適用於開放式網路環境之行動代理人保護機制

Abstract

隨著行動代理人科技的快速發展，如何在開放式的網路通訊環境中保護行動代理人，使其免於受到其他主機攻擊的研究將愈形重要。行動代理人具有一項特質，即它的路徑無法在出發前決定，因此主機對於行動代理人的存取權限，也無法事先決定，沒受到適當保護的行動代理人則將受到惡意的攻擊。在這篇論文中，我們提出一套行動代理人的授權模型，可以動態的決定主機權限。在此模型中，行動代理人將攜帶數個子物件，每個物件可設立不同的存取政策，我們提出三種執行政策的方式並加以比較。為了展示本模型的優點，我們也搭配使用可抵抗攻擊的硬體裝置來協助授權，並配合授權與修改偵測機制，對欲存取該行動代理人的主機進行授權，以保護行動代理人所攜帶的子物件與資料。因此，行動代理人將可在開放式的網路環境中，達成保護自己的目標。

Protection of a mobile agent against malicious hosts has become an important issue in open network environments recently. An important property specific to a mobile agent is that its travelling path over hosts can not be predetermined, and therefore it is difficult to decide the access privileges of a visited host to the agent. Consequently, a mobile agent without adequate protection will expose itself to malicious attacks. In this thesis, we propose a protection scheme that provides a dynamic decision-maker for authorization and prevents a mobile agent from being attacked by malicious hosts. In our scheme, a mobile agent carries various objects that may be accessed by visited hosts. Each object of an agent is protected with predetermined policies enforced by different approaches. Three approaches to enforce policies are presented and compared. To demonstrate the power of our scheme, we also design the approach that uses IC cards for the determination of access privileges. Through the proposed authorization mechanism and unauthorized modification detector, authorization and object protection can be achieved. Thus, with our scheme, a mobile agent can be protected against attacks from hostile hosts in open network environments.