Please I want help from someone who is expert or having experience in information security. the assignment is about writing  annotated bibliography for 10 papers. the paper should be recent from 2015

This paper presents a general software architecture for the protection of mobile agents, with the aim of minimising or even getting rid of some of the main di culties of existing so- lutions. The proposed scheme merges the agent and platform driven approaches into a exible method for the protection of agent’s code and data. The authors clame that existing cryptographic protocols can be easily embedded in their so- lution, avoiding in the process some of their shortcomings.

The key idea of this approach lies in enhancing agents with an independent, fully encapsulated protection mechanism car - ried by the agents themselves. This security layer interacts with platforms in very de nite circumstances via clear-cut interfaces, minimising the impact (in terms of new develop- ments and legacy code reuse) of adopting the new mechanism or even modifying the underlying security policies and tech- niques. This is a telling argument of this approach, for the infrastructure of platforms becomes tenable. Users must not learn about security since the mobile agents carry their own self-protection mechanisms, wrapping the application layer.

Last but not least, domain-speci c or home-brewed security mechanisms can easily coexist with the new architecture. It is worth stressing that existing agent-based applications can 1 bene t from this solution. Making mobile agents secure in- volves only minor changes to both the platform and the agent’s code. The new ideas can also be applied to other innovative concepts such as self-interpreted code or selfextracting agen ts.

Finally, authors do not limit ourselves to a theoretical spec- ulation on the bene ts of their solution. A fully functional proof-of-concept implementation of the work described in th is paper (using the well-known JADE agent platform), brie y discussed in section 5, has been developed by the authors.

[2] Faruk Bagci, Holger Schick, Jan Petzold, Wolfgang Trumle r, and Theo Ungerer. Communication and security extensions for a ubiquito us mo- bile agent system (ubimas). In CF ’05: Proceedings of the 2nd con- ference on Computing frontiers , pages 246–251, New York, NY, USA, 2005. ACM.

This paper describes an ubiquitous mobile agent system called UbiMAS concentrating on the new communication and secu- rity extensions. UbiMAS is not a middleware but a service which works on top of a peer-to-peer middleware. UbiMAS has basic functions for agent communication and migration.

The contributions of this paper are the approach of building virtual agent node alliances on basis of agent node peer groups, which can communicate securely with each other, the classi cation of agents in user-agents, which are bound to a person and service-agents, which can be instructed by user-agents, the communication extensions for the agents and nodes over so called PoBoxes which have the intention to realize an easy and secure exchange of messages on basis of an extensible communication protocol, the provision of security features, which protect the agents as well as the nodes against unauthorized access, and en- sure secure communication based on encryption and cer- ti cation.

2 [3] Elmarie Bierman and Elsabe Cloete. Classi cation of malicious host threats in mobile agent computing, 2002.

The purpose of this paper is to analyse the di erent security threats that can possibly be imposed on agents by malicious hosts, and then provide a classi cation of these threats be- fore the description of the current solution approaches that are implemented to address the identi ed problems. By pro- viding such a classi cation one is able to identify speci c gaps in current research e orts, and enable researchers to system- atically focus their attention on di erent classes of solution s to remedy these threats.

[4] Niklas Borselius. Mobile agent security. Electronics and Communication Engineering Journal , 14(5), 2002.

The article starts by a brief description of the characteristic s of agents and multi-agent systems of relevance to security.

Then it discuss some security implications of these character- istics. Finaly, it considers security technology and some recent research aimed at enhancing the security of mobile agent sys- tems.

[5] Michele Bugliesi, Giuseppe Castagna, and Silvia Crafa. Acce ss control for mobile agents: The calculus of boxed ambients. ACM Trans. Pro- gram. Lang. Syst. , 26(1):57–124, 2004.

The main motivation for this paper is the assessment of secu- rity and access control in ambient-based calculi. The focus of author’s analysis is on mandatory (i.e., system-wide) access control (MAC) policies within a multilevel security system.

