A model of attacks of malicious hosts against mobile agents

Abstract

Mobile agents and other mobile code entities extend the potential of (stationary) distributed systems by the possibility of programs being executed at computers that are often not maintained by the employer of that program. Here two parties are involved in running a program, and thus guarantees have to be given that one party will not harm the other. Especially the aspect that a mobile agent has to be protected against attacks of the executing party, or host, exists even in modest applications, and in those of the the electronic commerce domain. Furthermore, this problem is regarded to be very difficult as there are currently only two approaches that try to solve this problem entirely. Another difficulty in finding a solution for this problem, is that - contrary to some other system mechanisms for mobile agents - it is not enough to just propose a mechanism that seems to solve the problem, but a formal proof has to be given that the solution holds. The paper therefore proposes a model of attacks that can be used by malicious hosts against mobile agents. It is intended to be the basis for a formal analysis of single attacks and of the strength of potential protection mechanisms.