a solution based on cryptographic hw for agent protection
TRANSCRIPT
![Page 1: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/1.jpg)
A Solution based on Cryptographic HW for AgentProtection
Antonio Munoz & Antonio Mana
E.T.S.I Informatica, Universidad de Malaga, GISUM
October 1, 2009
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 2: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/2.jpg)
Outline
1 Introduction to Agent paradigm.
2 Description of the problem.
3 The Trusted Computing technology.
4 Conclussions.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 3: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/3.jpg)
Outline
1 Introduction to Agent paradigm.
2 Description of the problem.
3 The Trusted Computing technology.
4 Conclussions.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 4: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/4.jpg)
Outline
1 Introduction to Agent paradigm.
2 Description of the problem.
3 The Trusted Computing technology.
4 Conclussions.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 5: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/5.jpg)
Outline
1 Introduction to Agent paradigm.
2 Description of the problem.
3 The Trusted Computing technology.
4 Conclussions.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 6: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/6.jpg)
Introduction to Agent Paradigm
1 A mobile agent is defined as:
1 an autonomous,2 reactive,3 goal oriented,4 adaptive,5 persistent,6 socially aware software entity.
2 Mobile agents can actively migrate from host to host andcontinue its execution on the destination host.
3 Mobile agents include code, data and execution state.
4 Theya are not bound to the system on which they beginexecution.
5 They are free to travel among the hosts in the network.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 7: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/7.jpg)
Introduction to Agent Paradigm
1 A mobile agent is defined as:1 an autonomous,
2 reactive,3 goal oriented,4 adaptive,5 persistent,6 socially aware software entity.
2 Mobile agents can actively migrate from host to host andcontinue its execution on the destination host.
3 Mobile agents include code, data and execution state.
4 Theya are not bound to the system on which they beginexecution.
5 They are free to travel among the hosts in the network.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 8: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/8.jpg)
Introduction to Agent Paradigm
1 A mobile agent is defined as:1 an autonomous,2 reactive,
3 goal oriented,4 adaptive,5 persistent,6 socially aware software entity.
2 Mobile agents can actively migrate from host to host andcontinue its execution on the destination host.
3 Mobile agents include code, data and execution state.
4 Theya are not bound to the system on which they beginexecution.
5 They are free to travel among the hosts in the network.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 9: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/9.jpg)
Introduction to Agent Paradigm
1 A mobile agent is defined as:1 an autonomous,2 reactive,3 goal oriented,
4 adaptive,5 persistent,6 socially aware software entity.
2 Mobile agents can actively migrate from host to host andcontinue its execution on the destination host.
3 Mobile agents include code, data and execution state.
4 Theya are not bound to the system on which they beginexecution.
5 They are free to travel among the hosts in the network.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 10: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/10.jpg)
Introduction to Agent Paradigm
1 A mobile agent is defined as:1 an autonomous,2 reactive,3 goal oriented,4 adaptive,
5 persistent,6 socially aware software entity.
2 Mobile agents can actively migrate from host to host andcontinue its execution on the destination host.
3 Mobile agents include code, data and execution state.
4 Theya are not bound to the system on which they beginexecution.
5 They are free to travel among the hosts in the network.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 11: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/11.jpg)
Introduction to Agent Paradigm
1 A mobile agent is defined as:1 an autonomous,2 reactive,3 goal oriented,4 adaptive,5 persistent,
6 socially aware software entity.
2 Mobile agents can actively migrate from host to host andcontinue its execution on the destination host.
3 Mobile agents include code, data and execution state.
4 Theya are not bound to the system on which they beginexecution.
5 They are free to travel among the hosts in the network.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 12: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/12.jpg)
Introduction to Agent Paradigm
1 A mobile agent is defined as:1 an autonomous,2 reactive,3 goal oriented,4 adaptive,5 persistent,6 socially aware software entity.
2 Mobile agents can actively migrate from host to host andcontinue its execution on the destination host.
3 Mobile agents include code, data and execution state.
4 Theya are not bound to the system on which they beginexecution.
5 They are free to travel among the hosts in the network.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 13: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/13.jpg)
Introduction to Agent Paradigm
1 A mobile agent is defined as:1 an autonomous,2 reactive,3 goal oriented,4 adaptive,5 persistent,6 socially aware software entity.
2 Mobile agents can actively migrate from host to host andcontinue its execution on the destination host.
3 Mobile agents include code, data and execution state.
4 Theya are not bound to the system on which they beginexecution.
5 They are free to travel among the hosts in the network.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 14: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/14.jpg)
Introduction to Agent Paradigm
1 A mobile agent is defined as:1 an autonomous,2 reactive,3 goal oriented,4 adaptive,5 persistent,6 socially aware software entity.
