Communication and interoperability

Interoperability between different vendors' agent systems is key to the success of mobile agent computing. The subject can be divided into three areas: interoperability between systems that use a common implementation language, interoperability across platforms employing different implementation languages, and communication between agents. In general, the first two concern actions like agent and class transfer, and agent management. Communication between agents is in this context to be understood as higher-level interaction between mobile agents that seek to achieve certain goals through their interaction. Without common standards for at least interoperability between different agent platforms, usage of agent systems will be limited to proprietary environments.

Security

Mobile agent systems are exposed to possible security threats including communication security threats, threats from agents (both to other agents and the host system), and malicious host attacks. Since communication security is well-understood, and numerous solutions are available, it is not investigated further here. Threats from agents partly fall within the communication security category, and partly may show as authentication problems, which can also be addressed using well-known mechanisms like certificates, etc. As will be discussed later, the built-in security features of Java make this programming platform a favorite basis for mobile agent systems because they already provide the fundamentals for protecting host systems from attacks launched by mobile code.

A more complex issue is dealing with malicious hosts that try to manipulate visiting mobile agents. As Hohl [8] points out, "existing security mechanisms are not easily applicable here since the aspect of securing a program against a malicious interpreter is a rather new aspect." Table 1 illustrates the variety and complexity of the problem.

Most authors doubt that the malicious host problem can be solved at all without the unrealistic use of secure hardware [5, 7]. However, efforts to solve the malicious host problem exist and concentrate on two areas: code obfuscation (also called "code mess-up") and mobile cryptography [11].

Code obfuscation techniques aim to hinder re-engineering of the agent's function by transforming the code and data into an unreadable form via a mechanism that cannot be inverted with the currently available knowledge. Because it is clear that this can only prolong re-engineering, but does not prevent it from being performed, code mess-up techniques need to be combined with code/data lifetime restrictions.

The goal of cryptographic approaches is to find encryption schemes for functions that the mobile code implements. As an example, assume sample user Alice wants to evaluate a linear map A on input x which can be found on the computer of a second sample user, Bob. Alice wants to keep A secret. Therefore, instead of sending Bob A, she sends him a matrix B = SA, where S is a randomly chosen invertible matrix. Bob can now perform the computation and send back Bx, which Alice can calculate the results she was interested in from by simple multiplication with the inverse of S: S -1Bx=Ax.

Platform technology

The previous section listed some problem areas mobile agent systems must address. We now examine the technological approaches to those major issues that are undertaken in state-of-the-art mobile agent platforms and discuss their advantages and disadvantages.

Java-based agent systems

With features like platform-independence, the concept of Applets, a sophisticated security model, object serialization, and RMI (Remote Method Invocation), Java seems destined as a natural agent system platform [13]. Indeed, most of the recently developed agent systems are based on Java or Java-based technologies. For example, an agent system based on Sun's Java Intelligent Network Infrastructure (JINI) has been developed at the University of Maryland [4]; JINI already provides many techniques that are important for agent systems, such as look-up services. A (necessarily incomplete) list of available Java-based systems is given in Table 2.

[1]  [2]  [3]  [4]  [5]  [6]  [7]