Date: December 2002
Creator: Raghunathan, Subhashini
Description: Mobile agent technology presents an attractive alternative to the client-server paradigm for several network and real-time applications. However, for most applications, the lack of a viable agent security model has limited the adoption of the agent paradigm. This thesis presents a security model for mobile agents based on a security infrastructure for Computational Grids, and specifically, on X.509 Proxy Certificates. Proxy Certificates serve as credentials for Grid applications, and their primary purpose is temporary delegation of authority. Exploiting the similarity between Grid applications and mobile agent applications, this thesis motivates the use of Proxy Certificates as credentials for mobile agents. A new extension for Proxy Certificates is proposed in order to make them suited to mobile agent applications, and mechanisms are presented for agent-to-host authentication, restriction of agent privileges, and secure delegation of authority during spawning of new agents. Finally, the implementation of the proposed security mechanisms as modules within a multi-lingual and modular agent infrastructure, the Distributed Agent Delivery System, is discussed.
Contributing Partner: UNT Libraries