Results 1 - 10
of
102
Communicating mobile processes: introducing occam-pi
- In 25 Years of CSP
, 2005
"... Abstract. This paper introduces occam-π, an efficient and safe binding of key elements from Hoare’s CSP and Milner’s π-calculus into a programming language of industrial strength. A brief overview of classical occam is presented, before focussing on the extensions providing data, channel and process ..."
Abstract
-
Cited by 71 (24 self)
- Add to MetaCart
Abstract. This paper introduces occam-π, an efficient and safe binding of key elements from Hoare’s CSP and Milner’s π-calculus into a programming language of industrial strength. A brief overview of classical occam is presented, before focussing on the extensions providing data, channel and process mobility. Some implementation details are given, along with current benchmark results. Application techniques exploiting mobile processes for the direct modelling of large-scale natural systems are outlined, including the modelling of locality (so that free-ranging processes can locate each other). Run-time overheads are sufficiently low so that systems comprising millions of dynamically assembling and communicating processes are practical on modest processor resources. The ideas and technology will scale further to address larger systems of arbitrary complexity, distributed over multiple processors with no semantic discontinuity. Semantic design, comprehension and analysis are made possible through a natural structuring of systems into multiple levels of network and the compositionality of the underlying algebra. 1
Secure Tropos: a Security-Oriented Extension of the Tropos Methodology
- International Journal of Software Engineering and Knowledge Engineering
"... This paper is made available online in accordance with publisher policies. Please scroll down to view the document itself. Please refer to the repository record for this item and our policy information available from the repository home page for further information. To see the final version of this ..."
Abstract
-
Cited by 49 (15 self)
- Add to MetaCart
(Show Context)
This paper is made available online in accordance with publisher policies. Please scroll down to view the document itself. Please refer to the repository record for this item and our policy information available from the repository home page for further information. To see the final version of this paper please visit the publisher’s website. Access to the published version may require a subscription.
can mobile agents do secure electronic transactions on untrusted hosts? A survey of the security issues and the current solutions
- ACM Trans. Internet Technol
, 2003
"... This article investigates if and how mobile agents can execute secure electronic transactions on untrusted hosts. An overview of the security issues of mobile agents is first given. The problem of untrusted (i.e., potentially malicious) hosts is one of these issues, and appears to be the most diffic ..."
Abstract
-
Cited by 41 (0 self)
- Add to MetaCart
This article investigates if and how mobile agents can execute secure electronic transactions on untrusted hosts. An overview of the security issues of mobile agents is first given. The problem of untrusted (i.e., potentially malicious) hosts is one of these issues, and appears to be the most difficult to solve. The current approaches to counter this problem are evaluated, and their relevance for secure electronic transactions is discussed. In particular, a state-of-the-art survey of mobile agent-based secure electronic transactions is presented. Categories and Subject Descriptors: A.1 [Introductory and Survey]; E.3 [Data Encryption];
Mobile Agents In Intrusion Detection And Response
"... Effective intrusion detection capability is an elusive goal, not solved easily or with a single mechanism. However, mobile software agents go a long way toward realizing the ideal behavior desired in an Intrusion Detection System (IDS). This paper is an initial look at the relatively unexplored terr ..."
Abstract
-
Cited by 33 (1 self)
- Add to MetaCart
Effective intrusion detection capability is an elusive goal, not solved easily or with a single mechanism. However, mobile software agents go a long way toward realizing the ideal behavior desired in an Intrusion Detection System (IDS). This paper is an initial look at the relatively unexplored terrain of using mobile agents for intrusion detection and response. It looks not only at the benefits derived from mobility, but also those associated with software agent technology. We explore these benefits in some detail and propose a number of innovative ways to apply agent mobility to address the shortcomings of current IDS designs and implementations. We also look at new approaches for automating response to an intrusion, once detected.
Integrated Innate and Adaptive Artificial Immune Systems Applied to Process Anomaly Detection
, 2007
"... This thesis explores the design and application of artificial immune systems (AISs), problem-solving systems inspired by the human and other immune systems. AISs to date have largely been modelled on the biological adaptive immune system and have taken little inspiration from the innate immune syste ..."
Abstract
-
Cited by 24 (5 self)
- Add to MetaCart
(Show Context)
This thesis explores the design and application of artificial immune systems (AISs), problem-solving systems inspired by the human and other immune systems. AISs to date have largely been modelled on the biological adaptive immune system and have taken little inspiration from the innate immune system. The first part of this thesis examines the biological innate immune system, which controls the adaptive immune system. The importance of the innate immune system suggests that AISs should also incorporate models of the innate immune system as well as the adaptive immune system. This thesis presents and discusses a number of design principles for AISs which are modelled on both innate and adaptive immunity. These novel design principles provided a structured framework for developing AISs which incorporate innate and adaptive immune systems in general. These design principles are used to build a software system which allows such AISs to be implemented and explored.
