移动Agent安全机制的研究
|
摘要
随着互联网的快速发展和网络技术的不断进步,一种基于移动Agent的分布式计算模式成为研究的重点。现阶段移动Agent系统并没有完善的安全保障机制。因此,安全性不足阻碍了移动Agent系统的广泛应用。本文在论述了现阶段移动Agent系统面临各种安全问题之后,研究分析了现有的一些安全保障机制,设计了在Aglet平台下移动Agent系统的主机、传输、服务器端的三层一体的安全机制,引入了主机端的安全服务站,利用了访问控制和加密等技术旨在保证移动Agent的生命周期中各个环节的安全。本文借助一个安全实例利用ACL配置了一个基于访问控制列表机制的移动Agent的网络环境,带有ACL的移动Agent环境减少了指定端口的数据量,降低了CPU的使用率。通过实验数据分析证明了带有加密机制的移动Agent同传统的集中式的计算模型相比在网络流量减少方面还是有一定的优势的。
With the internet rapidly developing and network technique increasingly improving, a model of Mobile Agent-based distributed calculation has become the focus of the research, while there is no perfect security insurance mechanism in the present mobile agent-based system, which is applied to ensure the safe communication among mobile-agents in the process of arranging. Therefore, the lack of security is an obstacle to the extensive use of mobile-agent system. Following the presentation of the safety challenges faced with the present mobile-agent system, in this passage, current security insurance mechanisms are illustrated and a Aglet platform-based security mechanism of integrating the three layers of host computer transfer and service end is put forward. what's more, the Host security service is designed, which takes advantage of the techniques such as the control over visits and decipherment so as to secure all links in mobile-agent life circle.
With the internet rapidly developing and network technique increasingly improving, a model of Mobile Agent-based distributed calculation has become the focus of the research, while there is no perfect security insurance mechanism in the present mobile agent-based system, which is applied to ensure the safe communication among mobile-agents in the process of arranging. Therefore, the lack of security is an obstacle to the extensive use of mobile-agent system. Following the presentation of the safety challenges faced with the present mobile-agent system, in this passage, current security insurance mechanisms are illustrated and a Aglet platform-based security mechanism of integrating the three layers of host computer transfer and service end is put forward. what's more, the Host security service is designed, which takes advantage of the techniques such as the control over visits and decipherment so as to secure all links in mobile-agent life circle.
引文
[1] V Roth, M Jalali. Concepts and architecture of a security-centric mobile agent server. The 5th Symposium on Autonomous and Decentralized System. Dallsa:lEEE Computer Society Press 2005
[2] Koliousis,Alexandros;Sventek,Joseph;A Trustworthy Mobile Agent Infrastructure for Network Management Integrated Network Management, IM 07. 10th IFIP/IEEE International Symposium on May 25 2007 Page(s):383–390
[3] Al-Obasiat, Y.; Braun, R.;A Multi-Agent Flexible Architecture for Autonomic Services and Network Management Computer Systems and Applications, 2007. AICCSA '07. IEEE/ACS International Conference on 13-16 May 2007 Page (s):124–131
