D’Agents: Security in a Multiple-Language, Mobile-Agent System

Abstract

Mobile-agent systems must address three security issues:protecting an individual machine, protecting a group of machines, andprotecting an agent. In this chapter, we discuss these three issues in thecontext of D'Agents, a mobile-agent system whose agents can be written inTcl, Java and Scheme. (D'Agents was formerly known as Agent Tcl.) First wediscuss mechanisms existing in D'Agents for protecting an individual machine:(1) cryptographic authentication of the agent's owner, (2) resource managersthat make policy decisions based on the owner's identity, and (3) secureexecution environments for each language that enforce the decisions of theresource managers. Then we discuss our planned market-based approach forprotecting machine groups. Finally we consider several (partial) solutionsfor protecting an agent from a malicious machine.