmetric key AES 256 bits key size
RSA Key Size 512 bits 1024 bits 2048 bits
Baggage Encryption No Yes, symmetric key shared with servers
Yes, public key, enveloping
XML based Task Specification
No Yes Yes, signed by Privileged Authority
Role specification No Yes Yes, signed by Privileged Authority
Roles in the Proposed System
Agent Creator (AC) Privilege Authority.(PA) Service Registrar. (SR) Agent Trust Appraiser(ATA) Agent Owner (AO)
Components of the System
Global Certificate Management System Agent Factory Global Directory facilitator (UDDI Server)
Management Server.
Operations of the System
Agent Creation Agent Trust Appraiser Agent Privileges Assignment Agent Services Publishing Agent Adoption
Questions ???