[4] N Suri, J Bradshaw,M Breedy et al. Nomads: Toward a strong and safe mobile agent system ,InProc of the 4th Conf on Autonomous Agents. New York:: ACTvI Press,2007, Page(s):163一168
[5] McGraw, Felten E.Understanding the keys to Java security: the Sandbox and authentication. JavaWorld. 1997 (5): 20-25
[6] Bieszczad White T,and Pagurek B., Mobile Agents for Network Management, IEEE Communication Surveys, September 1999,1(1)
[7] Hyun-Chul Kang; Jae-Wook Lee; Gil-Haeng Lee; Web-based Traffic Management for Customer Network Management; Computational Intelligence for Modelling,Control and Automation, 2006 Nov. 28 2006-Dec. 1 2006 Page(s):155 -155
[8] Taher E1Gamal.A Public Key Cryptosystem and a Signature Scheme based on Discrete Logarithms.IEEE , IT-31(4) July 2002:469-472
[9] Chao Dong; Xiao-rong Cheng; Ming-quan Zhang;Research of Mobile Agent Based Network Topology Discovery Innovative Computing, Information and Control, 2006. ICICIC '06. First International Conference onVolume 1, 30-01 Aug. 2006 Page(s):733 - 736
[10] Autran, G.; Xining Li;Large Scale Deployment a Mobile Agent Approach to Network Management Networking, 2008. ICN 2008. Seventh International Conference on13-18 April 2008 Page(s):614-619
[11] Davidson, E.M.; McArthur, S.D.J.;Exploiting Multi-agent System Technology within an Autonomous Regional Active Network Management System Intelligent Systems Applications to Power Systems,ISAP 2007.International Conference on 5-8 Nov. 2007 Page(s):1 -6
[12]Konno,S; Sameera, A.; Iwaya, Y.; Abe, T.; Kinoshita, T.;Knowledge-Based Support of Network Management Tasks Using Active Information Resource Intelligent Agent Technology,IAT '06. IEEE/WIC/ACM International Conference on 18-22 Dec.2006 Page(s):195-199
[13] Kotz, D., Gray, R., Nog, S:;Targeting the Need of Mobile Computers, IEEE Internet Computing, 2003,1(4):58-67
[14] N Islam,Ranand, T Jaeger et al. A flexible security system for using Internetcontent. IEEE Software, 2007,14(5) :P52-59
[15] Wilhelm Uwe G, S.Staamann. Protecting the Itinerary of Mobile Agents. Proceedings of the ECOOP Workshop on Distributed Object Security and 4th Workshop on Mobile Object Systems.2004,1(5): 68-90
[16]黄水源,段隆振,周理凤基于移动Agent网络智能化服务模型.网络与通信[J] 2007 12:87-89
[17]王常杰,张方国,王育民.Internet移动代理技术中的安全性研究.西安电子科技大学学报[J].2001,128(2): 268-272
[18]曹锦纲,郑顾平.基于Agent的智能决策支持系统研究与应用.电脑开发与应用[J] 2005,7:50-53
[19]胡建理,王嘉祯,彭德云,张朝伟.移动Agent实验平台的设计与实现.计算机工程与设计[J] 2006,6:2146-2148
[20]张红旗.信息网络安全[M].北京:清华大学出版社,2002
[21]郑洪方,韩传冰,王光兴网络管理中基于移动Agent的通信模型及性能分析.计算机科学[J] 2005,3:40-43
[22]张宿新,基于移动Agent的网络管理的关键技术探讨.电力系统通信[J] 2005:11:47-48
[23]李冶文,孟洛明,亓峰网络管理环境下移动代理技术应用研究的现状问题与展望.电子学报[J] 2002 4: 564-569
[24]何炎祥,陈莘萌. Agent和多Agent系统的设计与应用[M].武汉:武汉大学出版社, 2001
[25]万定生,卞海红,陈元斌.移动Agent在恶意主机中的安全问题.微机发展[J].2004,14(3): 110-112
[26]李迈勇,金名,张长富.网络安全加密原理算法与协议[M].北京:清华大学出版社.2007
[27]刘广钟,施小龙.Agent的管理模型及结构[J].计算机工程,2002,2:91-92
[28]樊玉杰,李俊.基于移动Agent的网络化远程监控系统设计.数据与采集[J] 2008,4:93-95
[29]崔骋宇,何东健基于移动Agent和Web的分布式网络管理系统.计算机工程与设计[J] 2007 11:5420-5422.
