( 您好!臺灣時間:2021/02/28 05:51
字體大小: 字級放大   字級縮小   預設字形  


研究生(外文):Hsia-Hung Ou
論文名稱(外文):A Study on Mobile Agent Security
指導教授(外文):Min-Shiang Hwang
外文關鍵詞:Mobile AgentInternetSecurity
  • 被引用被引用:5
  • 點閱點閱:183
  • 評分評分:系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔
  • 下載下載:16
  • 收藏至我的研究室書目清單書目收藏:1
近年來,網際網路(Internet)的熱潮方興未艾,網際網路上的相關技術與應用也一直是學者專家所關心與研究探討的議題,行動代理程式(Mobile Agent)更是其中一項非常具有潛力的技術。行動代理程式具有自主性(Autonomy),能執行與完成使用者所設計與賦予的工作與任務,它所具備的移動性(Mobility)更使得他能在弗遠國界的網際網路上恣意的移動,代替使用者完成他所交付的任務。但是網際網路是一個開放式的環境,它的安全環境並不理想,所有的人雖可以透過它便利的分享和使用網路上的資源,但相對的任何懷有惡意的程式或駭客也都可以使用這樣的環境來達到他們竊取與破壞的目的。行動代理程式在網路上運作時,它所代表的身份是授與它權力的使用者,它所攜帶的敏感資料必須受到嚴格的保護,提供服務的網路伺服器主機,也必須確保自身系統和資料的安全和機密性。另外,不同的行動代理程式之間的接觸也可能成為洩密與破壞的主因,所以行動代理程式的安全與否是這項技術能否實際應用的主要關鍵。
The subject of the mobile agent is a new popular emerging research topic. Nowadays, mobile agent is widely developed and implemented on the Internet. Application areas of mobile agent include electronic commerce, electronic marketing, and enterprise information systems, etc.
Mobile agent is a program that acts on behalf of a user or another program and is able to migrate from host to host on a network under its own control. It can migrate to target host from a source host in order to perform jobs. The agent works at the target hosts, and it visits one host after another. Therefore, the security issue in management of mobile agents becomes essential. When a mobile agent is on duty, it may contact with the hosts and other agents. However they may be trusty or malicious. As a consequence, most of the attacks come from here. A mobile agent must be capable of authenticating legal hosts and other agents to avoid malicious attacks. Not only this, since the mobile agent is transmitted over the Internet, the security policies become essential in protecting the data carried by the agent being transferred between distributed hosts.
This research aims on mobile agent security and the other related topics. We will analysis and description what is the requirement of the mobile agent security, and introduce the secure policies and machines. In the end, we will propose some solutions in this domain.
目錄 I
圖表目錄 IV
摘要 V
致謝 IX
1. 簡介 1
1.1. 研究動機 1
1.2. 研究目的 5
1.3. 研究方法與步驟 6
2. 安全需求 9
2.1. 成員 9
2.2. 攻擊的分類 10
2.3. 安全技術 12
3. 文獻回顧與相關研究 15
3.1. 開發環境 15
3.2. AJANTA 17
3.3. SOMA 21
3.4. SFM 24
3.5. 安全機制的歸類 26
3.5.1. 認證傳遞機制 27
3.5.2. 存取控制機制 31
4. 我們的方法 37
4.1. 以密碼學為基礎之行動代理程式安全機制 37
4.1.1. 安全的行動代理程式傳輸協定 37 楊與蕭的行動代理程式傳輸協定 37 安全的行動代理程式傳輸協定 42
4.1.2. 以階層管理的概念改良存取控制機制 45 Volker and Mehrdad的存取控制與金鑰管理機制 46 Akl和Taylor的使用者階層存取技術 48 使用階層技術改善存取控制與金鑰管理機制 50
4.2. 應用於類神經網路的行動代理程式安全機制 52
4.2.1. 概述 52
4.2.2. 以類神經網路為基礎之使用者認證系統 53 簡介 53 方法 57 討論 60 改良 64 結論 67
4.2.3. 以類神經為基礎之行動代理程式安全機制 67 概述 67 基礎架構 70 參數的取得 73 類神經機制 74 驗證機制的運作 77 安全分析 78 結論 80
5. 結論與未來方向 82
5.1. 結論 82
5.2. 未來研究方向 83
參考文獻 85
[AGENT_TCL] http://www.cs.dartmouth.edu/~agent
[AGLET] http://www.trl.ibm.co.jp/aglets
[AJANTA] http://www.cs.umn.edu/Ajanta
[Akl83CR] S. G. Akl and P. D. Taylor, “Cryptographic solution to a problem of access control in a hierarchy”, ACM Transaction on Computer System, Vol. 1, No. 3, pp. 239-247, August 1983.
