Monday, July 30, 2012

Mobile Agent Security



Evolution of Mainframes to Mobile Agents has gained a significant attention in the perspective of centralized monolithic computing environments which supports static applications and thereafter the client-server environments that allow complex forms of distributed computing and finally mobile agent which goes one step further, allowing complete mobility of cooperating applications among supporting platforms to form a large-scale, loosely-coupled distributed system.

Wiki says a mobile agent is a composition of computer software and data which is able to move from one computer to another autonomously and continue its execution on the destination computer.

Agent can exercise an individual's or organization's authority, work autonomously toward a particular goal, and meet and interact with other agents. Agents can be developed such that are goal-directed and capable of suspending their execution on one environment and moving to another environment where they resume execution. 

There are widely agreed characteristics of Agents such as;
  • Situatedness means that the agent receives sensory input from its environment and that it can perform actions which change the environment in some way
  • Autonomy means that an agent is able to act without the direct intervention of humans (or other agents), and that it has control over its own actions and internal state
  • Flexibility can be defined to include the following properties:
    •  Responsive: refers to an agent’s ability to perceive its environment and respond in a timely fashion to changes that occur in it.
    • Pro-active: agents are able to exhibit opportunistic, goal-driven behavior and take the initiative where appropriate.
    • Social: agents should be able to interact, when appropriate, with other agents and humans in order to solve their own problems and to help others with their activities.
Basically mobile agent contains the following three components which are;
  • Code - the program (in a suitable language) that defines the agent's behavior.
  • State - the agent's internal variables etc., which enable it to resume its activities after moving to another host.
  • Attributes - information describing the agent, its origin and owner, its movement history, resource requirements, authentication keys etc. Part of this may be accessible to the agent itself, but the agent must not be able to modify the attributes
Agent execution gives several advantages. Danny Lange’s mentioned seven good reasons for mobile agents such as; 
  1. Reducing network load
  2. Overcoming network latency
  3. Encapsulating protocols
  4. Executing asynchronously and autonomously
  5. Adapting dynamically
  6. Naturally heterogeneous
  7. Robust and fault-tolerant
The concept of an agent originates from the area of Artificial Intelligence (AI) but has now gained more widespread acceptance in mainstream computer science. The term ‘agent’ has become rather fashionable, and a more mature technology than currently available is often implied. This is in particular true for security in multi-agent systems. Over-simplified assumptions and non-applicable references to security solutions are not uncommon in the literature. Naturally, security is not a driving force for research and development of multi-agent systems, and therefore has not received much attention from the agent community. Nevertheless, in order for agent technology to gain widespread use and provide viable solutions on a wider scale for commercial applications, security issues need to be properly addressed.

Mobile agents and mobile agent platforms are exposed to various security threats. Attacks on mobile agents and platforms can put in two main forms which are active and passive. Active attacks try to modify system and cause different behavior of system while passive attacks try to collect data without authorization. Let’s take a look what are the security implications that are lived with mobile agents.


Security Implications


Following describes the practical security implications of mobile agents.

Agent Execution

Agent needs a place to execute its programs. A computer host, the immediate environment of an agent, is ultimately responsible for the correct execution and protection of the agent. This leads us to the question of where access control decisions should be performed and enforced. Does the agent contain all necessary logic and information required to decide if an incoming request is authentic and if so, is it authorized which has the right to access the requested information or service? Or can the agent rely on the platform for access control services?
The environment might also need certain protection from the agents that it hosts. An agent should, for example, be prevented from launching a denial of service attack through consuming all resources on a host, thus preventing the host from carrying out other things (such as executing other agents). 

Situatedness

The meaning of the term ‘environment’ depends on the application and appears to be somewhat arbitrary in the agent literature; it can for example be the Internet or the host on which the agent is executing. An agent is assumed to be ‘aware’ of certain states or events in its environment. Depending on the nature and origin of this information, its authenticity and availability need to be considered. If an agent’s ‘environment’ is limited to the host on which it is executing, no specific security measures might be necessary. The situation is however likely to be different if the agent receives environment information from, or via, the Internet.
  

Autonomy

Autonomy, when combined with other features given to agents, can introduce serious security concerns. If an agent, for example, is given authority to buy or sell things, it should not be possible for another party to force the agent into committing to something it would not normally commit to. Neither should an agent be able to make commitments it cannot fulfill. Hence, issues related to delegation needs to be considered for agents. The autonomy property does not necessarily introduce any ‘new’ security concerns; this property is held by many existing systems. It is worth mentioning that Internet worms or viruses also hold this property, which enables them to spread efficiently without requiring any intentional or unintentional human interaction. The lesson to learn from this is that powerful features can also be used for malicious purposes if not properly controlled.

