Summary of sources on agent security

• To: agents@sunlabs.eng.Sun.COM, www-security@ns2.rutgers.edu
• Subject: Summary of sources on agent security
• From: "David M. Chess" <chess@watson.ibm.com>
• Date: Wed, 17 Jan 96 15:07:45 EST

Here are some of the pointers that I got back in kind
replies to my query about agent security.  (If you sent
me a pointer and I don't mention it here, you can assume
that it was so good I'm keeping it to myself, heheh.)

Various people suggested a search (usually on AltaVista;
this must be AltaVista month!).  The trouble with searches
is that they aren't very good: searching on "agent and security"
gets me lots and lots and lots and lots of pages that
include those words, but few of them are actually useful.
We still have nothing to beat a bunch of experts sitting
around chatting...

Some people, including the author himself, recommended Peter Wayner's
"Agents Unleashed" (see <http://access.digex.net/~pcw/pcwpage.htm>).
I haven't actually read it yet, but it looks promising, and
should be in all libraries.

In the CIKM'95 proceedings
   http://www.cs.umbc.edu/~cikm/iia/proc.htm
there's a very relevant position paper by Shirley Browne:
   http://www.cs.umbc.edu/~cikm/iia/submitted/viewing/browne.htm

The OSF would also like to do work in this area:
   http://www.osf.org/www/Active_Props/secure_agents.htm

The UMBC agents page has a subpage on security:
   http://www.cs.umbc.edu/agents/security.htm
which includes the Secret Agents paper (security for KQML), the
lastest telescript-security paper, and even something by me!
This is probably one of the best places to keep your eye peeled
for new developments.

Various people mentioned Safe-tcl, for which this:
   http://minsky.med.Virginia.EDU/sdm7g/Projects/Python/safe-tcl/
seems to be a good pointer.

For Java, I have
   http://java.sun.com/whitePaper/java-whitepaper-8.htm#HEADING8-0
and
   http://java.sun.com/1.0alpha3/doc/misc/using.htm (search on "security")
although there should be one about post-alpha versions somewhere as well.

And of course there's my own rather hand-waving

  http://www.research.ibm.com/xw-D953-bump

which is under

  http://www.research.ibm.com/massdist

A very few actual paper references appeared:

 Sandholm, T. and Lesser, V. 1995. Equilibrium Analysis of the
 Possibilities of Unenforced Exchange in Multiagent Systems. 14th
 International Joint Conference on Artificial Intelligence (IJCAI-95),
 Montreal, Canada, pp. 694-701.
    available at http://dis.cs.umass.edu/~sandholm/home.htm

  Fritz Hohl's thesis on Mobile Agent Systems, which has a section
  on Security, and is in German:
     http://www.informatik.uni-stuttgart.de/cgi-bin/rep_view.pl?/inf/ibd/DIP-1267.ibd

  Theon Tuck's thesis on authentication and delegation in the
  Choices operating system:
     ftp://choices.cs.uiuc.edu/Papers/Theses/MS.Authentication.Delegation.ps.Z

and a number of people who were doing some sort of work in the area,
but hadn't published yet, and wanted to see a copy of my paper when
it was available.  I'll let them speak up themselves if they want to.  *8)

Thanks to everyone who replied.  It's clear this is a young field (or
actually an unpopular subfield of a young field), and there's much more
coding going on than there is theory or paper-writing.  I hope that
will change at least a bit in the next few years.

- -- -
David M. Chess                     /    Invest for the Nanotech Era:
High Integrity Computing Lab      /             Buy Atoms!
IBM Watson Research

• Previous: (no subject)
• Next: RE: Summary of sources on agent security
• Index(es):
  • Index
  • Thread