Enforcing resource bound safety for mobile SNMP agents

Abstract

The integration of mobile agents with SNMP creates significant advantages for the management of complex networks. Nevertheless, the security concerns of mobile agent technology limit its acceptance in practice. A key issue is to safeguard resource usage abuse by malicious or buggy mobile agents on the hosting system. This paper describes how the TINMAN architecture, a framework and a suite of tools for enforcing resource safety of mobile code is applied to mobile SNMP agents. TINMAN uses a suite of resource-usage checking tools which consists of a resource bound predictor a usage certification generator and a verifier at compile-time, and certificate validation and monitoring tools at run-time. This paper shows how TINMAN tools can provide 100% coverage by a combination of off-line static analysis and run-time monitoring in enforcing safety on resource consumption of mobile SNMP agents. Experimental results from the current TINMAN implementation are given.