PeAgent - a mobile agent system to support secure Internet and Web applications

Many agent-based systems have been developed over the past decade; however, the security issues are usually not addressed adequately. In order to make the mobile agent paradigm more useful and acceptable for Web and Internet applications, the security considerations should go beyond the protection of basic agent execution environments. In this paper, we present the design of a robust Java-based mobile agent system, PeAgent. The PeAgent system not only incorporates a fine-grain agent privilege control mechanism, but also includes a multi-level protection mechanism that can be used throughout the life-cycle of agents. A two-level domain hierarchy is constructed to organize the large number of Internet nodes in the agent system into manageable units: the global/domain management unit (GMU/DMU). Each unit consists of a certification authority (CA) and a location manager (LM). The certificates issued from GMU and DMU define the access privileges on the PeAgent servers for each agent. A context hierarchy is built up on the PeAgent servers for fine-level resource access control and agent management. Overall, the PeAgent system provides a secure computing environment for widely distributed applications over a network of heterogeneous platforms. It also facilitates the development of secure Web-based applications.