This paper addresses the problem of protecting the data carried by mobile agents from the possible attacks of malicious execution hosts. Specifically, we consider protection mechanisms that, instead of preventing malicious hosts from tampering with the collected data, simply aim at detecting tampering attempts. The various proposals that appeared in the literature so far are characterized by several limitations, some of which have been pointed out recently. In particular, data truncations may not be detected, and a binding of the static code to the collected data is missing. This paper takes into account such criticisms and formally defines a new protocol that does not suffer from all the previous limitations. Such a protocol is also configurable, according to the protection level needed. In this way, the minimum protection level compatible with the needed security properties can be selected each time.

A Configurable Mobile Agent Data Protection Protocol / Maggi, Paolo; Sisto, Riccardo. - STAMPA. - (2003), pp. 851-858. (Intervento presentato al convegno AAMAS'03 - 2nd ACM Int. Joint Conf. on Autonomous Agents and Multiagent Systems tenutosi a Melbourne, Australia nel July 2003) [10.1145/860575.860712].

A Configurable Mobile Agent Data Protection Protocol

MAGGI, PAOLO;SISTO, Riccardo
2003

Abstract

This paper addresses the problem of protecting the data carried by mobile agents from the possible attacks of malicious execution hosts. Specifically, we consider protection mechanisms that, instead of preventing malicious hosts from tampering with the collected data, simply aim at detecting tampering attempts. The various proposals that appeared in the literature so far are characterized by several limitations, some of which have been pointed out recently. In particular, data truncations may not be detected, and a binding of the static code to the collected data is missing. This paper takes into account such criticisms and formally defines a new protocol that does not suffer from all the previous limitations. Such a protocol is also configurable, according to the protection level needed. In this way, the minimum protection level compatible with the needed security properties can be selected each time.
2003
1581136838
File in questo prodotto:
File Dimensione Formato  
860575.860712.pdf

non disponibili

Tipologia: 2a Post-print versione editoriale / Version of Record
Licenza: Non Pubblico - Accesso privato/ristretto
Dimensione 239.57 kB
Formato Adobe PDF
239.57 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/1418140