[30]张阳,曹迎春.移动Agent系统中的安全问题和技术研究综述.计算机科学[J] 2005,3:21-25
[2] Koliousis,Alexandros;Sventek,Joseph;A Trustworthy Mobile Agent Infrastructure for Network Management Integrated Network Management, IM 07. 10th IFIP/IEEE International Symposium on May 25 2007 Page(s):383–390
[3] Al-Obasiat, Y.; Braun, R.;A Multi-Agent Flexible Architecture for Autonomic Services and Network Management Computer Systems and Applications, 2007. AICCSA '07. IEEE/ACS International Conference on 13-16 May 2007 Page (s):124–131
[4] N Suri, J Bradshaw,M Breedy et al. Nomads: Toward a strong and safe mobile agent system ,InProc of the 4th Conf on Autonomous Agents. New York:: ACTvI Press,2007, Page(s):163一168
[5] McGraw, Felten E.Understanding the keys to Java security: the Sandbox and authentication. JavaWorld. 1997 (5): 20-25
[6] Bieszczad White T,and Pagurek B., Mobile Agents for Network Management, IEEE Communication Surveys, September 1999,1(1)
[7] Hyun-Chul Kang; Jae-Wook Lee; Gil-Haeng Lee; Web-based Traffic Management for Customer Network Management; Computational Intelligence for Modelling,Control and Automation, 2006 Nov. 28 2006-Dec. 1 2006 Page(s):155 -155
[8] Taher E1Gamal.A Public Key Cryptosystem and a Signature Scheme based on Discrete Logarithms.IEEE , IT-31(4) July 2002:469-472
[9] Chao Dong; Xiao-rong Cheng; Ming-quan Zhang;Research of Mobile Agent Based Network Topology Discovery Innovative Computing, Information and Control, 2006. ICICIC '06. First International Conference onVolume 1, 30-01 Aug. 2006 Page(s):733 - 736
[10] Autran, G.; Xining Li;Large Scale Deployment a Mobile Agent Approach to Network Management Networking, 2008. ICN 2008. Seventh International Conference on13-18 April 2008 Page(s):614-619
[11] Davidson, E.M.; McArthur, S.D.J.;Exploiting Multi-agent System Technology within an Autonomous Regional Active Network Management System Intelligent Systems Applications to Power Systems,ISAP 2007.International Conference on 5-8 Nov. 2007 Page(s):1 -6
[12]Konno,S; Sameera, A.; Iwaya, Y.; Abe, T.; Kinoshita, T.;Knowledge-Based Support of Network Management Tasks Using Active Information Resource Intelligent Agent Technology,IAT '06. IEEE/WIC/ACM International Conference on 18-22 Dec.2006 Page(s):195-199
[13] Kotz, D., Gray, R., Nog, S:;Targeting the Need of Mobile Computers, IEEE Internet Computing, 2003,1(4):58-67
[14] N Islam,Ranand, T Jaeger et al. A flexible security system for using Internetcontent. IEEE Software, 2007,14(5) :P52-59
[15] Wilhelm Uwe G, S.Staamann. Protecting the Itinerary of Mobile Agents. Proceedings of the ECOOP Workshop on Distributed Object Security and 4th Workshop on Mobile Object Systems.2004,1(5): 68-90
[16]黄水源,段隆振,周理凤基于移动Agent网络智能化服务模型.网络与通信[J] 2007 12:87-89
[17]王常杰,张方国,王育民.Internet移动代理技术中的安全性研究.西安电子科技大学学报[J].2001,128(2): 268-272
[18]曹锦纲,郑顾平.基于Agent的智能决策支持系统研究与应用.电脑开发与应用[J] 2005,7:50-53
[19]胡建理,王嘉祯,彭德云,张朝伟.移动Agent实验平台的设计与实现.计算机工程与设计[J] 2006,6:2146-2148
[20]张红旗.信息网络安全[M].北京:清华大学出版社,2002
[21]郑洪方,韩传冰,王光兴网络管理中基于移动Agent的通信模型及性能分析.计算机科学[J] 2005,3:40-43
[22]张宿新,基于移动Agent的网络管理的关键技术探讨.电力系统通信[J] 2005:11:47-48
[23]李冶文,孟洛明,亓峰网络管理环境下移动代理技术应用研究的现状问题与展望.电子学报[J] 2002 4: 564-569
[24]何炎祥,陈莘萌. Agent和多Agent系统的设计与应用[M].武汉:武汉大学出版社, 2001
[25]万定生,卞海红,陈元斌.移动Agent在恶意主机中的安全问题.微机发展[J].2004,14(3): 110-112
[26]李迈勇,金名,张长富.网络安全加密原理算法与协议[M].北京:清华大学出版社.2007
[27]刘广钟,施小龙.Agent的管理模型及结构[J].计算机工程,2002,2:91-92
[28]樊玉杰,李俊.基于移动Agent的网络化远程监控系统设计.数据与采集[J] 2008,4:93-95
[29]崔骋宇,何东健基于移动Agent和Web的分布式网络管理系统.计算机工程与设计[J] 2007 11:5420-5422.
[30]张阳,曹迎春.移动Agent系统中的安全问题和技术研究综述.计算机科学[J] 2005,3:21-25