In particular, the emphasis is on the speci c aspects of MAC policies related to con dentiality, and their di erent imp le- mentations as military security (no read-up, no write-down) and commercial security (no read-up, no write-up). Instead, to authors knowledge, no attempt in this direction has been made for MA-based calculi. Authors analysis, detailed in the rst part of the paper, points out the shortcomings of MA as a formal basis for reasoning about these concepts. In fact, 3 the main di culties come far ahead of any formal reasoning, because the very meaning of basic notions such as ”read ac- cess” and ”write access” by sub jects to ob jects is di cult to grasp and characterize when looked at from within MA. To overcome these di culties, authors introduce a variant of Mo- bile Ambients, named Boxed Ambients (BA). Boxed Ambients inherit from MA the primitives in and out for mobility, but not open, and introduce direct primitives for communication across ambient boundaries between parent and child. This new form of communication ts the design principles of MA, and complements the existing constructs for ambient mobility, an d local exchanges, with ner-grained, and more e ective, mech - anisms for ambient interaction. The resulting calculus retai ns the computational avor of MA and the elegance of its for- mal presentation. On the other hand, the new communica- tion model preserves the exibility of typed communications from MA, while providing more e ective means for reasoning about access control policies. Authors study two versions of the calculus, based on synchronous and asynchronous commu- nication, respectively. Interestingly, the new model of comm u- nication sheds new insight into the relationship between the two forms of interaction. In particular, they show that clas- sical encodings of the asynchronous model in terms of the synchronous one do not carry over to calculi that combine nonlocal exchanges and dynamic system recon guration based on mobility. Authors complement the de nition of the calcu- lus with a study of di erent type systems. A rst type sys- tem provides standard safety guarantees for communication.

A second type system enhances the typing of mobility and develops a new typing technique, based on di erent typing ”modes” for processes, in which processes and their continu- ations may have di erent types while still preserving sub ject reduction. A last type system combines the new technique with a richer class of types to provide for the static detection of violations of MAC policies in a multilevel security enviro n- ments. All the type systems, in particular the access control type system, are designed, and proved sound, for both the synchronous and the asynchronous versions of the calculus.

4 Remarkably, the moded typing system is initially motivated by the synchronous semantics but then proves equally e ec- tive for the asynchronous calculus that we eventually adopt in their discussion of access control.

[6] Fritz Hohl. A framework to protect mobile agents by using re ference states. In ICDCS ’00: Proceedings of the The 20th International Con- ference on Distributed Computing Systems ( ICDCS 2000) , page 410, Washington, DC, USA, 2000. IEEE Computer Society.

To protect mobile agents from attacks by their execution environments, or hosts, one class of protection mechanisms uses ”reference states” to detect modi cation attacks. Refer- ence states are agent states that have been produced by non- attacking, or reference hosts. This paper examines this class o f mechanisms and presents the bandwidth of the achieved pro- tection. For that purpose, and at the beginig the paper gives a new general de nition of attacks against mobile agents. Since this general de nition in itself does not lead to a practicabl e protection scheme, the notion of reference states is introduc ed.

This notion allows to de ne a protection scheme that can be used to practically realize a whole number of mechanisms to protect mobile agents. After an initial analysis of already ex- isting approaches, an extraction of the abstract features of these approaches. Thereafter, a discussion of the strengths and weaknesses of the general protection scheme is given. Then, a framework is presented that allows an agent programmer to choose a speci c level of protection using the reference states scheme. Lastly, an example illustrates the advantages of the framework is introduced.

[7] Yang Kun, Guo Xin, and Liu Dayou. Security in mobile agent sy stem:

problems and approaches. SIGOPS Oper. Syst. Rev., 34(1):21–28, 2000.