2 Mobile agents can actively migrate from host to host andcontinue its execution on the destination host.
3 Mobile agents include code, data and execution state.
4 Theya are not bound to the system on which they beginexecution.
5 They are free to travel among the hosts in the network.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 15: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/15.jpg)
Introduction to Agent Paradigm
1 A mobile agent is defined as:1 an autonomous,2 reactive,3 goal oriented,4 adaptive,5 persistent,6 socially aware software entity.
2 Mobile agents can actively migrate from host to host andcontinue its execution on the destination host.
3 Mobile agents include code, data and execution state.
4 Theya are not bound to the system on which they beginexecution.
5 They are free to travel among the hosts in the network.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 16: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/16.jpg)
Introduction to Agent Paradigm
1 A mobile agent is defined as:1 an autonomous,2 reactive,3 goal oriented,4 adaptive,5 persistent,6 socially aware software entity.
2 Mobile agents can actively migrate from host to host andcontinue its execution on the destination host.
3 Mobile agents include code, data and execution state.
4 Theya are not bound to the system on which they beginexecution.
5 They are free to travel among the hosts in the network.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 17: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/17.jpg)
Benefits of Mobile Agents(I)
1 Improving locality of reference is achieved by moving theaction towards the source of data or other end point ofcommunication.
2 Survivability: similar to nomadic tribes or migratory birds,agents can survive if moved closer to resources.
3 Analogy to the real world helps some programmers to betterunderstand programming paradigms expressed in terms ofmobile agents. Examples are travelling salesmen, shoppersand workflow management systems.
4 Customization, for example, by adjusting the search accordingto a user specific criteria, or by performing an action specificto a remote site.
5 Autonomicity represents agent’s independence from its owner.A user can start an agent to act on his behalf and disconnect.When the user reconnects, the agent returns or otherwiseprovides results.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 18: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/18.jpg)
Agent Areas of Development(I)
1 Slow and unreliable links – such as radio communication,where locality of reference improves performance, and avoidspotential loss while transferring large amounts of data.
2 Software distribution– is easier by associating actions andstate with each distributed version and copy of a particularsoftware.
3 Network management– useful for automating control andconfiguration in large scale environments, such as network.
4 Electronic commerce– by modeling travelling salesmen orshoppers visiting stores in an electronic mall.
5 Data mining– locality of reference: agents optimize a searchby wandering from site to site with large volumes ofinformation.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 19: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/19.jpg)
Problem Description
1 Agents represent an appropiate paradigm for a wide set ofpossible applications.
2 Security problems: Current agent platforms have low level ofsecurity (Aglets, Cougaar, JACK, JADE, JAVACT,AgentSpeak)
One way protection
Protection of Agents.Protection of Agencies.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 20: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/20.jpg)
Protection of AgentsThe malicious host problem
1 Sanctuaries.
2 Obfuscations techniques.
3 Watermarking.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 21: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/21.jpg)
Protection of Agencies/Hosts
1 Sandboxes.
2 Proof Carrying Code.
3 Path Histories.
4 State Appraisal.
5 Signed Code techniques.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 22: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/22.jpg)
Problems of the Current approaches
1 Do not provide a complete solution (only partial ones).
2 Their integration in current agent tools is not easy (f.i JADE,JavaAct,...).
3 Do not use state of the art security.
4 Definitely hard to apply for non security experts.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 23: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/23.jpg)
Problems of the Current approaches
1 Do not provide a complete solution (only partial ones).
2 Their integration in current agent tools is not easy (f.i JADE,JavaAct,...).
3 Do not use state of the art security.
4 Definitely hard to apply for non security experts.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 24: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/24.jpg)
Problems of the Current approaches
1 Do not provide a complete solution (only partial ones).
2 Their integration in current agent tools is not easy (f.i JADE,JavaAct,...).
3 Do not use state of the art security.
4 Definitely hard to apply for non security experts.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 25: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/25.jpg)
Problems of the Current approaches
1 Do not provide a complete solution (only partial ones).
2 Their integration in current agent tools is not easy (f.i JADE,JavaAct,...).
3 Do not use state of the art security.
4 Definitely hard to apply for non security experts.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 26: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/26.jpg)
Problem Description (II)
