- Войти через:
- vk.com
- ok.ru
- google.com
- mail.ru
- yandex.ru
Vigna G. (Ed.). Mobile Agents and Security
- Файл формата pdf
- размером 1,32 МБ
- Добавлен пользователем Shushimora
- Описание отредактировано
Springer Berlin Heidelberg, 1998. — 268 p. — (Lecture Notes in Computer Science). — ISBN: 978-3-540-64792-8.New paradigms can popularize old technologies. A new standalone" paradigm, the electronic desktop, popularized the personal computer. A new connected" paradigm, the web browser, popularized the Internet. Another new paradigm, the mobile agent, may further popularize the Internet by giving people greater access to it with less effort.
Mobile Agent Paradigm
The mobile agent paradigm integrates a network of computers in a novel way designed to simplify the development of network applications. To an application developer the computers appear to form an electronic world of places occupied by agents. Each agent or place in the electronic world has the authority of an individual or an organization in the physical world. The authority can be established, for example, cryptographically.
A mobile agent can travel from one place to another subject to the destination place's approval. The source and destination places can be in the same computer or in different computers. In either case, the agent initiates the trip by executing a go" instruction which takes as an argument the name or address of the destination place. The next instruction in the agent's program is executed in the destination place, rather than in the source place. Thus, in a sense, the mobile agent paradigm reduces networking to a program instruction.
A mobile agent can interact programmatically with the places it visits and, if the other agents approve, with the other agents it encounters in those places. An agent typically travels to obtain a service offered by an agent in a distant place. An agent might travel from a place in a personal computer to a theater ticketing place" in a network server. Upon arrival, the agent might purchase theater tickets by interacting with a resident \theater ticketing agent". Thus agents can be instruments of electronic commerce.
Mobile Agent Advantages
The familiar remote procedure call (RPC) paradigm uses networks to carry messages –data- that request and confirm services. A client orchestrates the work of a server with a series of requests, sent from client to server, and responses, sent from server to client. To delete from a file server all files two weeks old might require one request to list the files and their modification dates and another to delete each sufficiently old file. Software on the client decides which files to delete. Deleting n files requires 2(n+1) messages.
The new mobile agent paradigm uses networks to carry objects |data and procedures| that are to be executed in the presence of service providers. A client orchestrates the work of a server by sending to the server an agent whose procedure makes all of the required requests when it's executed. Deleting the old files |no matter how many-requires moving just one agent between computers. All of the orchestration, including the analysis that decides which files are old enough to delete, is done \on-site" at the server.
One advantage of mobile agents is performance. While two computers in an RPC network require ongoing communication for ongoing interaction, two computers in a mobile agent network can interact without the network's help once it has moved an agent that embodies the desired interaction from one computer to the other. The lower the network's throughput or the higher its latency or cost, the greater the performance advantage.
Another advantage of mobile agents is automation. A user can direct an agent to carry out a long sequence of tasks and then send the agent on its way. The tasks may require the agent to travel to many servers. The user's computer need be connected to the network only long enough to allow the agent to leave and perhaps later return. Thus mobile agent networks enable users to automate tasks that today they must perform interactively.
A third advantage of mobile agents is ease of software distribution. Agents enable applications to distribute themselves among the various computers on which they must execute. If installed on a client computer, an application can expand to encompass one or more servers. If installed on a server, an application can expand to encompass any number of client computers (in order to offer a service door to door"). Thus a mobile agent network, like a personal computer, is an open platform for application developers.
Mobile Agent Applications
Users delegate to agents extended or complicated tasks they'd rather not perform themselves. Among the special talents of agents are watching, searching, and arranging.
Watching. In an investment application, a user's agent might monitor the stock market and notify the user when a specified stock reaches a specified price. The agent travels from a client computer to a stock server where it waits for the event to occur.
Searching. In a shopping application, a user's agent might determine the lowest price at which a specified product is sold. The agent travels from a client computer to a directory server and then to the commerce servers of merchants it selects from the directory.
Arranging. In an entertainment application, a user's agent might arrange a night on the town" involving dinner and the theater, selecting a restaurant with a specified cuisine and price range and timing the reservation to allow for travel to the theater. The agent travels from a client computer to a restaurant reservation server and a theater ticketing server.
As in the last example, mobile agents can create new services by combining existing ones. In this way particularly, mobile agent networks are open platforms for developers.
The Technical Challenge
The mobile agent paradigm has problems as well as promise. Most of the problems have to do with safety and security. The mobile agent paradigm is most platform-like and so delivers the greatest value not when my agent visits my place, but when it visits yours. Before you can allow this, you must be sure that my agent, for example, can't access information you didn't intend for it to have, can't accidentally go into an infinite loop and so squander your resources, and can't deliberately interfere with the agents of other users.
In this book, you'll hear from some of the most prominent researchers in the mobile agent field. They'll tell you what they've accomplished and what remains to be accomplished. You'll gain a good understanding of the mobile agent paradigm-especially an understanding of how the paradigm can be made safe. Perhaps you'll be inspired to take on some of the remaining work yourself. We'd welcome your help.Foundations
Security Issues in Mobile Code Systems.
Environmental Key Generation towards Clueless Agents.
Language Issues in Mobile Program Security.
Protecting Mobile Agents Against Malicious Hosts.
Security Mechanisms
Safe, Untrusted Agents Using Proof-Carrying Code.
Time Limited Blackbox Security: Protecting Mobile Agents from Malicious Hosts.
Authentication for Mobile Agents.
