Efficient mobility and interoperability of software agents /

Els agents mòbils són entitats computacionals autònomes que tenen la capacitat de suspendre i prosseguir la seva execució en diferents punts de la xarxa per a dur a terme un conjunt de tasques assignades. Tot i la seva aparent simplicitat, el fet de compartir codi en diferents localitzacions, sovint heterogènies, dóna lloc a un conjunt d'inconvenients que no són senzills de solucionar. La prova és que, després de diversos anys d'esforços, el desplegament d'aquesta tecnologia no ha esdevingut una realitat. En la nostra opinió les raons principals que han obstaculitzat l'ús dels agents mòbils són la manca de seguretat, interoperabilitat i eficiència. La seguretat imposa fortes restriccions en l'ús d'aquests. No obstant actualment ja disposem d'una gran quantitat de propostes en aquesta àrea. La interoperabilitat és absolutament indispensable per a garantir que diferents tipus d'agents poden funcionar en diferents llocs i intercanviar informació. I l'eficiència és un requisit no funcional que afavoreix l'ús de la citada tecnologia. Els agents mòbils són idonis per a entorns distribuïts i heterogenis. El treball presentat en aquesta tesi està motivat per a aquest fet i comprèn quatre objectius per a millorar, en aquest ordre, la interoperabilitat, l'eficiència i la seguretat dels agents mòbils en el context dels estàndards definits per l'organització IEEE-FIPA. El primer objectiu és el disseny d'una especificació de mobilitat flexible. El segon objectiu és la proposta de mecanismes d'interoperabilitat, combinats amb l'especificació anterior, per a l'execució i mobilitat d'agents en localitzacions on no se suporten els mateixos tipus de plataformes d'agents, llenguatges de programació i arquitectures subjacents. El tercer objectiu és la proposta de mètodes per a millorar l'eficiència de la mobilitat i interoperabilitat dels agents. I, finalment, el darrer objectiu és el disseny de protocols per a tractar alguns problemes de seguretat concrets dels agents mòbils.Mobile agents are autonomous software entities that have the ability to stop and resume their execution in different network locations to accomplish a set of tasks. Despite their apparent simplicity, the fact of sharing a code in different places, in most cases heterogeneous, arises a set of issues which are far from have a simple solution. The proof is that after several years of efforts, a wide-scale deployment of mobile agents has not become a reality. In our opinion the main reasons which have hindered the adoption of mobile agents are: security, interoperability, and efficiency. Security may impose strong restrictions to the use of mobile agents. Nevertheless, enough research to satisfy the most common applications has been done in this field. Interoperability is absolutely indispensable to guarantee that different types of agents can run in different places and exchange information. And efficiency is a non functional requisite which favours the adoption of the technology. The suitability of mobile agents for distributed and heterogeneous environments is unique. The work presented in this thesis is motivated by this fact and comprises four objectives to improve, in this order, the interoperability, efficiency, and security of mobile agents in the context of the IEEE-FIPA standards. The first objective is the design of a flexible agent mobility specification. The second objective is the proposal of interoperability mechanisms to move and execute agents in several locations supporting different agent middlewares, programming languages, and underlying architectures taking advantage of the previous mobility specification. The third objective is the proposal of methods to improve the efficiency of the agent mobility and interoperability. And finally, the last objective is the design of some protocols to deal with specific security issues of mobile agents

Virtual TPM for a secure cloud: fallacy or reality?

The cloud technology has dramatically increased the virtualisation usage during the last years. Nevertheless, the virtualisation has also imposed some challenges on the security of the cloud. A remarkable case is in the usage of cryptographic hardware such as the Trusted Platform Module (TPM). A TPM is a device, physically attached to a server, that provides several cryptographic functionalities to offer a foundation of trust for the running software. Unfortunately, the virtualisation of the TPM to bring its security properties to virtual environments is not direct due to its design and security constraints. During the last years several proposals have been presented to solve the virtualisation of the TPM. Nevertheless, the virtualisation systems have not started to adopt them until very recently. This paper reviews three existing implementations of virtual TPM in the Xen and QEMU virtualisation solutions. The main contribution of the paper is an analysis of these solutions from a security perspective.This work has been co-funded by the project Trusted Cloud IPT-2011-1166-430000 of the Ministry of Economy and Competitiveness (MINECO) and the European Fund for Regional Development (FEDER)”