Communication

Agents can communicate with other agents and humans. Just as an agent’s communication with its environment needs to be protected, so does its communication with other agents and humans. The following security fundamentals should be provided: 
  • Confidentiality: Assurance that communicated information is not accessible to unauthorized parties
  • Data integrity: Assurance that communicated information cannot be manipulated by unauthorized parties without being detected
  • Authentication: Assurance that communication originates from its claimant
  • Availability: Assurance that communication reaches its intended recipient in a timely fashion
  • Non-repudiation: Assurance that the originating entity can be held responsible for its communications. Fundamental to the above mentioned communication security properties are issues relating to the identification and authentication of the sending and receiving parties 
It should be noted that security usually comes at a cost. Additional computing resources as well as communication resources are required by most solutions. Therefore, security needs to be dynamic. Sometimes it makes sense to protect all communication within a system to the same degree, as the actual negotiation of security mechanisms but not practical. However, in a large scale open multi-agent system, security services and mechanisms need to be able to fit the purpose and nature of the communications of various applications with differing security requirements.

Some implementations of agents assume that security is provided transparently by a lower layer. This approach might be sufficient in a closed system where the agents can trust each other and the only concern is external malicious parties. However, within Mobile VCE we believe that agents in an open system need to be ‘security aware’, i.e. they need to be able to make decisions based on where information is originating from and how well protected it is. As suggested elsewhere , public key cryptography and a supporting public key infrastructure can be used as important parts of inter-agent communication. With a public key infrastructure in place, security protocols and mechanisms already developed for other applications can be made to fit the requirements of multi-agent systems to provide authentication, confidentiality, and data integrity. 
  

Mobility

The use of mobile agents raises a number of security concerns. Agents need protection from other agents and from the hosts on which they execute. Similarly, hosts need to be protected from agents and from other parties that can communicate with the platform. The problems associated with the protection of hosts from malicious code are quite well understood.
The problem posed by malicious hosts to agents seems more complex to solve. Since an agent is under the control of the executing host, the host can in principle do anything to the agent and its code. The particular attacks that a malicious host can make can be summarized as follows.
  • Masquerading as a different host
  • Eavesdropping on agent communications
  • Manipulation of agent communications
  • False system call return values
  • Observation of code, data and flow control
  • Manipulation of code, data and flow control – including manipulating the route of an agent
  • Incorrect execution of code – including re-execution
  • Denial of execution – either in part or whole

Security Threats

 Threats to security generally fall into three main classes: 
  1. disclosure of information, 
  2. denial of service 
  3. and corruption of information. 
There are a variety of ways to examine these classes of threats in greater detail as they apply to agent systems. Here, we use the components of an agent system to categorize the threats as a way to identify the possible source and target of an attack. It is important to note that many of the threats that are discussed have counterparts in conventional client-server systems and have always existed in some form in the past (e.g., executing any code from an unknown source either downloaded from a network or supplied on floppy disk). Mobile agents simply offer a greater opportunity for abuse and misuse, broadening the scale of threats significantly.

Here, an agent is comprised of the code and state information needed to carry out some computation. Mobility allows an agent to move, or hop, among agent platforms. The agent platform provides the computational environment in which an agent operates. The platform from which an agent originates is referred to as the home platform, and normally is the most trusted environment for an agent. One or more hosts may comprise an agent platform, and an agent platform may support multiple computational environments, or meeting places, where agents can interact        
 
















Four threat categories are identified: 
  1. Threats stemming from an agent attacking an agent platform
  2. An agent platform attacking an agent
  3. An agent attacking another agent on the agent platform
  4. And other entities attacking the agent system. 
The last category covers the cases of an agent attacking an agent on another agent platform, and of an agent platform attacking another platform, since these attacks are primarily focused on the communications capability of the platform to exploit potential vulnerabilities. The last category also includes more conventional attacks against the underlying operating system of the agent platform 

Types of Threats

Mobile Agent security can be categorized into two major two aspects. One is protecting the host machine and the other one is protecting the mobile agent.  These can be further decomposed into another four vulnerable which are

  1. Agent to host threats
  2. Agent to agent threats 
  3. Host to agent threats

1. Agent to Host

The agent-to-platform category represents the set of threats in which agents exploit security weaknesses of an agent platform or launch attacks against an agent platform.  This set of threats includes masquerading, denial of service and unauthorized access.

Masquerade: means an unauthorized agent claims the identity of another agent. The masquerading agent may pose as an authorized agent in an effort to gain access to services and resources to which it is not entitled. The masquerading agent may also pose as another unauthorized agent in an effort to shift the blame for any actions for which it does not want to be held accountable. A masquerading agent may damage the trust the legitimate agent has established in an agent community and its associated reputation.

