secured mobile agent
TRANSCRIPT
-
7/29/2019 secured mobile agent
1/50
Mobile Agents
Niranjan [email protected]
University of West Florida
-
7/29/2019 secured mobile agent
2/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida2
Outline
Overview of Agents and Mobile Agents Characterization of Mobility
Advantages of Mobile Agents
System Components
Language / Design Issues
Applications
Challenges
Survey of Mobile Agent Systems Summary
-
7/29/2019 secured mobile agent
3/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida3
Definition of Software Agents
Computer program
Autonomous behavior
Represents some entity Has authority (delegation)
Reacts and learns about environment
Communicates using high-level AgentCommunication Languages (ACLs)
-
7/29/2019 secured mobile agent
4/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida4
Mobile Agents
Definition
Software agents
Move from one computer to another User-directed or autonomous
-
7/29/2019 secured mobile agent
5/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida5
Outline
Overview of Agents and Mobile Agents
Characterization of Mobility Advantages of Mobile Agents
System Components
Language / Design Issues
Applications
Challenges
Survey of Mobile Agent Systems Summary
-
7/29/2019 secured mobile agent
6/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida6
Characterizing Mobility
Three capabilities
Mobile code
Mobile computation
Mobile state
Various combinationsare possible
Mobile
Code
Mobile
Computatio
n
Mobile
State
RPC, Servlets,Stored Procedures
Remote
Installation
Checkpointing
-
7/29/2019 secured mobile agent
7/50Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida7
Mobile Code
Allows executable code to be moved to a newhost
May use the push or pull model Pull: Applets
Push: Remote Installation
Mobile agents use push
Sometimes, an agent push may result in a code pull Code may be binary (intermediate or native) or
source
-
7/29/2019 secured mobile agent
8/50Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida8
Mobile Code
Advantages:
Dynamically change capabilities
Download new code to add / change / update capabilitiesof platform
Remove code when no longer needed
Problems:
Security concerns due to untrusted / uncheckedcode
Code could be malicious, buggy, and/or tampered
-
7/29/2019 secured mobile agent
9/50Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida9
Mobile Computation
Evolution of Remote Computation
RPC, RSH, RMI, Servlets, Stored Procedures,CORBA
Allows one system to run a computation onanother system
Utilize resources on remote system
CPU, memory
Access resources on remote system
Files, databases, etc.
-
7/29/2019 secured mobile agent
10/50Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida10
Mobile State
Evolution of State Capture Checkpointing
Allows execution state of a process to becaptured and moved
State may be machine specific or machineindependent
May contain State of single or multiple threads
Code
-
7/29/2019 secured mobile agent
11/50Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida11
Combinations of Capabilities
MobileCode
Mobile
Computation
Mobile
State
RPC, Servlets,Stored Procedures
RemoteInstallation
Checkpointing
WeakMobility
ProcessMigration
StrongMobility
-
7/29/2019 secured mobile agent
12/50Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida12
Strong Mobility
Move execution state with agent
Why is it important? Computationally equivalent to weak mobility
However, simpler, more natural abstraction
Therefore, easier to write mobile agents
More importantly
mobile state allows
forced mobility
-
7/29/2019 secured mobile agent
13/50Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida13
Weak Mobility Example
public class Example extends Aglet {
boolean _theRemote = false;
public void onCreation (Object init) {
addMobilityListener(
new MobilityAdapter() {
public void onArrival (MobilityEvent e) {
_theRemote = true;
}
}
);
}
public void run() {
if (!_theRemote) {
System.out.println (On Source);
dispatch(destination);
}
else {
System.out.println (On Destination);
}
}
}
-
7/29/2019 secured mobile agent
14/50Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida14
Strong Mobility Example
public class Example extends Agent
{
public static void main (String[] args)
{
System.out.println (On source);go (destination);
System.out.println (On destination);
}
}
-
7/29/2019 secured mobile agent
15/50Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida15
Outline
Overview of Agents and Mobile Agents
Characterization of Mobility
Advantages of Mobile Agents System Components
Language / Design Issues
Applications
Challenges
Survey of Mobile Agent Systems Summary
-
7/29/2019 secured mobile agent
16/50Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida16
Client-Server Versus Mobile Agents
Client
Server Server
Client
Agent
Server
Client
Agent
Server
Client
Agent
Traditional Mobile Agent-Based
-
7/29/2019 secured mobile agent
17/50Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida17
Advantages of Mobile Agents
Reduced network bandwidth
Disconnected operation
Short On-Line times Low-power requirements
Support for mobile units
Low-latency interaction
-
7/29/2019 secured mobile agent
18/50Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida18
Jini Versus Mobile Agents
Client
Device
Client
Device
Proxy
Client
Device
Client
Device
Agent
Client
Device
Agent
-
7/29/2019 secured mobile agent
19/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida19
Advantages of Mobile Agents
Highly Dynamic and Flexible Systems
Enabled my mobile code
Download new capabilities / services Remove old / unused capabilities
Swapping for memory constrained devices
Structure systems around mobile code
Universal server Open Services Gateway Initiative (OSGI)
-
7/29/2019 secured mobile agent
20/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida20
Advantages of Mobile Agents
Unique capability:
Send an executable program that does your biddingon someone elses computer
Very powerful but can be dangerous!