A közfoglalkoztatás térbeli egyenlőtlenségei

In the event of a disaster, telecommunication infrastructures can be severely damaged or overloaded. Hastily formed networks can provide communication services in an ad hoc manner. These networks are challenging due to the chaotic context where intermittent connection is the norm and the identity and number of participants cannot be assumed. In such environments malicious actors may try to disrupt the communications to create more chaos for their own benefit. This paper proposes a general security framework for monitoring and reacting to disruptive attacks. It includes a collection of functions to detect anomalies, diagnose them, and perform mitigation. The measures are deployed in each node in a fully distributed fashion, but their collective impact is a significant resilience to attacks, so the actors can disseminate information under adverse conditions. The approach is evaluated in the context of a simulated disaster area network with a many-cast dissemination protocol, Random Walk Gossip, with a store-and-forward mechanism. A challenging threat model where adversaries may 1) try to drain the resources both at node level (battery life) and network level (bandwidth), or 2) reduce message dissemination in their vicinity, without spending much of their own energy, is adopted. The results demonstrate that the approach diminishes the impact of the attacks considerably.funding agencies|Swedish Civil Contingencies Agency (MSB)||national Graduate school in computer science (CUGS)||project Hastily Formed Networks|37|</p

Mobilitat inter-plataforma d'agents software : protocol de migració fragmentada

En aquest projecte s'ha realitzat l'anàlisi, disseny i implementació d'un protocol de migració d'agents software basat en l'enviament del codi dels agents fragmentat en múltiples missatges. Aquest protocol es troba dins d'una arquitectura de migració multi-protocol per a la mobilitat d'agents entre plataformes JADE. Finalment, s'ha realitzat un estudi que compara el rendiment assolit pel protocol i les prestacions que aporta.En este proyecto se ha realizado el análisis, diseño e implementación de un protocolo de migración fragmentada de agentes software basado en el envío del código de los agentes fragmentado en múltiples mensajes. Este protocolo se encuentra dentro de una arquitectura de migración multi-protocolo para la movilidad de agentes entre plataformas JADE. Finalmente, se ha realizado un estudio comparando el rendimiento logrado por el protocolo y las prestaciones que aporta.In this project it has been made the analysis, design and implementation of a software agents migration protocol based on the shipment of multiple messages with the fragmented code of the agents. This protocol is implemented within a multi-protocol migration architecture for the mobility of agents between JADE platforms. Finally, a study has been made comparing the performance obtained by the protocol and the benefits of the contribution

Contribució a la mobilitat inter-plataforma d'agents mòbils : protocol de migració fragmentada

En aquest projecte s'ha dissenyat un protocol de migració d'agents mòbils per a l'arquitectura IPMA basat en l'enviament dels agents fragmentats en diversos missatges FIPA ACL. Aquest s'ha implementat dins el servei de migració JIPMS per a la plataforma JADE. Finalment s'ha dut a terme un conjunt exhaustiu de tests per avaluar-ne el rendiment i comparar-lo amb altres protocols de migració existents.En este proyecto se ha diseñado un protocolo de migración de agentes móviles para la arquitectura IPMA basado en el envío de los agentes fragmentados en varios mensajes FIPA ACL. Éste se ha implementado dentro del servicio de migración JIPMS para la plataforma JADE. Finalmente se han llevado a cabo un conjunto exhaustivo de tests para evaluar su rendimiento y compararlo con otros protocolos de migración existentes.In this project a mobile agents migration protocol for the IPMA architecture based on the transference of agents fragmented in several FIPA ACL messages has been designed. This protocol has been implemented in the migration service JIPMS for the JADE platform. Finally a comprehensive set of tests has been carried out in order to evaluate the migration performance and compare it with other existing migration protocols

Design and Implementation of Cast-as-Intended Verifiability for a Blockchain-Based Voting System

Digitization of electoral processes depends on confident systems that produce verifiable evidence. The design and implementation of voting systems has been widely studied in prior research, bringing together expertise in many fields. Switzerland is organized in a federal, decentralized structure of independent governmental entities. Thus, its decentralized structure is a real-world example for implementing an electronic voting system, where trust is distributed among multiple authorities. This work outlines the design and implementation of a blockchain-based electronic voting system providing cast-as-intended verifiability. The generation of non-interactive zero-knowledge proofs of knowledge enables every voter to verify the encrypted vote, while maintaining the secrecy of the ballot. The Public Bulletin Board (PBB) is a crucial component of every electronic voting system, serving as a publicly verifiable log of communication and ballots - here a blockchain is used as the PBB. Also, the required cryptographic operations are in linear relation to the number of voters, making the outlined system fit for large-scale elections