Colored Petri Net (CPN) based Model for Hybrid Security Architecture based on Reputation for Secure Execution of Mobile Agents

ABSTRACT Mobile Agents (MA) are software programs that live in computer networks, performing their computations and moving from host to host as necessary to fulfil user goals. Security is an important issue for the widespread deployment of applications based on mobile agent (MA) technology. The major security threats are either threats against the hosts, or threats against the MA. This paper briefly introduces the Hybrid Security Architecture (HSA) inspired by the various existing security techniques including digital signature, encryption, intrusion detections, signed agreement, trust and others. Since all are well studied and experimented techniques, paper does not discuss all in details. This paper discusses the trust model based on reputation to provide security to both MA and executing host. In order to establish safe and secure communication between MA and hosts, each must be trusted that it would not harm other when it is given the access in a system. Paper presents a new way to compute reputation value of both host and MA based either on past experience or experiences of other trusted and known entities and third party. Reputation of host is evaluated by the previous experience of the MAs being executed on the host and also by using intrusion detection mechanisms. Various components of the proposed architecture have been modelled by using Colored Petri Net (CPN) Tool. Once the model is constructed, various tools provided by CPN such as monitoring, state space and user controlled simulation have been used to check the correctness of the modelled system. Various data gathering and report generation tools have also been used to generate and collect the data required for analysis.