Abstract
While mobile agents approach provides a great flexibility and customizability compared to the traditional client-server approaches, it introduces many serious security problems. These problems are mainly protecting the hosting server and the visiting agent from each other. In this paper we discuss the security issues in the mobile agents technology. Specifically, we describe the techniques used to protect a hosting server from malicious agents roaming the network. We also present mechanisms for protecting a mobile agent during traveling from its source to the designated destination.
In addition, we address the challenging problem of securing the agent from a hostile execution environment. We point out the difficulty of the problem inherent from the fact that the executing environment has almost complete control over the code it is executing. And we describe the techniques proposed in the literature for dealing with the problem. Finally, we present a secure distributed application that we have developed to illustrate the capabilities of the mobile agents approach. We adapt a public key authentication technique to implement the security features of the application.