Home // SECURWARE 2015, The Ninth International Conference on Emerging Security Information, Systems and Technologies // View article

Mobile Agent Security Using Reference Monitor-based Security Framework

Authors:
Sandhya Armoogum
Nawaz Mohamudally
Nimal Nissanke

Keywords: Security; Mobile agents; Reference monitor, Trust

Abstract:
In distributed systems and in open systems such as the Internet, often mobile code has to run on unknown and potentially hostile hosts. Mobile code, such as a mobile agent is vulnerable when executing on remote hosts. The mobile agent may be subjected to various attacks such as tampering, inspection, and replay attack by a malicious host. Much research has been done to provide solutions for various security problems, such as authentication of mobile agent and hosts, integrity and confidentiality of the data carried by the mobile agent. Many of such proposed solutions in literature are not suitable for open systems whereby the mobile code arrives and executes on a host which is not known and trusted by the mobile agent owner. In this paper, we propose the adoption of the reference monitor by hosts in an open system for providing trust and security for mobile code execution. A secure protocol for the distribution of the reference monitor entity is described as well as a novel approach to assess the authenticity and integrity of the reference monitor running on the destination agent platform before any mobile agent migrates to that destination. This reference monitor entity on the remote host may provide several security services such as authentication, integrity and confidentiality of the agent's code and/or data.

Pages: 112 to 117

Copyright: Copyright (c) IARIA, 2015

Publication date: August 23, 2015

Published in: conference

ISSN: 2162-2116

ISBN: 978-1-61208-427-5

Location: Venice, Italy

Dates: from August 23, 2015 to August 28, 2015