[ARA] http://www.uni-kl.de/AG-Nehmer/Projekte/Ara
[BAR83NU] A. G. Barto, R. S. Sutton, C. W. Anderson, “Neuron like elements that can solve difficult learning control problems”, IEEE Transactions on Systems, Man and Cybernetics, Vol. SMC-13, pp. 835-846, 1983.
[BIR85MA] A. Birrell, “Secure communication using remote procedure calls”, ACM Transactions on Computer Systems, vol.3, pp.1-141, February 1985.
[CONCORDIA] http://www.meitca.com/HSL/Projects/Concordia
[COR99MA] A. Corradi, R. Montanari, C. Stefanelli, “Mobile agents integrity in e-commerce applications”, in 19th IEEE International Conference on Distributed Computing Systems Workshops on Electronic Commerce and Web-based Applications/Middleware, pp.59-64, 1999.
[COR99MA2] A. Corradi, R. Montanari, C. Stefanelli, “Mobile agents protection in the internet environment”, in The Twenty-Third Annual International Computer Software and Applications Conference (COMPSAC''99), pp.80-85, 1999.
[COR99MA1] A. Corradi, R. Montanari, C. Stefanelli, “Security issues in mobile agent technology”, in 7th IEEE Workshop on Future Trends of Distributed Computing Systems, pp.3-8, 1999.
[EDJ98MA] G. Edjlali, A. Acharya, V. Chaudhary, “History-based access control for mobile code”, in Fifth ACM Conference on Computer and Communication Security, pp.38-48, 1998.
[FAR96MA] W. M. Farmer, J. D. Guttman, V. Swarup, “Security for mobile agents: Issues and requirements”, in 19th National Information Systems Security Conference, pp.591-587, October 1997.
[FIPA] http://www.fipa.org/spec/FIPA98.html
[FOR92] W. Ford, “Security techniques for network management”, Advanced Communications and Applications for High Speed Networks, pp.133-149, 1992.
[FRA96MA] S. Franklin and A. Graesser, ”Is it an agent or just a program”, in The Third Internation Workshop on Agent Theories, architectures, and languages, 1996.
[GLE99MA] P. Gleeson, O. Weissmann, “Secure access control in a TINA environment containing mobile agents”, in Telecommunications Information Networking Architecture Conference (TINA ''99}, pp.177-179, 1999.
[GON97] L. Gong, “New security architectural directions for java”, in IEEE COMPCON''97, 1997.
[GON97MA] Li Gong, “Java security: Present and near future”, IEEE Micro, vol.17, May/June 1997.
[GRE98MA] M. S. Greenberg, J. C. Byington, D. G. Harper, “Mobile agents and security”, IEEE Communications Magazine, vol. 36, pp. 76-85, July 1998.
[HOH98MA] F. Hohl, “A model of attacks malicious hosts against mobile agents”, in 4th Workshop on Mobile Object Systems: Secure Internet Mobile Computations, 1998.
[MASIF] Crystaliz Inc., General Magic Inc., GMD Fokus, IBM Corp., “Mobile agent facility specification”, Joint Submission Supported by the Open Group, OMG TC Document, November 1997.