Cryptographic Traces for Mobile Agents.
Mobile Code Systems
D’Agents: Security in a Multiple-Language, Mobile-Agent System.
A Security Model for Aglets.
Signing, Sealing, and Guarding Java Objects.
Active Content and Security
The Safe-Tcl Security Model.
Web Browsers and Security.
Mobile Agent Paradigm
The mobile agent paradigm integrates a network of computers in a novel way designed to simplify the development of network applications. To an application developer the computers appear to form an electronic world of places occupied by agents. Each agent or place in the electronic world has the authority of an individual or an organization in the physical world. The authority can be established, for example, cryptographically.
A mobile agent can travel from one place to another subject to the destination place's approval. The source and destination places can be in the same computer or in different computers. In either case, the agent initiates the trip by executing a go" instruction which takes as an argument the name or address of the destination place. The next instruction in the agent's program is executed in the destination place, rather than in the source place. Thus, in a sense, the mobile agent paradigm reduces networking to a program instruction.
A mobile agent can interact programmatically with the places it visits and, if the other agents approve, with the other agents it encounters in those places. An agent typically travels to obtain a service offered by an agent in a distant place. An agent might travel from a place in a personal computer to a theater ticketing place" in a network server. Upon arrival, the agent might purchase theater tickets by interacting with a resident \theater ticketing agent". Thus agents can be instruments of electronic commerce.
Mobile Agent Advantages
The familiar remote procedure call (RPC) paradigm uses networks to carry messages –data- that request and confirm services. A client orchestrates the work of a server with a series of requests, sent from client to server, and responses, sent from server to client. To delete from a file server all files two weeks old might require one request to list the files and their modification dates and another to delete each sufficiently old file. Software on the client decides which files to delete. Deleting n files requires 2(n+1) messages.
The new mobile agent paradigm uses networks to carry objects |data and procedures| that are to be executed in the presence of service providers. A client orchestrates the work of a server by sending to the server an agent whose procedure makes all of the required requests when it's executed. Deleting the old files |no matter how many-requires moving just one agent between computers. All of the orchestration, including the analysis that decides which files are old enough to delete, is done \on-site" at the server.
One advantage of mobile agents is performance. While two computers in an RPC network require ongoing communication for ongoing interaction, two computers in a mobile agent network can interact without the network's help once it has moved an agent that embodies the desired interaction from one computer to the other. The lower the network's throughput or the higher its latency or cost, the greater the performance advantage.
Another advantage of mobile agents is automation. A user can direct an agent to carry out a long sequence of tasks and then send the agent on its way. The tasks may require the agent to travel to many servers. The user's computer need be connected to the network only long enough to allow the agent to leave and perhaps later return. Thus mobile agent networks enable users to automate tasks that today they must perform interactively.
A third advantage of mobile agents is ease of software distribution. Agents enable applications to distribute themselves among the various computers on which they must execute. If installed on a client computer, an application can expand to encompass one or more servers. If installed on a server, an application can expand to encompass any number of client computers (in order to offer a service door to door"). Thus a mobile agent network, like a personal computer, is an open platform for application developers.
Mobile Agent Applications
Users delegate to agents extended or complicated tasks they'd rather not perform themselves. Among the special talents of agents are watching, searching, and arranging.
Watching. In an investment application, a user's agent might monitor the stock market and notify the user when a specified stock reaches a specified price. The agent travels from a client computer to a stock server where it waits for the event to occur.
Searching. In a shopping application, a user's agent might determine the lowest price at which a specified product is sold. The agent travels from a client computer to a directory server and then to the commerce servers of merchants it selects from the directory.
Arranging. In an entertainment application, a user's agent might arrange a night on the town" involving dinner and the theater, selecting a restaurant with a specified cuisine and price range and timing the reservation to allow for travel to the theater. The agent travels from a client computer to a restaurant reservation server and a theater ticketing server.
As in the last example, mobile agents can create new services by combining existing ones. In this way particularly, mobile agent networks are open platforms for developers.
The Technical Challenge
The mobile agent paradigm has problems as well as promise. Most of the problems have to do with safety and security. The mobile agent paradigm is most platform-like and so delivers the greatest value not when my agent visits my place, but when it visits yours. Before you can allow this, you must be sure that my agent, for example, can't access information you didn't intend for it to have, can't accidentally go into an infinite loop and so squander your resources, and can't deliberately interfere with the agents of other users.
In this book, you'll hear from some of the most prominent researchers in the mobile agent field. They'll tell you what they've accomplished and what remains to be accomplished. You'll gain a good understanding of the mobile agent paradigm-especially an understanding of how the paradigm can be made safe. Perhaps you'll be inspired to take on some of the remaining work yourself. We'd welcome your help.Foundations
Security Issues in Mobile Code Systems.
Environmental Key Generation towards Clueless Agents.
Language Issues in Mobile Program Security.
Protecting Mobile Agents Against Malicious Hosts.
Security Mechanisms
Safe, Untrusted Agents Using Proof-Carrying Code.
Time Limited Blackbox Security: Protecting Mobile Agents from Malicious Hosts.
Authentication for Mobile Agents.
Cryptographic Traces for Mobile Agents.
Mobile Code Systems
D’Agents: Security in a Multiple-Language, Mobile-Agent System.
A Security Model for Aglets.
Signing, Sealing, and Guarding Java Objects.
Active Content and Security
The Safe-Tcl Security Model.
Web Browsers and Security.
- Чтобы скачать этот файл зарегистрируйтесь и/или войдите на сайт используя форму сверху.