Unauthorized Access: Access control mechanisms are used to prevent unauthorized users or processes from accessing services and resources for which they have not been granted permission and privileges as specified by a security policy. Each agent visiting a platform must be subject to the platform's security policy. Applying the proper access control mechanisms requires the platform or agent to first authenticate a mobile agent’s identity before it is instantiated on the platform. An agent that has access to a platform and its services without having the proper authorization can harm other agents and the platform itself. A platform that hosts agents representing various users and organizations must ensure that agents do not have read or write access to data for which they have no authorization, including access to residual data that may be stored in a cache or other temporary storage

Denial of Service: Mobile agents can launch denial of service attacks by consuming an excessive amount of the agent platform's computing resources. This denial of service attacks can be launched intentionally by running attack scripts to exploit system vulnerabilities, or unintentionally through programming errors. Security threats resulting from programming errors and intentional flaws have been written about since the early 1970's. Program testing, configuration management, design reviews, independent testing, and other software engineering practices have been proposed to help reduce the risk of programmers intentionally, or unintentionally, introducing malicious code into an organization’s computer systems. The mobile computing paradigm, however, requires an agent platform to accept and execute an agent whose code may have been developed outside its organization and has not been subject to any a priori review. A rogue agent may carry malicious code that is designed to disrupt the services offered by the agent platform, degrade the performance of the platform, or extract information for which it has no authorization to access. Depending on the level of access, the agent may be able to completely shut down or terminate the agent platform. 


2. Agent to Agent
The agent-to-agent category represents the set of threats in which agents exploit security weaknesses of other agents or launch attacks against other agents. This set of threats includes masquerading, unauthorized access, denial of service and repudiation. Many agent platform components are also agents themselves. These platform agents provide system-level services such as directory services and inter-platform communication services. Some agent platforms allow direct inter-platform agent-to-agent communication, while others require all incoming and outgoing messages to go through a platform communication agent. These architecture decisions intertwine agent-to-agent and agent-to- platform security

Masquerade: Agent-to-agent communication can take place directly between two agents or may require the participation of the underlying platform and the agent services it provides. In either case, an agent may attempt to disguise its identity in an effort to deceive the agent with which it is communicating. An agent may pose as a well-known vendor of goods and services, for example, and try to convince another unsuspecting agent to provide it with credit card numbers, bank account information, some form of digital cash, or other private information. Masquerading as another agent harms both the agent that is being deceived and the agent who's identity has been assumed, especially in agent societies where reputation is valued and used as a means to establish trust

Denial of service: Mobile agents can launch denial of service attacks by consuming an excessive amount of the agent platform's computing resources. This denial of service attacks can be launched intentionally by running attack scripts to exploit system vulnerabilities, or unintentionally through programming errors. Security threats resulting from programming errors and intentional flaws have been written about since the early 1970's. Program testing, configuration management, design reviews, independent testing, and other software engineering practices have been proposed to help reduce the risk of programmers intentionally, or unintentionally, introducing malicious code into an organization’s computer systems. The mobile computing paradigm, however, requires an agent platform to accept and execute an agent whose code may have been developed outside its organization and has not been subject to any a priori review. A rogue agent may carry malicious code that is designed to disrupt the services offered by the agent platform, degrade the performance of the platform, or extract information for which it has no authorization to access. Depending on the level of access, the agent may be able to completely shut down or terminate the agent platform

Repudiation: Repudiation occurs when an agent, participating in a transaction or communication, later claims that the transaction or communication never took place. Whether the cause for repudiation is deliberate or accidental, repudiation can lead to serious disputes that may not be easily resolved unless the proper countermeasures are in place. An agent platform cannot prevent an agent from repudiating a transaction, but platforms can ensure the availability of sufficiently strong evidence to support the resolution of disagreements. This evidence may deter an agent that values its reputation and the level of trust others place in it, from falsely repudiating future transactions. Disagreements may arise not only when an agent falsely repudiates a transaction, but also because imperfect business processes may lead to different views of events. Repudiation often occurs within non-agent systems and real-life business transactions within an organization. Documents are occasionally forged, documents are often lost, created by someone without authorization, or modified without being properly reviewed. Since an agent may repudiate a transaction as the result of a misunderstanding, it is important that the agents and agent platforms involved in the transaction maintain records to help resolve any dispute. 