[MOLE] http://www.informatik.uni-stuttgart.de/ipvt/vs/ projekte/mole.html
[JAVA] http://www.java.soft.com
[JEN98MA] N. R. Jennings, K. Sycara, and M. Wooldridge, “A roadmap of agent research and development”, Autonomous Agents and Multi-Agent Systems, vol. 1, pp. 7-38, 1998.
[KAR99MA] G. Karjoth, N. Asokan, C. Gulcu, “Protecting the computation result of free-roaming agents”, in The 2th International Workshop on Mobile Agent, 1999.
[KAR98MA] A. Karmouch, “Guest editorial mobile software agents for telecommunications”, IEEE Communications Magazine, July 1998.
[KAR00MA] N. M. Karnik and A. R. Tripathi, “A security architecture for mobile agents in Ajanta”, in 20th International Conference on Distributed Computing Systems, pp.402-409, 2000.
[KERBEROS] J. Kohl and B. C. Neuman, The Kerberos network authentication service (Version 5), Internet RFC 1510, Sept. 1993.
[KUM97MA] G. P. Kumar and P. Venkataram, “Security management architecture for access control to network resources”, in Computers and Digital Techniques, IEE, vol. 1446, pp.362-370, November 1997.
[LAN98MA] D. B. Lange and M. Oshima, Programming, Deploying Java Mobile Agent with Aglets, Assison-Wesley, 1998.
[LIP89NU] R. P. Lippman, “An introduction to computing with neural nets”, IEEE ASSP Magazine, pp. 4-22, April 1987.
[LUP97MA] E. LUPU and M. Sloman, “A policy based role object model”, in EDOC97, October 1997.
[JOR99MA] P. J. Marques, L. M. Silva, J. G. Silva, “Security mechanisms for using mobile agents in electronic commerce”, in The 18th IEEE Symposium on Reliable Distributed Systems, pp.378-383, 1999.
[MAR99MA] P. J. Marques, L. M. Silva, J. G. Silva, “Security mechanisms for using mobile agents in electronic commerce”, in 18th IEEE Symposium on Reliable Distributed Systems, pp.378-383, 1999.
[MEN96MA] A. Menezes, et al., Handbook of Applied Cryptography, CRC Press, 1996.
[NEU94] B. C. Neuman, T. Ts''o, “Kerberos: an authentication services for computer networks”, IEEE Communications Magazine, vol.32, no.9, pp.33-38, 1994.
[ODYSSEY] http://www.generalmagtic.com
[RUM86NU] D. E. Rumelhart, G. E. Hinton,R. J. Williams, “Learning internal representations by error propagation”, Microstructure of Congnition, vol.1: Foundations, 1986.
[SCH96] B. Schneier, Applied Cryptography (Second Edition), John Wiley and Sons Inc., 1996.
[SHIP_MAI] http://deneb.genie.uottawa.ca
[SNO92SE] D. Snow, W. Chang, “Network security”, Telesystems Conference NTC-92, pp.15/13-15/16, 1992.
[SOMA] http://www-lia.deis.unibo.it/Software/SOMA
[SOH95SE] B. C. Soh, T. S. Dillion, “Setting optimal intrusion-detection thresholds”, Computers & Security, vol.14, pp.621-631, 1995.
[STE88] J. G. Steiner, B. C. Neuman, J. I. Schiller, “Kerberos: An authentication service for open network systems (version 4)”, in The Winter USENIX Conference, pp.191-202, Feb. 1988.
[TACOMA] http://www.cs.uit.no/DOS/Tacoma/index.html
[TAK98MA] T. Taka, T. Mizuno, T. Watanabe, “A model of mobile agent services enhanced for resource restrictions and security”, in 1998 International Conference on Parallel and Distributed Systems, pp.274-281, 1998.
[TAK97MA] Akio TAKUBO, Mutsumi ISHIKAWA, Takashi WATANABE, Masakazu SOGA, Tadanori MIZUNO, “User authentication in mobile computing environment”, IEICE TRANS. On Fundamentals of Electronics, Communications and Computer Sciences, vol. E80-A, no.7, pp.1288-1298, 1997.
