An XML standards based authorization framework for mobile agents

Authors:
G. Navarro;J. Borrell
Affiliations:
Dept. of Information and Communications Engineering, Universitat Autònoma de Barcelona, Bellaterra, Spain;Dept. of Information and Communications Engineering, Universitat Autònoma de Barcelona, Bellaterra, Spain
Venue:
MADNES'05 Proceedings of the First international conference on Secure Mobile Ad-hoc Networks and Sensors
Year:
2005

Citing 11
Cited 2

KAoS: toward an industrial-strength open agent architecture

Software agents
Proposed NIST standard for role-based access control

ACM Transactions on Information and System Security (TISSEC)
ACM SIGAda Ada Letters

ACM SIGAda Ada Letters
Certificate chain discovery in SPKI?SDSI

Journal of Computer Security
Implementation of Secure Architectures for Mobile Agents in MARISM-A

MATA '02 Proceedings of the 4th International Workshop on Mobile Agents for Telecommunication Applications
Using Authority Certificates to Create Management Structures

Revised Papers from the 9th International Workshop on Security Protocols
Role-Based Access Control for E-commerce Sea-of-Data Applications

ISC '02 Proceedings of the 5th International Conference on Information Security
A Security Model for Aglets

Mobile Agents and Security
Constrained Delegation

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Protected Resource Access for Mobile Agent-based Distributed Computing

ICPPW '98 Proceedings of the 1998 International Conference on Parallel Processing Workshops
The PRIMA System for Privilege Management, Authorization and Enforcement in Grid Environments

GRID '03 Proceedings of the 4th International Workshop on Grid Computing

Protecting mobile agents from external replay attacks

Journal of Systems and Software
Security architecture and methodology for authorisation of mobile agents

International Journal of Internet Technology and Secured Transactions

Quantified Score

Hi-index	0.00

Visualization

Abstract

An outstanding security problem in mobile agent systems is resource access control, or authorization in its broader sense. In this paper we present an authorization framework for mobile agents. The system takes as a base distributed RBAC policies allowing the discretionary delegation of authorizations. A solution is provided to assign authorizations to mobile agents in a safe manner. Mobile agents do not need to carry sensitive information such as private keys nor they have to perform sensitive cryptographic operations. The proposed framework makes extensive use of security standards, introducing XACML and SAML in mobile agent system. These are widely accepted standards currently used in Web Services and Grid.