Mobile Agent Protection Mechanisms, and the Trusted Agent Proxy Server (TAPS) Architecture

Autonomous mobile agents have been purported as a promising new alternative to traditional distributed computing approaches, bringing many advantageous features. Notwithstanding this, mobile agent technology has yet to see wide deployment in open networks like the Internet. The lack of interoperability between agent systems has impaired such progress. Moreover, fears of security breaches by malicious agent platforms has been a chief contributing factor in the lack of capital investment in Internet agent technology. The attraction of the mobile agent paradigm is diminished if the agent owner cannot trust the results of its deployed agents. However, as in other distributed systems, appropriately applying traditional distributed systems security techniques and incorporating trusted third-parties can discourage and detect bad behaviour by remote systems. This paper presents the TAPS architecture for mitigating security risks from malicious agent platforms. The TAPS architecture uniquely adapts highly standardised network security techniques (appropriately in an agent framework) so that previously untrusted agent platforms are held more accountable. With a key objective being compliance to the Mobile Agent Facility specification, a large number of agent systems can readily utilise the features of this security architecture. The TAPS architecture provides a ’middleman’ server that anonomises authenticated agent entities in agent itineraries. We believe that the TAPS architecture will be a substantially more robust approach for protecting mobile agents than existing mobile agent threat countermeasures which tend to be piecemeal and inflexible in nature.