DAGO

Description

Mobile code systems provide an infrastructure that supports autonomous mobile components, called mobile agents. The infrastructure implements services for the transfer, execution, and protection of mobile agents. Security services are usually provided by implementing new security mechanisms that are explicitly tailored to mobile components. Unfortunately, developing sound, reliable security mechanisms is a non-trivial task, and a history of vulnerable and/or incomplete implementations of these mechanisms led to the idea that mobile code systems are inherently insecure, too complex, and very difficult to deploy. To overcome these problems, we developed a mobile code system that relies as much as possible on the security mechanisms already provided by the underlying operating system. By doing this, it is possible to develop, with reduced effort, security services that rely on well-known, well-understood, and well-tested security mechanisms. Also, by describing the security of the mobile code system in terms of the OS security mechanisms, system administrators can better evaluate the security implications of deploying the

The goal of the DAGO system is to show that a computational environment, which allows for the execution of incoming mobile agents, supports their further relocation, and, in addition, provides a mechanisms to protect the hosting system against possible attacks from the mobile agents, can be built by relying almost exclusively on existing and well-tested OS-level security mechanisms.

We implemented a proof-of-concept Mobile Code System for Linux OS. The key features of the DAGO system:

It takes advantage of Linux permission-based security model to enforce access control and separation of privileges within the system.
It provides secure communication and authentication between DAGO-enables hosts by employing scp for relocation of mobile agents.
Each mobile agent is given an individual system account and a unique UID for the duration of its execution on a host.
Mobile agents are implemented as Bash scripts and are transferred between hosts in the form of tar archive.

Definitions

Mobile Agents: A form of code mobility. Mobile components that can explicitly relocate themselves across network, usually preserving their execution state (or part of thereof) across migrations.
Mobile Code System: Provides an infrastructure that supports mobile agents. The infrastructure implements services for the transfer, execution, and protection of mobile agents.

Results

In order to evaluate the performance of the DAGO system, we designed a simple test case application and implemented it for the Aglets, JADE, and DAGO systems. The goal of the test was not to determine which system is more efficient, but rather to evaluate if the performance of mobile agent system that uses OS-level security mechanisms is comparable with the performance of other well-known mobile agent systems.

Our test application is composed of agents that verify the integrity of a set of files. The agents are initialized with a list of pre-computed MD5 checksums of the files. During execution, the agents migrate from host to host and compute, on each host, the current checksum values for the given set of files. The results are then compared with the ones given to the agent at startup time, and possible discrepancies in the checksums are reported.

Here we provide an averaged total running time (execution + relocation) for three mobile code systems running on Fedora Core 3 hosts (kernel version 2.4.22) with Java SDK 1.4.2. Please, refer to Exploiting OS-level Mechanisms to Implement Mobile Code Security paper for more detailed description of the tests performed and their results.

Mobile Code System	Total Running Time (ms)
Aglets	97,949
JADE	95,539
DAGO	91,010

Discussion

The test cases presented here and in the paper are not meant to be a complete and sound comparison of the three mobile code systems because the described agent applications were implemented using different programming languages and cannot be compared directly. Nonetheless, the results support the claim that a mobile agent system based on OS-level mechanisms have the potential to provide an execution environment in which mobile agents can be executed with a performance comparable to existing mainstream systems.

Software

The DAGO system (2.2 beta)
The proof-of-concept implementation of the DAGO system.
- agentlogin-2.2.tar.gz, Linux version (tested on Fedora Core 3 and Debian 3.1).

Publications

V. Felmetsger and G. Vigna,"Exploiting OS-level Mechanisms to Implement Mobile Code Security,", in Proceedings of the IEEE International Conference on Engineering of Complex Computer Systems (ICECCS), pp. 234-243, Shanghai, China, June 2005.[PDF, BibTeX]

People

V. Felmetsger, Graduate Student
G. Vigna, Associate Professor

Distributed Agents on the Go (DAGO)