Security for Mobile Agents: Issues and Requirements

William M. Farmer, Joshua D. guttman, Vipin Swarup
The MITRE Corporation
http://csrc.nist.gov/nissc/1996/papers/NISSC96/paper033/SWARUP96.PDF

Authentication = deducing which principal is making the request; it can be complicated when the agent traveles from host to host

Authorization = deducing whether to grant a request or not

Model 1 = Travel agent

Travel agent send an agent to several airline companies to look for the smalles price.
We cannot expect the participants to trust each other.
An agent's critical decisions should be taken on neutral (trusted) hosts.
Unchanging components of the state should be sealed cryptographically.

Model 2 = Distribued Intrusion Detection

The network is partitioned in domains with an interpreter (host) on each domain. The agent audit and collect data and respond to attacks.

Impossible tasks

Easy tasks

Possible, but not easy tasks