ArticlePDF Available

Towards improved trust and security in FIPA agent platforms

Authors:

Abstract and Figures

FIPA (Foundation for Intelligent Physical Agents) specifications are being proposed as the open standards for heterogeneous agency interaction. We examine the notions of trust and security inherent in the core or normative FIPA specifications and in the existing preliminary security specifications. We highlight its strengths and weaknesses and discuss the steps needed to improve security in the FIPA agencies. Keywords Multi-agent system security, agent standards, trust and facilitator agents.
Content may be subject to copyright.
A preview of the PDF is not available
... An open system is a system that allows new components, which may have been created by different parties or for different objectives, not known at design time, to interact at runtime (Poslad and Calisti 2000). An open multi-agent system (MAS) is an open system in which agents can join and leave freely (Demazeau and Rocha Costa 1996). ...
... Most research on secure MASs follows this approach. Poslad and Calisti (2000), Finin et al. (2002), Wang et al. (1999), Sun andChen (2011), Thirunavukkarasu et al. (1995) and Botelho et al. (2009) are some examples of using encryption to prevent MASs from malicious attacks. For instance, Poslad and Calisti (2000), Wang et al. (1999) and Odubiyi and Choudhary (2007) suggest security architectures for the IEEE FIPA agent standard by means of authentication, PKI and VPN. 3 Other prevention methods for secure MASs are: policy driven and secure development methodologies, e.g. ...
... Poslad and Calisti (2000), Finin et al. (2002), Wang et al. (1999), Sun andChen (2011), Thirunavukkarasu et al. (1995) and Botelho et al. (2009) are some examples of using encryption to prevent MASs from malicious attacks. For instance, Poslad and Calisti (2000), Wang et al. (1999) and Odubiyi and Choudhary (2007) suggest security architectures for the IEEE FIPA agent standard by means of authentication, PKI and VPN. 3 Other prevention methods for secure MASs are: policy driven and secure development methodologies, e.g. Mouratidis et al. (2003b). ...
Article
Full-text available
Open multi-agent systems (MASs) have growing popularity in the Multi-agent Systems community and are predicted to have many applications in future, as large scale distributed systems become more widespread. A major practical limitation to open MASs is security because the openness of such systems negates many traditional security solutions. In this paper we introduce and classify main attacks on open MASs. We then survey and analyse various security techniques in the literature and categorise them under prevention and detection approaches. Finally, we suggest which security technique is an appropriate countermeasure for which classes of attack.
... (Wong and Sycara 1999), (Idrissi, Souidi and Revel 2015) and (Ohno, et al. 2016) are some examples of using encryption to prevent MASs from malicious attacks. For instance, (Poslad and Calisti 2000), (Wang, Varadharajan and Zhang 1999) and (Odubiyi and Choudhary 2007) (Mouratidis, Giorgini and Weiss 2003) and (Hedina and Moradian 2015) that guarantee security requirements and design are integrated with system functionalities. Policy driven methodologies are based on applying security policies, which may be used for access control, e.g. ...
Article
Full-text available
When we wish to coordinate complex, cooperative tasks in open multi-agent systems, where each agent has autonomy and the agents have not been designed to work together, we need a way for the agents themselves to determine the social norms that govern collective behaviour. An effective way to define social norms for agent communication is through the use of interaction models such as those expressed in the Lightweight Coordination Calculus (LCC), a compact executable specification language based on logic programming and pi-calculus. Open multi-agent systems have experienced growing popularity in the multi-agent community and gain importance as large scale distributed systems become more widespread. A major practical limitation to such systems is security, because the very openness of such systems opens the doors to adversaries to exploit vulnerabilities introduced through acceptance of social norms. This paper addresses a key vulnerability of security of open multi-agent systems governed by formal models of social norms (as exemplified by LCC). A fundamental limitation of conventional security mechanisms (e.g. access control and encryption) is the inability to prevent information from being propagated. Focusing on information leakage in choreography systems using LCC, we suggest a framework to detect insecure information flows. A novel security-typed LCC language is proposed to prevent information leakage. Both static (design-time) and dynamic (run-time) security type checking are employed to guarantee no information leakage can occur in annotated agent interaction models. The proposed security type system is discussed and then formally evaluated by proving its properties. Two disadvantages of the pure dynamic analysis are its late detection and its inability to detect implicit information flows. We overcome these issues by performing static analysis. The proposed security type system supports non-interference, i.e. high-security input to the program never affect low-security output. However, it disregards information leaks due to the termination of the program.
