Security Scheme Of Mobile Agent Based On Time Checking And Trustworthiness

Mobile agent(MA) which has a good application prospect is a program that travels autonomously through computer network in order to perform some computation or gather information. Because of the open and uncertainty of network and mobility of agent, mobile agent faces severe problems of security, which is an important issue for the widespread deployment of mobile agent application. So security of mobile agent has become a hot research spot of scientific workers.Mobile agent performs tasks during the migration process, and the protection of mobile agent avoiding attack from malicious host is a unique security problem. Also it is the focus and difficulty of Mobile Agent System now. Source host sends mobile agents to the network nodes and agents make their code, date, and state exposed to the routing hosts. Mobile agent interacts with nodes while it does not trust them fully. Therefore, malicious nodes would modify or delete critical date information of the agent, and make invasion. For the safety of mobile agent system, the ideal situation is to make complete trust between agent and its platforms. To achieve this situation, we must provide a mechanism to evaluate trust degrees of each node. Traditional access control policy cannot solve such problems. So a new security method of time checking and trustworthiness is proposed based on the typical mobile agent security strategy. This program introduces the concept of trust and before the migration of mobile agents, the source host chooses the nodes with relatively high trust degree for its routing nodes,which reduces the possibility of malicious invasion. In this trust model, we focus on the definition of trust, storage and inquiry of trust, amendment of suspect recommending, trust feedback, trust update, and the time decay function of trust. The security of mobile agents is strengthened through trust mechanism. Taking into account of the subjectivity of trust model, a host with a high degree of trust cannot guarantee the successful implementation of this program. To find the malicious nodes after attacking as soon as possible and take reactions, this article also takes the method of time checking. Source host examines the time information from mobile agents to find the malicious nodes. The theoretical analysis of this program's performance is done. Finally, through the simulation experiments we verifies the effectiveness and feasibility of this program.