基于移动代理计算模型的安全

A Note on Security of Mobile Agent-based Computing

移动代理可视为由客户机器生成的程序派送到网络中漫游以寻找合适的机器予以执行后将结果返回或送到特定的主机。基于移动代理的计算在诸多方面有着比传统的基于RPC或消息机制的计算更适合实现分布式计算的优势。在对基于移动代理的计算模型简单介绍后，对其优点做出评估。尽管这祥，这种计算模式还是带来了许多显著的安全上的问题．将分析出安全上的威胁．从而从两个方面来得出基于移动代理计算模型的安全需求。之后，将考察现有的该问题的对策．特别是移动加密方案。也将给出一种重要的应用图景作为例子来诠释基于移动代理计算的安全解决方案。基于移动代理的计算安全是一个涉及面广并且远未成熟的研究领域，因此最后将做出一个简要的对此问题更深的考虑和未来工作的可能的方向的评述。

Mobile agents are programs which may be dispatched from a client computer(user) and roam in the network to find a specificserver computCr to execute.Mobile agent based computing offers advantages compared with traditional RPC-based or messaging-basedcomputing in many aspects.In this paper,the agent-based computing model is introduced and its advantages is assessed.However, it also introduces some significantsecurity issues. We will analyze vulnerabilities and consider the security requirements of mobile agent-based computing from two sides.Several countermeasures are examined,with more details on mobile cryptography. As a example,we present a important application scenarioto ilIustfate one solution for security of mobile agent based computing.Securing the mobile agent based computing is a broad evolving and ongoing area.We close the paper with a brief further considerationand some proposed future work.