MagicNET: Security Architecture for Creation,

Classification, and Validation of Trusted Mobile Agents

Presented By Mr. Muhammad Awais Shibli

Presentation Overview 1. Background

2. Mobile Agents

3. System Components

4. Roles in the Proposed System

5. Components of the System

6. Operations of the System

7. Conclusion

Mobile Agents

Mobile agents are self-contained software modules with additional credentials and accumulated data. They roam a network, moving autonomously from one server to another, perform their designated tasks, and finally, eventually, return to their control station.

Background

Wider Adoption of Mobile Agents Security Solutions

– Platform– Agent

Still Problem !!!!

– Experimental envirnoment– Close Envirnoment

Issues need to address

Creation of mobile agents Specification of classification parameters. Validation procedures. Enforcement of roles and procedures Distribution of agents

System Components

MagicNET stands for Mobile Agents Intelligent Community Network, has developed at secLab at DSV Department at KTH.

MagicNET provide complete infrastructural and functional component for secure mobile agent research and development.

It provide support to build secure & trusted mobile agents, provide agents repository (agents’ store), Mobile Agents Servers (for their runtime execution), Mobile Agent Control Station, Infrastructural servers.

Assurance Levels for Mobile Agents

“Distributed trust management involves proving that an agent has the ability to access some service/resource solely by verifying that its credentials comply with the security policy of the requested service”[4]

Second Approach

“ . . . trust (or symmetrically, distrust) is a particular level of the subjective probability with which an agent will perform a particular action, both before it can monitor such action (or independently of his capacity to monitor it) and in a context in which it affects its own action”

Properties andAttributes

Assurance LevelLow Medium High

Creator’s Signature No Yes Sign Validation

Yes Cert Validation

Owner’s Signature

No YesSign Validation

YesCert Validation

Appraiser’s Signature No Yes Sign Validation

Yes Cert Validation

Privileged Authority’s Signature

No YesSign Validation

YesCert Validation

Service Registrar’s Signature

No YesSign Validation

YesCert Validation

Code Encryption No Yes, symmetric keyTriple DES 168 bits key

Yes, symmetric key AES 256 bits key size

RSA Key Size 512 bits 1024 bits 2048 bits

Baggage Encryption No Yes, symmetric key shared with servers

Yes, public key, enveloping

XML based Task Specification

No Yes Yes, signed by Privileged Authority

Role specification No Yes Yes, signed by Privileged Authority

Roles in the Proposed System

Agent Creator (AC) Privilege Authority.(PA) Service Registrar. (SR) Agent Trust Appraiser(ATA) Agent Owner (AO)

Components of the System

Global Certificate Management System Agent Factory Global Directory facilitator (UDDI Server)

Management Server.

Operations of the System

Agent Creation Agent Trust Appraiser Agent Privileges Assignment Agent Services Publishing Agent Adoption

Questions ???