Revisiting software protection

We provide a selective survey on software protection, including approaches to software tamper resistance, obfuscation, software diversity, and white-box cryptography. We review the early literature in the area plus recent activities related to trusted platforms, and discuss challenges and future directions

Lazy Mobile Intruders

We present a new technique for analyzing platforms that execute potentially malicious code, such as web-browsers, mobile phones, or virtualized infrastructures. Rather than analyzing given code, we ask what code an intruder could create to break a security goal of the platform. To avoid searching the infinite space of programs that the intruder could come up with (given some initial knowledge) we adapt the lazy intruder technique from protocol verification: the code is initially just a process variable that is getting instantiated in a demand-driven way during its execution. We also take into account that by communication, the malicious code can learn new information that it can use in subsequent operations, or that we may have several pieces of malicious code that can exchange information if they “meet”. To formalize both the platform and the malicious code we use the mobile ambient calculus, since it provides a small, abstract formalism that models the essence of mobile code. We provide a decision procedure for security against arbitrary intruder processes when the honest processes can only perform a bounded number of steps and without path constraints in communication. We show that this problem is NP-complete

Mecanismo para evitar ataques por confabulación basados en code passing

Los agentes móviles son entidades software formadas por código, datos, itinerario y estado, que pueden migrar de host en host autónomamente ejecutando su código. A pesar de sus ventajas, los aspectos de seguridad restringen enormemente el uso de código móvil. La protección del agente ante ataques de hosts maliciosos, es el problema de seguridad más difícil de resolver en los sistemas de agentes móviles. En particular, los ataques por confabulación han sido poco estudiados en la literatura. Este paper presenta un mecanismo de protección ante ataques por confabulación basados en code passing. Nuestra propuesta es un Multi-Code Agent que contiene diferentes variantes del código para cada host. Una Trusted Third Party es la responsable de proporcionar la información para extraer cada variante, y de tomar referencias temporales que se usarán para veri car la coherencia temporal

Digital Ecosystem - A next generation of the collaborative environment

Abstract Digital ecosystems transcend the traditional, rigorously defined, collaborative environments from centralised, distributed or hybrid models into an open, flexible, domain cluster, demand-driven, interactive environment. A digital ecosystem is a new-networked architecture and collaborative environment that addresses the weakness of client-server, peer-to-peer, Grid and web services. In this keynote, we will provide a detailed explanation of digital ecosystems, their analogy to ecological systems, their scientific innovation, technical exploration including architecture, swarm intelligence, design and implementation, their comparison to existing networked architecture, social, cultural and economic impact the networked economy. We will also provide several practical examples as well as demonstration of swarm intelligence-based self-organised digital ecosystems

A secure protocol based on a sedentary agent for mobile agent environments

The main challenge when deploying mobile agent environments pertains to security issues concerning mobile agents and their executive platform. This paper proposes a secure protocol which protects mobile agents against attacks from malicious hosts in these environments. Protection is based on the perfect cooperation of a sedentary agent running inside a trusted third host. Results show that the protocol detects several attacks, such as denial of service, incorrect execution and re-execution of the mobile agent code. Results also indicate that the traffic generated and run time are barely affected

Possible attacks on and countermeasures for secure multi-agent computation

In this paper we improve the model for secure multi-agent computation proposed by Endsuleit and Mie. We apply a recent protocol from Hirt and Maurer for secure multi-party computation to build Alliances of n agents that solve a common task. The protocol used is very efficient with a communication load of O(n^2 m) (where m is the number of multiplications). All computations within the Alliance are robust as less than n/3 agents are corrupted at the same time

Secure Mobile Agents with Designated Hosts

Mobile agents often travel in a hostile environment where their security and privacy could be compromised by any party including remote hosts in which agents visit and get services. It was proposed in the literature that the host visited by an agent should jointly sign a service agreement with the agent\u27s home, where a proxy-signing model was deployed and every host in the agent system can sign. We observe that this actually poses a serious problem in that a host that should be excluded from an underlying agent network could also send a signed service agreement. In order to solve this problem, we propose a secure mobile agent scheme achieving host authentication with designated hosts, where only selected hosts can be included in the agent network. We also present a security model and provide a rigorous security proof to our scheme