Protecting Integrity and Secrecy of Mobile Agents on Trusted and Non-Trusted Agent Places

Mobile Software Agents are at the mercy of the agent places they visit on their itinerary. But certain applications have a need for protection of secrecy and integrity of parts of the mobile agents data space. In this paper I will introduce a definition of the term Mobile Software Agent that is derived from a general definition of the term agent and the definition of Wooldridge and Jennings in 1998. I will divide the agents dataspace into four types of data which are used as base for my protection classes. Later I define types of agent operations based on applictions that are proposed by Wooldridge and Jennings. To protect integrity and secrecy of static program and static results of an agent (data types 0 and 2) some protocols have been proposed in different papers. I will examine these protocols and extract general methods from these protocols. As result of this examinations I will incorporate a new method, the Code-Place-Result Relations, into the Chained Digital Signature protocols from Karjoth, Asokan and Gülçü to counter Interleaving Attacks that have been developed by Volker Roth. The examined protocols will then be classified by protection class and used methods. I will show relations between my types of agent operations, protocols, my methods and my protection classes. Of the eight protocols that I will examine I will propose three protocols for further usage; Environmental Key Generation (by Schneier and Riordan) and the two improved Chained Digital Signature Protocols. Additionally I will propose Digital Signatures to provide integrity of static parts. Digital Signatures need a working public key infrastructure or other systems for key distribution to work. Environmental Key Generation is only usable in some settings, for example to protect the identity of an originator of an agent within a mobile ad hoc network. I will introduce a Traffic Information Agent System as an example analysis of threats and recommendations how to protect certain security objectives. In my conclusion I will compare the protection of integrity and secrecy in mobile agents with the protection in the client-server model.