A security architecture for mobile agents in Ajanta

Abstract

A mobile agent represents a computation that can autonomously migrate in a network to perform tasks on behalf of its creator. This paper describes the security architecture of Ajanta, a Java-based system for mobile agent programming. This architecture provides mechanisms to protect server resources from malicious agents, agent data from tampering by malicious servers, and to protect the system infrastructure itself. An agent can carry three kinds of protected data: read-only objects, objects visible only to specific servers, and a secure append-only list of objects. Agents' access to server resources is controlled using a proxy-based mechanism. A generic authentication protocol is used for all sensitive client-server interactions. Ajanta also supports communication between remote agents using RMI, which can be controlled by the servers' security policies.