This paper investigates the problems and approaches of mo- bile agent system, which shows that bi-directional and layered security model may be a good idea to resolve the security prob- lems in mobile agent systems. It gives an overall discussion and 5 approaches about the security problems in mobile agent sys- tem. The paper begins by discussing the security problems and their rough approaches in single computer, network and mo- bile agent system. Speci c mechanisms to security problems from both the host and the mobile agent are then, discussed.

Thereafter, the paper shows that there are a number of lay- ers at which security mechanisms can be placed. At the end, other topics about mobile agent security, such as constrained execution and virus detection, are discussed.

[8] Hyungjick Lee, Jim Alves-Foss, and Scott Harrison. The construct ion of secure mobile agents via evaluating encrypted functions. Web Intelli.

and Agent Sys. , 2(1):1–19, 2004.

In this paper, authors propose a security approach for mobile agents, which protects mobile agents from malicious hosts.

The approach prevents privacy attacks and integrity attack s to mobile agents from malicious hosts. They focus on extending the mobile cryptography approach, proposed by Sander and Tschudin [15, 13, 14], in terms of privacy and integrity, and explore its usefulness and e ectiveness in protecting mobile agents. To extend mobile cryptography, authors consider com- posite functions and additive-multiplicative homomorphism to encrypt mobile agents. As the contribution of this research, the encrypted mobile agent will be able to run on any host without decryption. The encrypted mobile agent will gener- ate encrypted results, which will be decrypted by the agent owner. This will improve the overall security of the mobile agents. In the remainder of this paper, authors expand the idea of mobile cryptography. The paper, begins by providing an overview of some related works. Then, they introduce the idea of homomorphic encryption scheme and function com- position. Next, they discuss their approach for mobile agent security focusing on the details of each component of the ap- proach. At the end, they analyze the approach, and discuss these weaknesses and these strengths.

[9] Hyungjick Lee, Jim Alves-Foss, and Scott Harrison. The use of en- crypted functions for mobile agent security. In HICSS ’04: Proceedings 6 of the Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS’04) - Track 9 , page 90297.2, Washington, DC, USA, 2004. IEEE Computer Society.

[10] Nikola Mitrovic and Unai Arronategui Arribalzaga. Mobile a gent secu- rity using proxy-agents and trusted domains. In Second International Workshop on Security of Mobile Multiagent Systems (SEMAS 2002 ), First International Joint Conference on Autonomous Agents a nd Multi- Agent Systems AAMAS 2002 . DFKI Research Report, 2002.

This paper proposes the usage of a proxy agent paradigm for security services together with trusted domain and directory services for rights and authenticity distribution. Speciali zed Security Proxy Agents are used to provide security mecha- nisms to both mobile agent systems and mobile agents. This concept enables security context for legacy systems, simpli es development of the agents and provides both domain level and per agent security. In addition, proposed architecture gives possibility of protecting the devices that does not have su - cient processing power (e.g. wireless devices).

[11] John Page, Arkady Zaslavsky, and Maria Indrawan. A buddy mo del of security for mobile agent communities operating in pervasi ve scenar- ios. In ACSW Frontiers ’04: Proceedings of the second workshop on Australasian information security, Data Mining and Web Intel ligence, and Software Internationalisation , pages 17–25, Darlinghurst, Australia, Australia, 2004. Australian Computer Society, Inc.

This paper examines the security aspects of di erent perva- sive scenarios involving agent communities evolved using mult i agent systems (MAS). It describes the motivation and the ob- jectives behind the development of these agent communities and analyses the security vulnerabilities, which arise within them. To counter these vulnerabilities, the paper proposes a Buddy model of security for the agent community. In this model, every agent protects its neighbour within the commu- nity, thereby sharing the responsibilities of the security func - tion. This feature makes it a better option as compared to other hierarchical models of security, which can be brought 7 down by a concerted attack at the controller agent. This pa- per also demonstrates the applicability and the e ectiveness of the Buddy model in di erent pervasive scenarios and makes a strong case for its adoption.

