Evaluation of security and fault tolerance in mobile agents

Abstract

The reliable execution of a mobile agent is a very important design issue in building a mobile agent system and many fault-tolerant schemes have been proposed so far. Security is a major problem of mobile agent systems, especially when money transactions are concerned . Security for the partners involved is handled by encryption methods based on a public key authentication mechanism and by secret key encryption of the communication. In this paper, we examine qualitatively the security considerations and challenges in application development with the mobile code paradigm. We identify a simple but crucial security requirement for the general acceptance of the mobile code paradigm, and evaluate the current status of mobile code development in meeting this requirement. We find that the mobile agent approach is the most interesting and challenging branch of mobile code in the security context. Therefore, we built a simple agent-based information retrieval application, the Traveling Information Agent system, and discuss the security issues of the system in particulars. ©2008 IEEE.