Negotiation of network security policy by means of agents

Proceeding of: 7th International Conference on Practical Applications of Agents and Multi-Agent Systems, 2009 (PAAMS 2009, 25-27 March 2009, Salamanca, SpainNowadays many intranets are deployed without enforcing any network security policy and just relying on security technologies such as firewalls or antivirus. In addition, the number and type of network entities are no longer fixed. Typically, laptops, PDAs or mobile phones need to have access to network resources occasionally. Therefore, it is important to design flexible systems that allow an easy administration of connectivity without compromising security. This article shows how software agents may provide secure configurations to a computer network in a distributed, autonomous and dynamic manner. Thus, here we describe the system architecture of a prototype, the negotiation protocol it uses and how it works in a sample scenario.Publicad

Privacy, security, and trust issues in smart environments

Recent advances in networking, handheld computing and sensor technologies have driven forward research towards the realisation of Mark Weiser's dream of calm and ubiquitous computing (variously called pervasive computing, ambient computing, active spaces, the disappearing computer or context-aware computing). In turn, this has led to the emergence of smart environments as one significant facet of research in this domain. A smart environment, or space, is a region of the real world that is extensively equipped with sensors, actuators and computing components [1]. In effect the smart space becomes a part of a larger information system: with all actions within the space potentially affecting the underlying computer applications, which may themselves affect the space through the actuators. Such smart environments have tremendous potential within many application areas to improve the utility of a space. Consider the potential offered by a smart environment that prolongs the time an elderly or infirm person can live an independent life or the potential offered by a smart environment that supports vicarious learning

DCDIDP: A distributed, collaborative, and data-driven intrusion detection and prevention framework for cloud computing environments

With the growing popularity of cloud computing, the exploitation of possible vulnerabilities grows at the same pace; the distributed nature of the cloud makes it an attractive target for potential intruders. Despite security issues delaying its adoption, cloud computing has already become an unstoppable force; thus, security mechanisms to ensure its secure adoption are an immediate need. Here, we focus on intrusion detection and prevention systems (IDPSs) to defend against the intruders. In this paper, we propose a Distributed, Collaborative, and Data-driven Intrusion Detection and Prevention system (DCDIDP). Its goal is to make use of the resources in the cloud and provide a holistic IDPS for all cloud service providers which collaborate with other peers in a distributed manner at different architectural levels to respond to attacks. We present the DCDIDP framework, whose infrastructure level is composed of three logical layers: network, host, and global as well as platform and software levels. Then, we review its components and discuss some existing approaches to be used for the modules in our proposed framework. Furthermore, we discuss developing a comprehensive trust management framework to support the establishment and evolution of trust among different cloud service providers. © 2011 ICST

Creating agent platforms to host agent-mediated services that share resources

After a period where the Internet was exclusively filled with content, the present efforts are moving towards services, which handle the raw information to create value from it. Therefore labors to create a wide collection of agent-based services are being perfomed in several projects, such as Agentcities does. In this work we present an architecture for agent platforms named a-Buildings. The aim of the proposed architecture is to ease the creation, installation, search and management of agent-mediated services and the share of resources among services. To do so the a-Buildings architecture creates a new level of abstraction on top of the standard FIPA agent platform specification. Basically, an a-Building is a service-oriented platform which offers a set of low level services to the agents it hosts. We define low level services as those required services that are neccesary to create more complex high level composed services.Postprint (published version

A Formal Model for Trust in Dynamic Networks

We propose a formal model of trust informed by the Global Computing scenario and focusing on the aspects of trust formation, evolution, and propagation. The model is based on a novel notion of trust structures which, building on concepts from trust management and domain theory, feature at the same time a trust and an information partial order

On the emergent Semantic Web and overlooked issues

The emergent Semantic Web, despite being in its infancy, has already received a lotof attention from academia and industry. This resulted in an abundance of prototype systems and discussion most of which are centred around the underlying infrastructure. However, when we critically review the work done to date we realise that there is little discussion with respect to the vision of the Semantic Web. In particular, there is an observed dearth of discussion on how to deliver knowledge sharing in an environment such as the Semantic Web in effective and efficient manners. There are a lot of overlooked issues, associated with agents and trust to hidden assumptions made with respect to knowledge representation and robust reasoning in a distributed environment. These issues could potentially hinder further development if not considered at the early stages of designing Semantic Web systems. In this perspectives paper, we aim to help engineers and practitioners of the Semantic Web by raising awareness of these issues