1 We focus on solving the malicious host problem.
2 Our target is to develop a trusted migration proccess.
3 Our solution provides a 2-way protection (agent-host).
4 We base our solution on the TPM functionalities.
5 Shows a possible independent application of the TPM.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 27: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/27.jpg)
Problem Description (II)
1 We focus on solving the malicious host problem.
2 Our target is to develop a trusted migration proccess.
3 Our solution provides a 2-way protection (agent-host).
4 We base our solution on the TPM functionalities.
5 Shows a possible independent application of the TPM.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 28: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/28.jpg)
Problem Description (II)
1 We focus on solving the malicious host problem.
2 Our target is to develop a trusted migration proccess.
3 Our solution provides a 2-way protection (agent-host).
4 We base our solution on the TPM functionalities.
5 Shows a possible independent application of the TPM.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 29: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/29.jpg)
Problem Description (II)
1 We focus on solving the malicious host problem.
2 Our target is to develop a trusted migration proccess.
3 Our solution provides a 2-way protection (agent-host).
4 We base our solution on the TPM functionalities.
5 Shows a possible independent application of the TPM.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 30: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/30.jpg)
Problem Description (II)
1 We focus on solving the malicious host problem.
2 Our target is to develop a trusted migration proccess.
3 Our solution provides a 2-way protection (agent-host).
4 We base our solution on the TPM functionalities.
5 Shows a possible independent application of the TPM.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 31: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/31.jpg)
The Trusted Computing Technology
1 Origin:Bill Arbaugh, Dave Farber and Jonathan Smith, “ASecure and Reliable Bootstrap Architecture” IEEE Symposiumon Security and Privacy (1997)
2 Current Status:Trusted Computing Group Specifications,Available from www.trustedcomputinggroup.org
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 32: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/32.jpg)
The Trusted Computing Technology
1 Origin:Bill Arbaugh, Dave Farber and Jonathan Smith, “ASecure and Reliable Bootstrap Architecture” IEEE Symposiumon Security and Privacy (1997)
2 Current Status:Trusted Computing Group Specifications,Available from www.trustedcomputinggroup.org
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 33: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/33.jpg)
The Trusted Computing TechnologyThe Basis
1 A tamperproof hardware device is user to build a fully securedsystem bottom-up.
2 The basic idea is to create a chain of trust between allelements in the computing system.
3 In a Trusted Computing scenario a trusted application runsexclusively on top of trusted supporting software.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 34: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/34.jpg)
The Trusted Computing TechnologyThe Basis
1 A tamperproof hardware device is user to build a fully securedsystem bottom-up.
2 The basic idea is to create a chain of trust between allelements in the computing system.
3 In a Trusted Computing scenario a trusted application runsexclusively on top of trusted supporting software.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 35: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/35.jpg)
The Trusted Computing TechnologyThe Basis
1 A tamperproof hardware device is user to build a fully securedsystem bottom-up.
2 The basic idea is to create a chain of trust between allelements in the computing system.
3 In a Trusted Computing scenario a trusted application runsexclusively on top of trusted supporting software.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 36: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/36.jpg)
The Trusted Computing TechnologyThe Chain of trust
Figure: Chain of trust
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 37: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/37.jpg)
Description of the Protocol
Figure: Complete description of the Secure Migration Protocol
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 38: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/38.jpg)
Time-of-use time-of-check problem.
The time-of-check-to-time-of-use problem is named after atype of software bug caused by changes in a system betweenthe checking of a condition (such as a security credential) andthe use of the results of that check.
In our case, it refers to an attack based on modifying thedestination platform once the agent has checked itstrusworthiness.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 39: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/39.jpg)
Time-of-use time-of-check problem.
The time-of-check-to-time-of-use problem is named after atype of software bug caused by changes in a system betweenthe checking of a condition (such as a security credential) andthe use of the results of that check.
In our case, it refers to an attack based on modifying thedestination platform once the agent has checked itstrusworthiness.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 40: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/40.jpg)
Protocol using the sealed bind key functionality of TPM
Figure: Solution with the use of a Sealed Bind key.Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 41: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/41.jpg)
Main advantages
The necessary trusted hardware is integrated in the heart ofthe computing system.
Fully secure systems are possible...
well, ... provided everything is perfect !
This approach provides a secure environment for agentexecution through a friendly interface.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 42: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/42.jpg)
Main advantages
The necessary trusted hardware is integrated in the heart ofthe computing system.
Fully secure systems are possible...
well, ... provided everything is perfect !
This approach provides a secure environment for agentexecution through a friendly interface.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 43: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/43.jpg)
Main advantages
The necessary trusted hardware is integrated in the heart ofthe computing system.
Fully secure systems are possible...
well, ... provided everything is perfect !