... This is called definitional uncertainty. For instance, some authors define the term information security in terms of confidentiality, integrity and availability, whereas others add the concepts of non-repudiation and accounting to the definition (Poslad and Calisti 2000). ...
... FIPA defined a standard for security in MAS, but this standard soon became obsolete (FIPA, 1998). There have been some studies that consider this obsolete standard as a basis to analyze and propose guidelines for FIPA-based security standards (Poslad & Calisti, 2000;Poslad et al., 2003). However, there has not been another proposal for a security standard for FIPA platforms since the obsolete standard from 1998. ...
Article
Full-text available
Privacy has been a concern for humans long before the explosive growth of the Internet. The advances in information technologies have further increased these concerns. This is because the increasing power and sophistication of computer applications offers both tremendous opportunities for individuals, but also significant threats to personal privacy. Autonomous agents and Multi-agent Systems are examples of the level of sophistication of computer applications. Autonomous agents usually encapsulate personal information describing their principals, and therefore they play a crucial role in preserving privacy. Moreover, autonomous agents themselves can be used to increase the privacy of computer applications by taking advantage of the intrinsic features they provide, such as artificial intelligence, pro-activeness, autonomy, and the like. This article introduces the problem of preserving privacy in computer applications and its relation to autonomous agents and Multi-agent Systems. It also surveys privacy-related studies in the field of Multi-agent Systems and identifies open challenges to be addressed by future research.
... Bui, Venkatesh & Kieronska (1998) [3] demanded sharing of private knowledge of agents to each other for trust establishement. Poslad and Calisti (2000) [9] [4] proposed Web Service Agent Proxy (WSAP) based reputation and endorsement mechanism. However their approach doesn't address challenge of accountability of agents and also implementation of the proposed framework is left as part of future work. ...
Article
Full-text available
Contract Net Protocol (CNP) is FIPA standardized high level communication protocol which specifies the way software agents should follow while communicating. However it lacks methods for ensuring trust and reliability of the agents participating in the communication. In an earlier paper authors proposed a variation of CNP involving trust establishment feature into it, termed as Contract Net Trust Establishment Protocol (CNTEP). However, efficient communication can not be ensured unless the communicating counterpart is reliable. This fact provided the motivation for the present work, which extends CNTEP and incorporates reliability computation component in it.
... Much of the previous work deals with securing communication or infrastructure, or providing agent authentication. For example, Poslad and Calisti address the problem of securing the basic FIPA agent platform infrastructure, including integrity guarantees for communication with the agent management system and directory facilitator [8]. Zhang et al. also consider security issues in FIPA, providing mechanisms for authentication, secure communication, and resource monitoring [16]. ...
Conference Paper
Full-text available
This paper presents SAgent, a general-purpose mobile agent security framework that is designed to protect the computations of mobile agent applications in potentially hostile environments. SAgent works with the JADE (Java Agent DEvelopment) platform [6], a FIPA-compliant multi-agent environment. SAgent supports modular and mostly orthogonal development of agent protection techniques and secure agent applications, so protocols and applications can be developed independently of each other. To accomplish this, a clean conceptual framework is presented which encapsulates in several general class interfaces the common security functionality required by secure agent applications. Furthermore, implementations are provided for two secure multi-agent protocols, and we give experimental results showing the feasibility of these protections. While a few other research projects have examined protocols and techniques for protecting agents, these have been theoretical explorations. SAgent's goal is to bring these theoretical techniques into practice so that they can be experimented with and used, in the framework of a design generic enough to support both software-based and hardware-based protections. The abstractions are clean, giving a well-defined way for a new security provider to implement and experiment with new techniques for protecting mobile agents.
... The security of MASIF is dependent on Corba-IDL mechanisms[5]. To address the security issues, several independent efforts have been put forward by researchers[21], [22], [23] and [24]. ...
