Skip to Main Content
Authorization decisions are a critical security concern in today's distributed large information systems. These authorizations are significantly different from those in centralized or smaller systems. Mobile agent technology on the other hand provides a useful tool to explore and facilitate information sharing in distributed systems. However, agents are often restricted by the security problems related to the large scale distributed systems and the multi-user operating system environments within they usually operate. This article provides a suitable framework for authorizing mobile agents where an outsized and dynamic set of principals forming a virtual organization (VO), with mutual mistrust between them, has to rely on pieces of application code which autonomously migrate and execute on consecutive hosts. The role based access control model (RBAC) is used for dynamically assigning security roles to visiting agents on each hosting platform. The proposed methodology is particularly suitable for handling authorizations in VOs.
Date of Conference: 11-14 Oct. 2005