Protecting Mobile Agents From External Replay Attacks

摘要

This paper presents a protocol for the protection of mobile agents against external replay attacks. This kind of attacks are performed by malicious platforms when dispatching an agent multiple times to a remote host, thus making it reexecute part of its itinerary. Current proposals aiming to address this problem are based on storing agent identifiers, or trip markers, inside agent platforms, so that future reexe-cutions can be detected and prevented. The problem of these solutions is that they do not allow the agent to perform legal migrations to the same platform several times. The aim of this paper is to address these issues by presenting a novel solution based on authorisation entities, which allow the agent to be reex-ecuted on the same platform a number of times determined at runtime. The proposed protocol is secure under the assumption that authorisation entities are trusted.