Conference Paper
Full-text available
Software Agents are autonomous piece of code that acts on behalf of its user to achieve the goals of the user. They are considered as one of the most vital components of semantic web. To facilitate the development of software agents for real world applications, a number of frameworks have been proposed. Over the years, we have seen the emergence of two agent's development standards i.e. FIPA and MASIF. These standards provide specifications and guidelines to developers of frameworks in constructing any agent framework. In this paper, we have provided a comparative study of existing agent standards i.e. FIPA and MASIF. We have highlighted their missing features and provided guidelines on how any agent developer can incorporate these missing features in building agent applications. Based on our study, we have concluded that these two standards are complementary to each other. We have also discussed the integration strategies that have been proposed in literature to combine these two standards.
... Instead, both the security layer and the basic layer in the agent platform — functional components such as ACC, AMS, DF, SACC and CGC, as well as the internal message communication of the platform — are regarded as safe. However, we differ slightly from the assumption in the FIPA specification discussed in [14] by considering trustworthy only those platforms known to a Certificate Authority (CA). In other words, we consider an unknown platform, or one without adequate proof (a digital certificate) from the CA, to be suspicious. ...
Article
In a highly heterogeneous computing environment, interoperability among different agent platforms is made possible by the Foundation for Intelligent Physical Agent (FIPA) specification. As long as they are all FIPA-compliant, agents of different systems or providers can communicate and interact directly using Agent Communication Language (ACL). However, neither the FIPA specification nor most of its implementations such as FIPA-OS (FIPA Open Source) fully address potential security threats to agents and agent platforms. In this paper, we discuss the security concerns in FIPA and propose a two-layer architecture to add security features: a basic FIPA-OS agent platform as the management and communication infrastructure, and a security layer as the security extension. This architecture provides agents with two security-related services: a secure communication service and a secure execution environment service. The secure communication service prevents any eavesdropping or interference from the outside network. The secure execution environment service protects server resources and agent services from unauthorized access. The architecture's design and components are also described in terms of the two security services.
... FIPA has recognised this and recently issued a request for work in the area [16]. [17] includes a very brief attempt to add security to a FIPA agent system, where it is suggested that the agent platform implements both authentication of agents and facilitators and the use of encrypted channels. However, no details are included, key management and how authentication should be done is not specified. ...
Article
Full-text available
The agent paradigm appears promising and much research has been devoted to it during the last decade. In this paper we consider security issues that need to be ad-dressed before multi-agent systems can be a viable solution for a broad range of commercial applications. We do this through considering the implications of the characteristics given to agents and general properties of open multi-agent systems. We then look at some past and present work that addresses security issues of multi-agent systems. Finally, we consider how existing security technology can be used to ad-dress the security issues, and where the gaps are most likely to appear.
... However, this provides secure agent communication at the transportation level only. The lack of security support by FIPA as well as the FIPA compliant Java Agent DEvelopment (JADE) platform [12] has been identified in [13] [14] [15]. The JADE-S [17] add-on of the JADE platform provides some degree of security support. ...
Article
Model-driven architecture (MDA) supports model-centred software development via successive model transformation. In MDA, the reusability of models is improved as well as the traceability of requirements. Agent-oriented model-driven architecture (AMDA) associates adaptive agents with a business-oriented interaction model and lets agents dynamically interpret their behaviour from the continuously maintained model via which the current business needs are deployed at runtime. The continuous re-interpretation rather than discrete re-transformation of models means immediate requirements deployment after re-configuration, no system down time being required to affect changes and results in a development process that is oriented to business experts rather than developers. Adopting the adaptive agent model, an AMDA paradigm, we put forward a security–aware model-driven mechanism by using an extension of the role-based access control (RBAC) model. For this purpose, the concept of agent role proposed in agent-oriented software engineering (AOSE) is integrated with the one proposed in RBAC. Agent duties are specified in an interaction model and describe the roles that agents can play to fulfil their functional responsibilities. Agent rights are specified in a security policy rule model attached to the interaction model and describe constraints upon agent capabilities caused by their associated social roles. The role-based interaction and policy-driven model incorporates both agent rights and duties. Hence, functional requirements and non-functional security constraint requirements are put together, related by the concept of role. Consequently, agents can continuously use the re-configurable model to play their roles in order to fulfil their responsibilities, and at the same time respect the security constraints. The major contribution from the approach is a method for building adaptive and secure MAS, following model-driven architecture. The approach is illustrated with an actual British railway management system.
