Security Measures for Server Protection
A primary concern in agent-based mobile computing is security. From the perspective of servers, there is nothing more risky than providing docking services to remote general-purpose executables. Since an agent migrates with its code as well as data and running states, its privacy and integrity also need to be protected from attacks by visited servers in the itinerary. These two security requirements are equally important in an open environment because mobile agents can be authored by anyone and execute on any server that has docking services. However, server protection is more compelling in a coalition environment where the servers are generally cooperative and trustworthy, although mobile code from different servers may have different levels of trustiness. This chapter presents the design and implementation of an agent-oriented access control model in the Naplet system and a coordinated spatio-temporal access control model in coalition environments.