Only one step removed from a Virus
-
7/29/2019 secured mobile agent
21/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida21
Agent Programming Paradigms
Itinerant Agents
Use an itinerary that dictates mobility of agents
Reactive Agents Event-based approach
Events trigger mobility of agents
Agent-Minion
Minions: Small mobile agents spawned by largeragents
-
7/29/2019 secured mobile agent
22/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida22
Outline
Overview of Agents and Mobile Agents
Characterization of Mobility
Advantages of Mobile Agents
System Components Language / Design Issues
Challenges
Survey of Mobile Agent Systems
Summary
-
7/29/2019 secured mobile agent
23/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida23
System Components
Execution
Environment
Execution
Environment
Agent Transfer Protocol
Directory
Service
Messaging
Service
Policy
Manager
Interpreter
Visualization
Tools
Administration
Tools
Agent Messaging Protocol
Authentication
Encryption
Global
Directory
Service
Logging
Service
Global
Logging
Service
Other Frameworks
(DARPA CoABS Grid, etc.)
Persistence
Service
-
7/29/2019 secured mobile agent
24/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida24
Outline
Overview of Agents and Mobile Agents
Characterization of Mobility
Advantages of Mobile Agents
System Components
Language / Design Issues Applications
Challenges
Survey of Mobile Agent Systems Summary
-
7/29/2019 secured mobile agent
25/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida25
Languages for Mobile Agents
Java Numerous Systems
TCL DAgents, SMIA
C/C++ Omniware
Miscellaneous Telescript
Lisp, Scheme, custom, etc.
-
7/29/2019 secured mobile agent
26/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida26
Advantages of Java
Platform independent
Virtual Machine execution environment
Important for isolation
Small footprint
Real programming language
Compared to TCL
Most security conscious
Though still not adequate!
-
7/29/2019 secured mobile agent
27/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida27
Limitations of Java
No state capture
Importance: Mobile state
Mobile agent systems
Load balancing (distributed systems)
Forced migration
Cloning (fault tolerance)
Checkpointing Faster VM startup
Restarting crashed applications
Persisting processes for later resumption
-
7/29/2019 secured mobile agent
28/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida28
Limitations of Java
No resource control
Importance:
Protect against denial-of-service attacks Malicious code
Buggy code
Prioritize tasks
Foundation for providing QoS guarantees
-
7/29/2019 secured mobile agent
29/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida29
Limitations of Java
No resource accounting
Importance:
Measuring resource consumption Charging / billing resource usage
Observing behavior of code
-
7/29/2019 secured mobile agent
30/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida30
Directory Service Issues
Difficult to find an agent
Chase agent around
Fast Moving Agents May be difficult/inefficient to update directory service
-
7/29/2019 secured mobile agent
31/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida31
Authentication Issues
Agent Anonymity
Agent may want to be anonymous on a host
Analogy: Window shopping
Multiple Hop
Agent may not want to carry credentials
Credentials could be stolen by malicious hosts
-
7/29/2019 secured mobile agent
32/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida32
Outline
Overview of Agents and Mobile Agents
Characterization of Mobility
Advantages of Mobile Agents
System Components Language / Design Issues
Applications Challenges
Survey of Mobile Agent Systems Summary
-
7/29/2019 secured mobile agent
33/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida33
Applications of Mobile Agents
Information Retrieval
Mobile agents reduce network bandwidth
Depends on:
Quantity of information searched
Quantity of information retrieved
Size of mobile agent
Comprehensive study for DARPA
Dartmouth College, Lockheed Martin ATL,
University of West Florida
-
7/29/2019 secured mobile agent
34/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida34
Applications of Mobile Agents
Monitoring
Computer programs can be very patient
Remote Control Dynamic Systems
Universal servers
Active Mail
Send executable content as email
-
7/29/2019 secured mobile agent
35/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida35
Outline
Overview of Agents and Mobile Agents
Characterization of Mobility
Advantages of Mobile Agents
System Components Language / Design Issues
Applications
Challenges
Survey of Mobile Agent Systems Summary
-
7/29/2019 secured mobile agent
36/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida36
Challenges for Mobile Agents
Security Issues Protecting network communication
Protecting hosts from agents
Illegal access
Denial of service
Protecting agents from hosts
Tampering
Extracting information
Capture / Replay
System-wide Administration / Management Policies
Tracking / Visualization
-
7/29/2019 secured mobile agent
37/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida37
