Download Building Secure System Using Mobile Agents - KTH

yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

Authentication wikipedia , lookup

Security-focused operating system wikipedia , lookup

Mobile device forensics wikipedia , lookup

Carrier IQ wikipedia , lookup

Link Motion Inc wikipedia , lookup

Mobile security wikipedia , lookup

MagicNET: Security
Architecture for Discovery
and Adoption
of Mobile Agents
Presented By
Mr. Muhammad Awais Shibli
Presentation Overview
Mobile Agents
System Components
Roles in the Proposed System
Components of the System
Operations of the System
Mobile Agents
Mobile agents are self-contained software
modules with additional credentials and
accumulated data. They roam a network,
moving autonomously from one server to
another, perform their designated tasks, and
finally, eventually, return to their control
Wider Adoption of Mobile Agents
 Security Solutions
– Platform
– Agent
Still Problem !!!!
Secure Adoption
– Experimental envirnoment
– Close Envirnoment
System Components
MagicNET stands for Mobile Agents Intelligent
Community Network, has developed at secLab at DSV
Department at KTH.
MagicNET provide complete infrastructural and functional
component for secure mobile agent research and
It provide support to build secure & trusted mobile agents,
provide agents repository (agents’ store), Mobile Agents
Servers (for their runtime execution), Mobile Agent
Control Station, Infrastructural servers.
Roles in the Proposed System
Mobile Agent Author
 Mobile Agent Registrar
 Mobile Agent Manager (User)
Components of the System
Services Registration Station
 MagicNET Management Servers
 UDDI Server
 Agents Factory
UDDI Server
The UDDI (Universal Description, Discovery and
Integration) Server provides the standard role of
UDDI, as specified by OASIS.
 UDDI Server --implemented using open source
project JUDDI
 Integrated into the WSO2 WSAS secure
application server, so that Mobile Agent Registrar
(publisher) can use HTTPS SSL/TLS for
Apache Rampart
Apache Rampart: Apache Rampart is the security
module of Apache Axix2. It implements various
Web services security specifications.
 Rampart eliminates security related threats at the
message level. It provides protection against
message alteration, confidentiality, man-in-themiddle attack, spoofing, DOS and reply attack.
Operations of the System
Entities Authentication(FIPS-196)
 Agent Service Registration
 Agents Adoption
Agent Service Registration
Mobile agent Registrar authentication with
agent factory
 Fetches List of agents
 WSD from Agent Authors (current
 Publish with UDDI Server
Agents Adoption
Mobile agent Manager authentication with
Agent Factory (optional, using SA)
 Published agents & Select Agent
 WSD obtained , auto generate client,
connect to the web Server and reteive the
 Message level security(X509 Rampart
default scenario 2)
Conclusion and Future Directions
Agent Automatically publish services
(Security issues.)
 Discovery by other agents and adoption
Questions ???
Strong Authentication
Step 1: SR send hello message to Agent Factory along with its
certificate (Digital and Non Repudiation Certificate).
Step 2: Agent Factory will calculate challenge ChAF concatenate with
originator and receiver ID and send to SR.
Step 3: SR then calculates challenge ChSR concatenate with ChAF ,
then create hash of it and sign it and finally send to Agent Factory.
Agent Factory also concatenate two challenges received calculates
hash and then compare with the hash received from SR.
If both hashes are same Agent Factory, concatenate both challenges
then calculate hash and sign it, attach its certificate (digital and nonrepudiation) and send to SR.
SR then send keyEnchipherment certificate to Agent Factory and then
Agent Factory send its keyEnchipherment certificate to SA.