| Because the Mobile Agent roams around in the opened network, the Mobile Agent with the property of autonomy and mobility will be attacked by any entries of Internet, Such as the malicious host can analyze the internal structure of the Mobile Agent, intercept the information accumulated from the other hosts, and even change the activities of Mobile Agent in order to attack the next one. To prevent Mobile Agent from being attacked, we not only need the powerful technologies, but also require the supervising and intervening of people.In addition, in order to implement the protection inside the Mobile Agent, five security requirements of defense: Availability, Integrity, Confidentiality, Accountability and Anonymity, must be attained. Among the five security requirements, Confidentiality and Anonymity are two important ones, and do not have an all-around solution.This paper focuses on the Mobile Agent security from macrostructure and microstructure. Summarize the current status and tendency of Mobile Agent security, the paper mainly comprises two parts.The first part considers the Mobile Agent security only at the Mobile Agent level, and establishes a model that protects the Mobile Agent with the help of the trusted, protected computational proxy servers (TCP). Base on the partition technology, in this model, every Mobile Agent consist of information as little as possible, and the Mobile Agents with critical content have been dispatched forcedly to TCP, others with independency information have been dispatched to the user's host, subsequently, the model reduce the risk of Mobile Agent furthest from macroscopy.The second part researches the Confidentiality and Anonymity of Mobile Agent from their internal structure. Firstly, base on the Hohl's Limited Black Box approach, we propose a supplementary mechanism which puts a Registry Module on TCP for registering the input events to prevent Black Box Tests in order to really protect Confidentiality of Mobile Agent. Secondly, to hide the initiator's identity and address, we have achieved anonymous communication by Mixing technology andachieved anonymous connection by Mixing and Group signature.In the last, this thesis gives the whole conclusion and points out the problems and difficulties which exist the field of Mobile Agent Security, such as performance and other relative questions that have been aroused by intensifying the Mobile Agent Security, it also point out the future task.
|
PDF Full Text Request