Challenges for Mobile Agents
Access to non-mobile resources Network endpoints
Files
Deployment (of environments)
Interoperability OMG MASIF Not successful
DARPA CoABSWe shall see
Debugging Highly Asynchronous
-
7/29/2019 secured mobile agent
38/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida38
Outline
Overview of Agents and Mobile Agents
Characterization of Mobility
Advantages of Mobile Agents
System Components Language / Design Issues
Applications
Challenges
Survey of Mobile Agent Systems Summary
-
7/29/2019 secured mobile agent
39/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida39
Survey of Mobile Agent Systems
Commercial Systems
Telescript/Odyssey - General Magic
Voyager - ObjectSpace
Aglets - IBM
Concordia - Mitsubishi Electric ITA
Jumping Beans - AdAstra
-
7/29/2019 secured mobile agent
40/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida40
Survey of Mobile Agent Systems
Research Systems NOMADS
KAoS
DAgents Agents for Remote Action (ARA)
Mole
Sumatra
Many others...Mobile Agent List:http://www.informatik.uni-stuttgart.de/ipvr/vs/projekte/mole/mal/mal.html
-
7/29/2019 secured mobile agent
41/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida41
NOMADS
Java-based mobile agent system Strong mobility
Capture full execution state of running agents
Provides anytimemobility simplifies writing mobileagents
Provides forcedmobility arbitrary Java code can bemoved
Strong security
Dynamically control resource usage (rates and quantities) Allows platform owner full control over agent execution
Protect against denial of service attacks
-
7/29/2019 secured mobile agent
42/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida42
Strong Security
Limitations of current Java systems
Rely on JDK security
Does not provide resource control
Either assume agents are safe
Does not scale
Or rely on code signing
Not a preventive measure
Goal: Build secure execution environments
Run untrusted or partially-trusted code
-
7/29/2019 secured mobile agent
43/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida43
Aroma Virtual Machine
Clean-room implementation
State capture mechanism
Dynamic, fine-grained resource control
Disk, Network, CPU
JDK 1.2.2 compatible
Uses Java Platform API from JRE 1.2.2
No AWT / Swing
Ported to Win32 (x86), Linux (x86), Solaris (SPARC)
No Just-In-Time compilation
(Almost) No optimization
-
7/29/2019 secured mobile agent
44/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida44
State Capture
Aroma supports two modes
Full VM state
All threads, loaded classes, objects
State may be restored into a blank VM
Size: Approx 1.5 MB
Individual thread state
Method stack and all reachable objects
Thread may be restored into running VM Size: Approx 4 KB
-
7/29/2019 secured mobile agent
45/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida45
State Capture
State capture is fine-grained
Between any two Java bytecode instructions
Supports blocked, waiting, sleeping, and suspendedthreads
State is platform independent
State may be stored in memory, saved to disk,
or streamed over the network
-
7/29/2019 secured mobile agent
46/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida46
Resource Control
Rate control
Control rate at which resources are used
Dynamically adjustable
Fine grained
Examples:
CPU limited to 10%
Disk write rate limited to 30 KB/sec
Network read rate limited to 10 KB/sec
Disk Usage Rate
-
7/29/2019 secured mobile agent
47/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida47
Resource Control
Quantity control
Control quantity of resources used
Dynamically adjustable
Fine grained
Examples:
Disk space limited to 1.8 MB
Total network writes limited to 1024 KB
Still needed: memory
Disk Usage Quantity
-
7/29/2019 secured mobile agent
48/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida48
Benefits of Resource Control
Protect host from malicious agents Prevent denial of service attacks
Simplify agent writers task Agents do not need to worry about resource control
/ limits
Means of prioritization Raising limits increases priority
Basis for Quality of Service
Means of accounting
-
7/29/2019 secured mobile agent
49/50
Mobile Agents Tutorial - Niranjan Suri - Cognition Institute/University of West Florida49
Outline
Overview of Agents and Mobile Agents
Characterization of Mobility
Advantages of Mobile Agents
System Components Language / Design Issues
Applications
Challenges
Survey of Mobile Agent Systems
Summary
-
7/29/2019 secured mobile agent
50/50
Summary
Mobile Agents are Good
Code mobility adds significant flexibility
Security is Critical Deployment is Difficult
No Interoperability
MH MP MPD
http://../Documents%20and%20Settings/nsuri/Desktop/matrixMovies/matrixHelo.movhttp://../Documents%20and%20Settings/nsuri/Desktop/matrixMovies/matrixPilot.movhttp://../Documents%20and%20Settings/nsuri/Desktop/matrixMovies/matrixPilotDead.movhttp://../Documents%20and%20Settings/nsuri/Desktop/matrixMovies/matrixPilotDead.movhttp://../Documents%20and%20Settings/nsuri/Desktop/matrixMovies/matrixPilot.movhttp://../Documents%20and%20Settings/nsuri/Desktop/matrixMovies/matrixHelo.mov