Trust Model for Hybrid Security Architecture Based on Reputation for Secure Execution of Mobile Agents

Mobile Agents (MA) are software programs that live in computer networks, performing their computations and moving from host to host as necessary to fulfill user goals. MA technology has gained popularity in the world of computing for various applications, but securing MAs, as they move from one machine to the other, has been the challenge that hinders full adoption of this technology by organizations. Autonomous behavior of MA and the malicious environment of the internet give rise to various important security issues related with both MA and its host. The major security threats are either threats against the hosts, or threats against the MA. MA security problem is a complex problem and require a multifold solution. This paper presents Hybrid Security Architecture (HAS) inspired by the various existing security techniques including digital signature, encryption, intrusion detections, signed agreement, trust and others. Since all are well studied and experimented techniques, paper does not discuss all in details. This paper explores the trust model based on reputation to provide security to both MA and executing host. Proposed approach divides the network into regions where a centralized component in each region is responsible to compute the Reputation Value (RV) for each incoming and outgoing MAs. Each region maintains a Local Reputation Table for MAs. A Global Reputation Table (GRT) is also maintains which only stores the information about the suspicious or malicious MAs. GRT is concern only when local data are insufficient to make decision about the trust worthiness of MA. Behavior of MA and host are watched during execution and analyzed to update their RV.