3. Host to Agent
 
The platform-to-agent category represents the set of threats in which platforms compromise the security of agents. This set of threats includes masquerading, denial of service, eavesdropping, and alteration

  • Masquerade
  • Tampering
  • Eavesdropping and traffic analysis
    Denial of service

Approaches to Protect an Agent

A number of approaches have been developed to protect mobile code of an agent.  The approaches can be classified to four types of protection:
  • Mobile agents can be restricted to migrate to hosts that are trusted
  • Organizational methods can be used to protect agent (i.e. creating a closed system, where only trust worth parties can operate a host)
  • Tamper-resistant hardware can be used to ensure the integrity of an agent
  • Restricted environments can be setup and cryptographic protocols employed to make tampering with mobile code difficult and time consuming
The security solutions used by a mobile agent can be classified into those used for prevention or detection
  • Mechanisms aimed at prevention use security techniques to prevent the unauthorized access of code and data
  • Mechanisms aimed at detection attempt to detect any unauthorized modification of an agent 
 
 
 
 
 

 

 

 

 

 

 

 

 

Three Approaches to Prevent Attacks on Agents

Each of the following solution limits the eavesdropping attacks that can be performed on an agent:
  • Time Limited Black Box (Obfuscated Code and Data)
  • Computing with Encrypted Functions
  • Environmental Key Generation (Clueless Agents)

Time Limited Black Box 

  • The use of a time limited black box was proposed by Fritz Hohl
  • The goal of a time limited black box is to hide all of the information contained in an agent from others
  • The only information that can be obtained from an agent is the input to the agent and its output
  • The code and data contained in the agent is obfuscated so that it will take an attacker a long period of time to determine the internals of the agent
  • The aim of using obfuscated code is that a host will execute the code and have no idea what the code is actually doing 
Time Limited Black Box Property
Definition: Time Limited Black Box Property an agent is a time limited black box if:
  1. for a certain known time interval 
  2. code and data of the agent specification cannot be read
  3. code and data of the agent specification cannot be modified attacks after the protection interval are possible
  4. but these attacks do not have effects
Token & Non-Token Data
The token data are self-contained documents that depend on the identity of the issuer
  • Some examples of token data are electronic money and encryption keys
  • An expiration date must be put on the token data so that they are not used after the time limit expires
  • The non-token data is all the other data contained by the agent

Computing with Encrypted Functions

The problem that computing with encrypted function is trying to solve:
  • Alice has an algorithm to compute a function f.  
  • Bob has an input x and is willing to compute f(x) for her.
  • Alice wants Bob to learn nothing substantial about f.   
  • Moreover, Bob should not need to interact with Alice during the computation of f(x)
In this scheme the functions used are encrypted and are represented by E(f).  Then P(f) is the program that contains the encrypted function E(f)
Computing with encrypted functions includes the following steps: 
















  • Alice encrypts f.
  • Alice creates a program P(E(f)) which implements E(f).
  • Alice sends P(E(f)) to Bob.
  • Bob executes P(E(f))(x) for Alice.
  • Bob sends P(E(f))(x) to Alice.
  • Alice decrypts P(E(f))(x) and obtains f(x)



















Protecting the Host

A number of approaches have been suggested:
  • Safe code interpretation: use of an interpreted language
  • Authentication: digital signatures
  • Authorization: entities can be granted capabilities or access rights
  • Resource allocation: various mechanisms for resource allocation, including market mechanisms
  • Maintaining path histories in order to be able to check the origin of mobile agents

Protecting the Mobile Agent

  • Fortress model: agents execute in a safe environment where no un trusted hosts are allowed – compromises the advantages of mobile agents
  • Sealing and signing intermediate results to prevent tampering
  • Using shared secrets and interlocking
  • The agent’s execution and behaviour is recorded (Execution tracing)
  • Executable encrypted functions can prevent tampering


MY References: 

Peter Braun and Wilhelm Rossak. Mobile Agents: Basic Concepts, Mobility Models,
            & the Tracy Toolkit. Morgan Kaufmann Publishers, San Fransisco, CA, 2005.
Fritz Hohl. Time Limited Blackbox Security: Protecting Mobile Agents from
            Malicious Hosts. G. Vinga (Ed.), Mobile Agents and Security,  pages 92-112,
            Springer-Verlag, Lecture Notes in Computer Science No. 1419, 1998.
W. Jansen. Countermeasures for Mobile Agent Security. In Computer
            Communications, Special Issue on Advances in Research and Application of
            Network Security, November 2000.
            http://citeseer.ist.psu.edu/article/jansen00countermeasures.html
W. Jansen and T.  Karygiannis. NIST Special Publication 800-19 - Mobile Agent
            Security. National Institute of Standards and Technology, 2000.
            http://citeseer.ist.psu.edu/jansen00nist.html
R. Oppliger. Security Issues Related to Mobile Code and Agent-Based Systems.
            Computer Communications 22 pages 1165-1170, 1999.
J. Riordan and B. Schneier. Environmental key generation towards clueless agents.
            Mobile agents and security 1998.
Tomas Sander and Christan F. Tschudin. Protecting Mobile Agents Against
            Malicious Hosts. Mobile agents and security, volume 1419 of Lecture Notes in
            Computer Science, pages 44--60. Springer-Verlag, New York, NY, 1998

No comments:

Post a Comment