[TRI99MA] A. Tripathi, N. Karnik, M. Vora, T. Ahmed, R. Singh, “Mobile agent programming in Ajanta”, The 19th International Conference on Distributed Computing Systems, pp.190-197, May 1999.
[VOL98MA] R. Volker, J. Mehrdad, “Access control and key management for mobile agents”, Computer and Graphics, vol.22, no.4, pp.457-467, 1998.
[VOYAGER] http://www.objectspace.com/voyager
[WIL98MA] U. G. Wilhelm, S. Staamann, L. Buttyan, “Protecting the itinerary of mobile agents”, in MOS''98, 1998.
[WON99MA] David Wong, Noemi Paciorek, Dana Moore, “Java-based mobile agents”, Communication of the ACM, vol.42, pp.92-102, March 1999.
[ZHO96] J. Zhou, D. Gollmann, “Observations on non-repudiation”, Asiacrypt''96, pp.133-144, 1996.
[HWA00MA] 黃明祥, 歐俠宏, 張簡尚偉, “安全的行動代理程式傳輸協定”, 第五屆電腦與通信技術研討會, pp3C25-3C29, Oct. 2000.
[OU00NU] 歐俠宏, 黃明祥, 李麗華, “以類神經網路為基礎之使用者認證系統”, 2000第八屆模糊理論及其應用會議, Dec. 2000.
[YEN00MA] 楊琇娟, 蕭如淵, ”行動代理程式應用在虛擬團隊之安全協定” , 2000網際網路與分散式系統研討會, pp.295-302, May 2000.
第一頁 上一頁 下一頁 最後一頁 top
1. 張紹勳(民88),「企業員工生涯定位、工作滿足與組織效能之研究-以資訊電腦業為參考組」,管理評論,頁36-55。
2. 黃曼琴(民80),「應用中介模式探討Type A/B人格特質為中介變相對工作壓力與工作滿足、工作績效之影響」,人力資源學報,第一期,頁59-74。
3. 陳海鳴、辛秋菊(民85),「生涯發展、離職傾向及其關係之研究-以製造業及服務業為對象」,淡江學報,第34期,頁213-238。
4. 郭崑謨、池進通 (民81),「制訂薪餉制度的基本考慮因素─激勵效果與分配基礎」,人事月刊,第12卷第6期,頁44-51。
5. 曹國雄(民83),「工作價值觀對員工工作態度的影響」,人力資源學報,第四期,頁1-20。
6. 徐聯恩、劉彥伯(民85),「專業組織激勵制度之研究」,管理科學學報,頁131-151。
7. 吳復新(民82),「應用激勵保健理論提高員工工作意願與績效之研究」,空大行政學報,第1期,頁19-31。
8. 江斌玉 (民77),「激勵行為與績效之研究」,銘傳學報,第24期,頁81-110。
9. 白博仁(民87),「國小學生的性別角色及其與自我概念的關係研究」,國立屏東師範學院國民教育研究所碩士論文。
10. 林月珠(民81),「角色認知與激勵管理:一些概念性探討」,東吳政治學報,第1期,頁321-345。
11. 吳萬益、鄭永忠、江正信 (民87),「大型教學醫院組織文化、內部激勵與控制制度對經營績效之影響研究」,輔仁管理評論,第7卷第1期,頁103-130。
12. 楊妙芬(民86),「國小教師工作價值觀、工作滿意度、任教職志與其相關因素之研究」,屏東師院學報,第10卷,頁97-132。
13. 楊國瑛(民81),「個人屬性、工作特性、成就動機、成長需求、工作績效、激勵措施、與員工工作滿意度關係之研究─以我國會計從業人員為例」,中國工商學報,第14期,頁293-316。
14. 魏嘉民(1999)“淺談供應鏈管理”,金屬工業33卷6期P.106-107
15. 葛維鈞(1993),“台灣流通業六大趨勢預測”,戰略生產力雜誌,第451期,p.102-108。
系統版面圖檔 系統版面圖檔