[12] Adam Pridgen and Christine Julien. A secure modular mobile agent system. In SELMAS ’06: Proceedings of the 2006 international workshop on Software engineering for large-scale multi-agent systems , pages 67– 74, New York, NY, USA, 2006. ACM.

In this paper, we introduce the Secure Modular Mobile Agent System.H (SMASH), which provides modularity for agent and platform components, information assurances, and mecha- nisms to assist mobile agents as they move between platforms.

SMASH is also designed to address context-based agent execu- tion and security, enable coordination among agents and plat - forms, and, overall, improve programmablity, security, and extensibility for highly versatile mobile agent application s.

SMASH seeks to allow a wider range of authentication meth- ods, rather than restrict agent authentication to code sign- ing as employed in Javabased approaches. To support unpre- dictable travel patterns, SMASH supports strict authorization and resource control measures yet eliminates the burden of excessive authentication for transient agents as they move to their destinations.

[13] Tomas Sander and Christian F. Tschudin. On software protec tion via function hiding. In Proceedings of the Second International Workshop on Information Hiding , pages 111–123, London, UK, 1998. Springer-Verlag.

[14] Tomas Sander and Christian F. Tschudin. Protecting mobil e agents against malicious hosts. In Mobile Agents and Security, pages 44–60, London, UK, 1998. Springer-Verlag.

[15] Tomas Sander and Christian F. Tschudin. Towards mobile cr yptography.

Security and Privacy, IEEE Symposium on , 0:0215, 1998.

[16] Yasuyuki Tahara, Nobukazu Toshiba, Akihiko Ohsuga, and Shin ichi Honiden. Secure and e cient mobile agent application reuse usi ng pat- 8 terns. InSSR ’01: Proceedings of the 2001 symposium on Software reusability , pages 78–85, New York, NY, USA, 2001. ACM.

This paper proposes a formal framework that supports mobile agent application development and reuse with consideration o f the trade-o s between the security issues and the performance issues. In this framework, a mobile agent application is de- signed by building a computational cost model and a security model, and combining patterns so that the combination satis- es the models. Therefore the application can be developped considering the security and the performance trade-o s. The authors clame that, since the models and the patterns are pre- sented according to a formal framework, they can make sure that the pattern combination satis es the models rigorously.

In addition, if the security policy of the new environment is di erent from the old one in reusing the system in a new or- ganization, they can easily modify and adapt the behavior because the pattern application can be gured out automati- cally by an algorithm.

[17] Son T. Vuong and Peng Fu. A security architecture and desig n for mobile intelligent agent systems. SIGAPP Appl. Comput. Rev., 9(3):21– 30, 2001.

In this paper, authors focus on the security design issues for mobile intelligent systems. They propose a security architec- ture and implement a security system based on the architec- ture for a novel mobile intelligent system, Actigen. This secu- rity system makes use of a rich security model that provides an identi cation capability to each principal and supports sy s- tem resource access control to a very ne level of granularity.

The security system also o ers some methods to detect if the behavior or data of an Actigen agent is tampered. Although the security architecture was developed for Actigen, its ap- plicability can be generally suited to any mobile intelligen t systems.

[18] Pamela Zave. Address translation in telecommunication fe atures.ACM Trans. Softw. Eng. Methodol. , 13(1):1–36, 2004.

9 This paper describes a security model for mobile agent based systems. The model de nes the notion of a security-enhanced agent and outlines security management components in agent platform bases and considers secure migration of agents from one base to another. The security enhanced agent carries a passport that contains its security credentials and some re- lated security code. Then we describe how authentication, in- tegrity and con dentiality, and access control are achievedus- ing the agent’s passport and the security infrastructure in the agent bases. The paper also considers the types of access con- trol policies that can be speci ed using the security enhanced agents and the policy base in the agent platforms. It discusses the application of the security model in roaming mobile agent s and consider a simple scenario involving security auditing in networks.

10