* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Building Secure System Using Mobile Agents - KTH
Document related concepts
MagicNET: Security Architecture for Discovery and Adoption of Mobile Agents Presented By Mr. Muhammad Awais Shibli Presentation Overview 1. 2. 3. 4. 5. 6. 7. Background Mobile Agents System Components Roles in the Proposed System Components of the System Operations of the System Conclusion Mobile Agents Mobile agents are self-contained software modules with additional credentials and accumulated data. They roam a network, moving autonomously from one server to another, perform their designated tasks, and finally, eventually, return to their control station. Background Wider Adoption of Mobile Agents Security Solutions – Platform – Agent Still Problem !!!! Secure Adoption – Experimental envirnoment – Close Envirnoment System Components MagicNET stands for Mobile Agents Intelligent Community Network, has developed at secLab at DSV Department at KTH. MagicNET provide complete infrastructural and functional component for secure mobile agent research and development. It provide support to build secure & trusted mobile agents, provide agents repository (agents’ store), Mobile Agents Servers (for their runtime execution), Mobile Agent Control Station, Infrastructural servers. Roles in the Proposed System Mobile Agent Author Mobile Agent Registrar Mobile Agent Manager (User) Components of the System Services Registration Station MagicNET Management Servers UDDI Server Agents Factory UDDI Server The UDDI (Universal Description, Discovery and Integration) Server provides the standard role of UDDI, as specified by OASIS. UDDI Server --implemented using open source project JUDDI Integrated into the WSO2 WSAS secure application server, so that Mobile Agent Registrar (publisher) can use HTTPS SSL/TLS for authentication. Apache Rampart Apache Rampart: Apache Rampart is the security module of Apache Axix2. It implements various Web services security specifications. Rampart eliminates security related threats at the message level. It provides protection against message alteration, confidentiality, man-in-themiddle attack, spoofing, DOS and reply attack. Operations of the System Entities Authentication(FIPS-196) Agent Service Registration Agents Adoption Agent Service Registration Mobile agent Registrar authentication with agent factory Fetches List of agents WSD from Agent Authors (current implementation) Publish with UDDI Server Agents Adoption Mobile agent Manager authentication with Agent Factory (optional, using SA) Published agents & Select Agent WSD obtained , auto generate client, connect to the web Server and reteive the agent. Message level security(X509 Rampart default scenario 2) Conclusion and Future Directions Agent Automatically publish services (Security issues.) Discovery by other agents and adoption dynamically. Questions ??? Strong Authentication Step 1: SR send hello message to Agent Factory along with its certificate (Digital and Non Repudiation Certificate). Step 2: Agent Factory will calculate challenge ChAF concatenate with originator and receiver ID and send to SR. Step 3: SR then calculates challenge ChSR concatenate with ChAF , then create hash of it and sign it and finally send to Agent Factory. Agent Factory also concatenate two challenges received calculates hash and then compare with the hash received from SR. If both hashes are same Agent Factory, concatenate both challenges then calculate hash and sign it, attach its certificate (digital and nonrepudiation) and send to SR. SR then send keyEnchipherment certificate to Agent Factory and then Agent Factory send its keyEnchipherment certificate to SA.