• Open Access

TPM-based protection for mobile agents



Mobile agent is a promising paradigm for emerging ubiquitous computing and ambient intelligent scenarios. We believe that security is the most important issue for the widespread deployment of applications based on mobile agent technology. Indeed, community agrees that without the proper security mechanisms, use of mobile agent-based applications will be impossible. From our perspective, the security problem in mobile agents is the gathering of two subproblems; the problem of the agent protection and the problem of the host protection. This paper presents a hardware-based mechanism focused on solving the protection of the agent problem, which is a well known problem named the ‘malicious host’. The solution presented in this paper bases its security in the trust and the security functionalities provided by the trusted platform module (TPM). Thus, migration process of mobile agents is protected when it actually takes place. A complete description of the secure migration can be found in the secure migration protocol section of this paper. Moreover, a validation of this protocol was performed by means of the AVISPA tool suite. Additionally, a first study about the use of an alternative protocol as the direct anonymous attestation protocol was done. Finally, the result of this work is the Secure Migration Library for agents (SecMiLiA), which is completely described in following sections. Copyright © 2010 John Wiley & Sons, Ltd.