- Can anyone unauthorized intercept messages between agents? (Encryption)
- Can an unauthorized agent obtain information to which it is not
entitled? (Authentication)
- Can an agent cause action or change state in other agents (Authentication +
secure representation of privileges, also suggests need for audit trails
and mechanisms for saving state and backing up to previous states)
-- Bob
_______________________________________________________________________________
From: Timothy Finin on Tue, Aug 9, 1994 10:58 AM
Subject: Re: security and intelligent agents across networks
To: Christine@trefoyle.demon.co.uk
Cc: kqml@cs.umbc.edu; agents@aic.lockheed.com
In article <776430941snz@trefoyle.demon.co.uk> you write:
>I am interested in information about security for intelligent agents
>across networks, and would appreciate any you can send me. I will post
>a summary on whatever I receive.
I don't think much has been done. I think there are different issues,
depending on your model of agent interaction. One model (the more
common) has agents sending each other declarative messages. The other
model has agents moving from platform to platform or at least sending
each other more procedural messages which are to be "executed" by
other agents.
In the declarative message model, we've discussed some basic security
measures for the KQML agent communication language
("http://www.cs.umbc.edu/kqml/") but nothing has been written up on it
yet alone implemented. There is a clear need for both agent
authentication and privacy of communication. It may turn out that most
or even all of the issues are best dealt with by the low-level
message transport layer. For example, HTTP has built-in provisions
for security and could be used to transport messages between agents.
I' not familiar with the security features of other distributed
processing/messaging frameworks (e.g., CORBA, OLE, ToolTalk), but
most will have to address security later if not sooner.
The TeleScript language of General Magic is an example of an agent
model in which agents remotely execute on a number of platforms. It
has been designed with security in mind, but the concern seems to be
to allay fears that an agent might do mischief or introduce viruses.
Both of these models are important since, in practice, even a language
like KQML+KIF can allow one to encode requests for a receiving agent
to place inference rules in its knowledge base.
Tim
_______________________________________________________________________
Send mail to majordomo@cs.umbc.edu to subscribe/unsubscribe to the kqml
mailing list. Send a message with the body "help" for more information.
Archives are at http://www.cs.umbc.edu/kqml/mail/