This approach provides a secure environment for agentexecution through a friendly interface.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 44: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/44.jpg)
Main advantages
The necessary trusted hardware is integrated in the heart ofthe computing system.
Fully secure systems are possible...
well, ... provided everything is perfect !
This approach provides a secure environment for agentexecution through a friendly interface.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 45: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/45.jpg)
JADE
JADE (Java Agent DEvelopment Framework) is a softwareFramework fully implemented in Java language.
It simplifies the implementation of multi-agent systemsthrough a middle-ware that complies with the FIPAspecifications and through a set of graphical tools thatsupports the debugging and deployment phases.
FIPA is the standards organization for agents and multi-agentsystems officially accepted by the IEEE as its eleventhstandards committee on 8 June 2005.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 46: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/46.jpg)
JADE
JADE (Java Agent DEvelopment Framework) is a softwareFramework fully implemented in Java language.
It simplifies the implementation of multi-agent systemsthrough a middle-ware that complies with the FIPAspecifications and through a set of graphical tools thatsupports the debugging and deployment phases.
FIPA is the standards organization for agents and multi-agentsystems officially accepted by the IEEE as its eleventhstandards committee on 8 June 2005.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 47: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/47.jpg)
JADE
JADE (Java Agent DEvelopment Framework) is a softwareFramework fully implemented in Java language.
It simplifies the implementation of multi-agent systemsthrough a middle-ware that complies with the FIPAspecifications and through a set of graphical tools thatsupports the debugging and deployment phases.
FIPA is the standards organization for agents and multi-agentsystems officially accepted by the IEEE as its eleventhstandards committee on 8 June 2005.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 48: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/48.jpg)
Blocks Diagram
Figure: Blocks of Software of our library
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 49: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/49.jpg)
Friendly use of our library
Figure: Instead of creating an Agent object, we create a SecureAgentobject
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 50: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/50.jpg)
Requirements of the Secure Migration Library for Agents
Each hosting platform contains a TPM.
The state of the Trusted Agent platform is measured and themeasurements stored to the TPM PCRs.
The initial host platform from which the mobile agentoriginates is considered trusted.
Any static agent information is digitally signed by theoriginator.
The use of PCR registers to store measurementsrepresentative of a trusted agent platform´s software state isconsistent amongst all the trusted platforms.
Every Trusted platform has enrolled at least one of their AIKswith a Privacy-CA which is know to every other trusted agentplatform.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 51: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/51.jpg)
Requirements of the Secure Migration Library for Agents
Each hosting platform contains a TPM.
The state of the Trusted Agent platform is measured and themeasurements stored to the TPM PCRs.
The initial host platform from which the mobile agentoriginates is considered trusted.
Any static agent information is digitally signed by theoriginator.
The use of PCR registers to store measurementsrepresentative of a trusted agent platform´s software state isconsistent amongst all the trusted platforms.
Every Trusted platform has enrolled at least one of their AIKswith a Privacy-CA which is know to every other trusted agentplatform.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 52: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/52.jpg)
Requirements of the Secure Migration Library for Agents
Each hosting platform contains a TPM.
The state of the Trusted Agent platform is measured and themeasurements stored to the TPM PCRs.
The initial host platform from which the mobile agentoriginates is considered trusted.
Any static agent information is digitally signed by theoriginator.
The use of PCR registers to store measurementsrepresentative of a trusted agent platform´s software state isconsistent amongst all the trusted platforms.
Every Trusted platform has enrolled at least one of their AIKswith a Privacy-CA which is know to every other trusted agentplatform.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 53: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/53.jpg)
Requirements of the Secure Migration Library for Agents
Each hosting platform contains a TPM.
The state of the Trusted Agent platform is measured and themeasurements stored to the TPM PCRs.
The initial host platform from which the mobile agentoriginates is considered trusted.
Any static agent information is digitally signed by theoriginator.
The use of PCR registers to store measurementsrepresentative of a trusted agent platform´s software state isconsistent amongst all the trusted platforms.
Every Trusted platform has enrolled at least one of their AIKswith a Privacy-CA which is know to every other trusted agentplatform.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 54: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/54.jpg)
Requirements of the Secure Migration Library for Agents
Each hosting platform contains a TPM.
The state of the Trusted Agent platform is measured and themeasurements stored to the TPM PCRs.
The initial host platform from which the mobile agentoriginates is considered trusted.
Any static agent information is digitally signed by theoriginator.
The use of PCR registers to store measurementsrepresentative of a trusted agent platform´s software state isconsistent amongst all the trusted platforms.