Preserving Privacy in Web Services
, 2002
"... Web services arein creasin gly bein g adopted as a viable mean s to access Web-based application . This has been en - abled by the tremen3 us stan3 rdization e#ort to describe, advertise, discover, an d in voke Web services. Digital government (DG) is a ma or application domain for Web services. It ..."
Abstract
-
Cited by 23 (5 self)
- Add to MetaCart
Web services arein creasin gly bein g adopted as a viable mean s to access Web-based application . This has been en - abled by the tremen3 us stan3 rdization e#ort to describe, advertise, discover, an d in voke Web services. Digital government (DG) is a ma or application domain for Web services. It aims at improvin g govern men t-citizen in teraction s usin g in formation an commun cation techn logies. Govern5 n t agen cies collect, store, process,an d sharein formation about million s of citizen s who have di#eren t preferen ces regardin g their privacy. Thisn aturally raises an umber of legalan d techn ical issues that must be addressed to preserve citizen s' privacy through the con trol of the in formation flow amon gst di#eren ten tities (users, Web services, DBMSs). Solution s addressin g this issue are stillin their in fan cy. They con sist, essen tially, of en forcin g privacy by law or by self-regulation . In this paper, we propose a n w techn cal approach for preservin privacyin governPE t Web services. Our design is based d mobile privacy preserving agents. This work aims at establishin the feasibility an d provable reliability of techn ology-based privacy preservin solution for Web service in rastructures.
G.A.: When security meets software engineering: a case of modelling secure information systems
- Inf. Syst
, 2005
"... This paper is made available online in accordance with publisher policies. Please scroll down to view the document itself. Please refer to the repository record for this item and our policy information available from the repository home page for further information. To see the final version of this ..."
Abstract
-
Cited by 22 (6 self)
- Add to MetaCart
(Show Context)
This paper is made available online in accordance with publisher policies. Please scroll down to view the document itself. Please refer to the repository record for this item and our policy information available from the repository home page for further information. To see the final version of this paper please visit the publisher’s website. Access to the published version may require a subscription.
Mobile Agent Security Through Multi-Agent Cryptographic Protocols
"... We consider the problem of keeping sensitive data and algorithms contained in a mobile agent from discovery and exploitation by a malicious host. The focus in this paper is on rigorous techniques based on cryptographic protocols. Algesheimer, Cachin, Camenisch, and Karjoth (IEEE Security and Privacy ..."
Abstract
-
Cited by 15 (3 self)
- Add to MetaCart
We consider the problem of keeping sensitive data and algorithms contained in a mobile agent from discovery and exploitation by a malicious host. The focus in this paper is on rigorous techniques based on cryptographic protocols. Algesheimer, Cachin, Camenisch, and Karjoth (IEEE Security and Privacy, 2001) devised a secure agent protocol in such a setting, where agents and hosts are mutually distrusting, but access to a "trusted third party" is available to all participants. In this paper, we present ways of removing the trusted third party, and achieving similar results through the application of multiple agents. As an agent on a remote host is trusted by neither the current host nor the agent originator, the remote agent cannot simply act as a "stand-in" for the trusted third party, and requires the design of non-trivial multi-agent protocols. In addition, our multi-agent protocol can proceed if any subset of the agents of a certain size is available at any particular time, adding faulttolerance which did not exist in previous protocols, while achieving a high level of security. Our solution relies on well-tested cryptographic primitives, including threshold cryptography and oblivious transfer.
Certificates for mobile code security
- in Proceedings of the 17th symposium on Proceedings of the 2002 ACM symposium on applied computing, 2002
, 2002
"... hkvt99r @ ecs.soton.ac.u k ..."
(Show Context)
Trust Relationships in a Mobile Agent System
- Mobile Agents, number 2240 in LNCS
, 2001
"... . The notion of trust is presented as an important component in a security infrastructure for mobile agents. A trust model that can be used in tackling the aspect of protecting mobile agents from hostile platforms is proposed. We dene several trust relationships in our model, and present a trust ..."
Abstract
-
Cited by 12 (3 self)
- Add to MetaCart
(Show Context)
. The notion of trust is presented as an important component in a security infrastructure for mobile agents. A trust model that can be used in tackling the aspect of protecting mobile agents from hostile platforms is proposed. We dene several trust relationships in our model, and present a trust derivation algorithm that can be used to infer new relationships from existing ones. An example of how such a model can be utilized in a practical system is provided. 1
