Short Summery Report

On Security Issues and Domain Based Security for Mobile Agents

Under the guidance of Mr. Gianetan Singh Sekhon Lect. C. E. section YCOE GKC Talwandi Sabo Submitted By Hans Raj C.S. E (Part.Time) REGD. No. 07MCP004

Abstract - In Mobile agent system, security issues are major problem. Mobile agents are autonomous software entity when a mobile agent works in the host environment some security problem raises, it can suspend its execution in one host and resume its execution in another host .when mobile agent resume its execution ,it can loss some of its important data . Mobile agent have their personal information like, internal code, state and password .These personal information are updated by host and another mobile agent working under that host environment. So that mobile agent systems are that in which various agents works concurrently and uses the resources of that host platform in random manner. Mobile agent can travels in different number of hosts in distributed network, during the journey it can change its state and secret code and behave like an un trusted entity. Mobile agent technology has many benefits but it has a possibility of security threats from malicious agent platform. In my thesis work, an infrastructure is proposed to secure mobile agent from the agent platform in which they can execute to do their necessary computation. In this infrastructure SGB (Security Guider Bank) serves as a group of agent platform, which is called domain. The SGB maintains information about the domain, which is used by mobile agents to decide whether it is safe to visit the domain or not. This is represented as RV value and VL value .with this approach the turnaround time of mobile agent is reduced .and this mechanism also able to detect as well as prevent up to some extent ,a malicious changes of mobile agent. Keywords- Security, Mobility, Agent Platform, Security Issues, SGB. I. Introduction- Mobile agents are software agents that can move around the network to complete a given task. Mobile agents are autonomous software entities when a mobile agent work in the host environment some security problem raises, It can be work in distributed network. Mobile agent can suspend its execution in one host and resume its execution in another host. When mobile agent resume its execution, It can loss some of its important data. Mobile agent have their personal information like, internal code, state and password .These personal information are updated by host and another mobile agent working under that host environment. So that mobile agent systems are that in which various agents works concurrently and uses the resources of that host platform in random manner. Agent platform is an infrastructure providing the environment for mobile agents to be executed there. A mobile agent arrives and executes its task according to the privileges assigned by the creator of an agent and agent platform , and possibly the designer of its code as well, if different from the creator/owner .My thesis is focus on mechanism through which mobile agent is capable of determine whether they would visit a particular domain or not. Through

this decision the possibility of an attack from malicious agent platform on mobile agent is reduced. A Domain is consists of agent platform and this domain is controlled by the security Guider Bank (SGB). SGB is a trusted entity that can have the information all about the domain .this information includes the knowledge about the successful execution of mobile agent in a particular agent platform. It has full knowledge about agents execution without any modification of code or data or any undue influence like delay, SGB uses two parameters 1. Vulnerability Level (VL) 2. Reputation value (RV) VL and RV values of Domain and Platform can be calculated on the basis of the visits that can make by the mobile agent. The security guider bank can maintain the history of execution of mobile agent. It can maintain the VL and RV values of Domain and agent platform. Reputation is determined by the SGB based on observations of mobile agents visiting the domain. Lower VL value suggest better than higher Value and Higher RV value for Agent platform is suggested better than lower value. The term Vulnerable Level (VL) and Reputation value (RV) used refers to a property of a Domain and platform that is related to its trustworthiness. 2. Objectives:1. I have carried out a study of various security issues in the field of Mobile Agents. 2. Developing a security mechanism for Mobile agents, an algorithm has been proposed. 3. Implementation of above algorithm and 4. Analysis of simulation results of the algorithm. 3. Mobile agent Infrastructure: Mobile agents need to 1. Use resources available on their host machine 2. Communicate with other agents. 3. Move in the heterogeneous environment. 4. Protect themselves agents from malicious agent and hosts. 4. Security Issues:- In mobile agent system there are various numbers of security issues which can create the problem in host environment or mobile agent computing environment these security issues are given below. 1. Transfer security 2. Authentication and Authorization. 3. Host system security 4. Computational environment security. 5. Mobile agent system security

5. Security Mechanism:-My thesis work is focus on mechanism through which

mobile agent is capable of determine whether they would visit a particular domain or not and I build a security frame work for that domain. Through this decision the possibility of an attack from malicious agent platform on mobile agent is reduced. A Domain is consists of agent platform and this domain is controlled by the security Guider Bank (SGB). SGB is a trusted entity that can have the information all about

the domain .this information includes the knowledge about the successful execution of mobile agent in a particular agent platform. It has full knowledge about agents execution without any modification of code or data or any undue influence like delay, to maintain this information, SGB uses two parameters 1. Vulnerability Level (VL) :- VL represents a value for a domain that specifies a level based upon the fairness execution of mobile agent on platform within a specific domain. A higher value of VL means that the domain is dangerous for mobile agent to visit and the lower value of VL means safer to visit for mobile agent to do their necessary computation. 2. Reputation value (RV) :- RV value is a reputation value of the agent platform that depends upon the degree of honesty of the platform. If RV value of agent platform is low then the agent platform is more dangerous to visit and if the RV value is high then it is safer to visit .so that the high RV value of agent platform suggest better than low RV value. 6. Conclusion:- Through this proposed mechanism, mobile agent can be protected from the possible attack of malicious platform by deciding whether to visit an agent platform or not. This decision is made by the mobile agent at the SGB before arriving at the platform. The agent first checks if the VL value of the domain is acceptable, then it selects all those agent platforms in its itinerary list whose RV values are acceptable. Scenarios from my Simulation VL and RV values are changed according to number of visits and the malicious behaviour of the agent platform, This mechanism saves turnaround time of mobile agents, as it allows a decision by looking at the VL value whether it has to visit whole domain or not. Still needed is a global agreement upon the rules for calculating and interpreting the vulnerability level and reputation values in the form of standards. This would allow mobile agents, when moving over the Internet, to have the same understanding of VL and RL values for all domains and included agent platforms. 7. Future Work :- The area of mobile agent security is still in a somewhat immature state .there are need to develop techniques that are directed towards the protecting of agent, a much more difficult problem. In future there are need to develop agent security framework and security design tool. The world wide network simulator can be developed that works on the entire network.