Article
Full-text available
Multiagent systems (MASs) are societies whose individuals are software delegatees (agents) acting on behalf of their owners or delegators (people or organizations). When deployed in an open network such as the Internet, MASs face some trust and security issues. Agents comeand go, and interact with strangers. Assumptions about security and general trustworthiness of agents and their deployers are inadequate in this context. In this paper, the design of a security infrastructure is presented applicable to MASs in general. This design addresses both security threats and trust issues. In this design, there are mechanisms for ensuring secure communication among agents and secure naming and resource location services. And two types of trusts are addressed: trust that agents will not misbehave and trust that agents are really delegatees of whom they claim to be. To establish the first type of trust, deployers of agents are made liable for the actions of their agents; to establish the second type of trust, it is proposed that agents prove that they know secrets that only their delegators know.
Conference Paper
Full-text available
We present an overview of the Saga Security System. An agent in the Saga Security System is called a Saga Agent. The authorization model in the Saga Security System (the Saga authorization model) supports the novel concept of a service path and provides uniform and flexible protection appropriate for advanced computational models such as object-oriented systems and cooperative agent systems. The key features of the Saga Security System security mechanism are the use of an access token and a Security Monitor. Access tokens are implemented using public key technology and ensure the integrity of request messages issued by Saga Agents. One can regard the Security Monitor of a Saga Agent as a reference monitor for the agent. The security of a Saga Agent during its traversal over distributed environments is controlled by the Security Monitor integrated with the agent
Article
Full-text available
KQML is a message protocol and format for software agents to communicate with each other. In this paper we discuss the security features that a KQML user would expect and an architecture to satisfy those expectations. The proposed architecture is based on cryptographic techniques and would allow agents to verify the identity of other agents, detect message integrity violations, protect confidential data, ensure non-repudiation of message origin and take counter measures against cipher attacks. 1 Introduction KQML, Knowledge Query and Manipulation Language [1] is a communication language and protocol which enables autonomous and asynchronous agents to share their knowledge and or work towards cooperative problem solving. With the popularity of internet and the possibilities offered by the agent technology we can expect an explosion of agents in the internet. For KQML to be an effective agent communication protocol in such an environment, it should provide some means for agents to comm...
Article
Full-text available
Like middle-men in physical commerce, middleagents support the flow of information in electronic commerce, assisting in locating and connecting the ultimate information provider with the ultimate information requester. Many different types of middleagents will be useful in realistic, large, distributed, open multi-agent problem solving systems. These include matchmakers or yellow page agents that process advertisements, blackboard agents that collect requests, and brokers that process both. The behaviors of each type of middle-agent have certain performance characteristics---privacy, robustness, and adaptiveness qualities---that are related to characteristics of the external environment and of the agents themselves. For example, while brokered systems are more vulnerable to certain failures, they are also able to cope more quickly with a rapidly fluctuating agent workforce and meet certain privacy considerations. This paper identifies a spectrum of middle-agents, cha...
Article
Software agent technology will have a significant impact on the shape of the global information society in the next millennium. This branch of systems engineering is rapidly becoming a viable and exploitable technology where BT is well placed as both a potential user and provider of agent-based services and products. The highly interactive nature of multi-agent systems points to the need for consensus on agent interfaces in order to support interoperability between different agent systems. The completion and adoption of such a standard is a prerequisite to the commercialisation and successful exploitation of agent technology. This paper describes FIPA (Foundation for Intelligent Physical Agents) and its organisation. It provides an overview and guide to the FIPA97 specification. It discusses how FIPA relates to other agent standards activities and concludes with FIPA's plans for 1998.
Adding security and trust to multi-agent systems
  • H C Wong
  • K Sycara
Wong, H. C., and K. Sycara, "Adding security and trust to multi-agent systems", Proc. Autonomous Agents '99 workshop on deception, fraud and trust in agent societies, pp 146-161 (1999).
Secret Agents-A Security Architecture for the KQML Agent Communication Language
  • C Thirunavukkarasu
  • T Finin
  • J Mayfield
Thirunavukkarasu, C., Finin T, Mayfield, J., " Secret Agents-A Security Architecture for the KQML Agent Communication Language", CIKM'95 Intelligent Information Agents Workshop, Baltimore, ( December 1995).
Middleagents for the Internet
  • K Decker
  • K Sycara
  • M Williamson
Decker, K., K. Sycara and M. Williamson, Middleagents for the Internet, Proc. 15th Int. Joint Conf. on Artificial Intelligence, Nagoya Japan, pp 578-583, 1997.