Every Trusted platform has enrolled at least one of their AIKswith a Privacy-CA which is know to every other trusted agentplatform.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 55: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/55.jpg)
Requirements of the Secure Migration Library for Agents
Each hosting platform contains a TPM.
The state of the Trusted Agent platform is measured and themeasurements stored to the TPM PCRs.
The initial host platform from which the mobile agentoriginates is considered trusted.
Any static agent information is digitally signed by theoriginator.
The use of PCR registers to store measurementsrepresentative of a trusted agent platform´s software state isconsistent amongst all the trusted platforms.
Every Trusted platform has enrolled at least one of their AIKswith a Privacy-CA which is know to every other trusted agentplatform.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 56: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/56.jpg)
Conclussions
1 The agents have characteristics such as autonomy, reasoning,reactivity, social abilities, pro-activity, etc. which make themappropriate for developing dynamic and distributed systemsbased on Ambient Intelligence
2 the Agents and MAS represent an interesting alternative thatis well worth exploring to try to meet the challenges posed byAmbient Intelligence.
3 Security is essential for a practical agent based system.
4 Security must be easy to integrate for Software developers.
5 We plan to integrate the direct anonymous attestation in ourmodel.
6 We are studying the ways to overcome the rigidity of thecurrent model by using external attestation servers.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 57: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/57.jpg)
Conclussions
1 The agents have characteristics such as autonomy, reasoning,reactivity, social abilities, pro-activity, etc. which make themappropriate for developing dynamic and distributed systemsbased on Ambient Intelligence
2 the Agents and MAS represent an interesting alternative thatis well worth exploring to try to meet the challenges posed byAmbient Intelligence.
3 Security is essential for a practical agent based system.
4 Security must be easy to integrate for Software developers.
5 We plan to integrate the direct anonymous attestation in ourmodel.
6 We are studying the ways to overcome the rigidity of thecurrent model by using external attestation servers.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 58: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/58.jpg)
Conclussions
1 The agents have characteristics such as autonomy, reasoning,reactivity, social abilities, pro-activity, etc. which make themappropriate for developing dynamic and distributed systemsbased on Ambient Intelligence
2 the Agents and MAS represent an interesting alternative thatis well worth exploring to try to meet the challenges posed byAmbient Intelligence.
3 Security is essential for a practical agent based system.
4 Security must be easy to integrate for Software developers.
5 We plan to integrate the direct anonymous attestation in ourmodel.
6 We are studying the ways to overcome the rigidity of thecurrent model by using external attestation servers.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 59: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/59.jpg)
Conclussions
1 The agents have characteristics such as autonomy, reasoning,reactivity, social abilities, pro-activity, etc. which make themappropriate for developing dynamic and distributed systemsbased on Ambient Intelligence
2 the Agents and MAS represent an interesting alternative thatis well worth exploring to try to meet the challenges posed byAmbient Intelligence.
3 Security is essential for a practical agent based system.
4 Security must be easy to integrate for Software developers.
5 We plan to integrate the direct anonymous attestation in ourmodel.
6 We are studying the ways to overcome the rigidity of thecurrent model by using external attestation servers.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 60: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/60.jpg)
Conclussions
1 The agents have characteristics such as autonomy, reasoning,reactivity, social abilities, pro-activity, etc. which make themappropriate for developing dynamic and distributed systemsbased on Ambient Intelligence
2 the Agents and MAS represent an interesting alternative thatis well worth exploring to try to meet the challenges posed byAmbient Intelligence.
3 Security is essential for a practical agent based system.
4 Security must be easy to integrate for Software developers.
5 We plan to integrate the direct anonymous attestation in ourmodel.
6 We are studying the ways to overcome the rigidity of thecurrent model by using external attestation servers.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection
![Page 61: A Solution based on Cryptographic HW for Agent Protection](https://reader036.vdocuments.mx/reader036/viewer/2022071600/613d1a32736caf36b759568f/html5/thumbnails/61.jpg)
Conclussions
1 The agents have characteristics such as autonomy, reasoning,reactivity, social abilities, pro-activity, etc. which make themappropriate for developing dynamic and distributed systemsbased on Ambient Intelligence
2 the Agents and MAS represent an interesting alternative thatis well worth exploring to try to meet the challenges posed byAmbient Intelligence.
3 Security is essential for a practical agent based system.
4 Security must be easy to integrate for Software developers.
5 We plan to integrate the direct anonymous attestation in ourmodel.
6 We are studying the ways to overcome the rigidity of thecurrent model by using external attestation servers.
Antonio Munoz & Antonio Mana A Solution based on Cryptographic HW for Agent Protection