| In a highly heterogeneous computing environment, interoperability among different agent platforms is made possible by the Foundation for Intelligent Physical Agent (FIPA) specification. As long as they are all FIPA-compliant, agents of different systems or providers can communicate and interact directly using Agent Communication Language (ACL). However, neither the FIPA specification nor most of its implementations such as FIPA-OS (FIPA Open Source) fully address potential security threats to agents and agent platforms. In this thesis, we discuss the security concerns in FIPA and propose a two-layer architecture to add security features: a basic FIPA-OS agent platform as the management and communication infrastructure, and a security layer as the security extension. This architecture provides agents with two security-related services: a secure communication service and a secure execution environment service. The secure communication service prevents any eavesdropping or interference from the outside network. The secure execution environment service protects server resources and agent services from unauthorized access. The architecture's design and components are also described in terms of the two security services. In addition, this thesis describes a trust model of the two-layer architecture, which consists of a set of assumptions concerning the relationships of all entities. |
