Date of Award

Summer 8-2007

Degree Type

Dissertation

Degree Name

Doctor of Philosophy (PhD)

Department

Computing

Committee Chair

Dr. Dia Ali

Committee Chair Department

Computing

Committee Member 2

Dr. Adel Ali

Committee Member 2 Department

Computing

Abstract

Mobile code has, for some time, been an intriguing area of research. Unfortunately, it has not propagated much to real-world applications primarily due to serious security concerns associated with processes that possess the capability to move across administrative domains (e.g. mobile intelligent agents). In order to ensure the future success and safety of mobile code, it is imperative that comprehensive mechanisms be developed that permit thorough modeling and analysis of such systems. The use of formal methods to give software meaningful function and performance guarantees is becoming more widespread as the staggering cost of software bugs increases. Using formal methods provides opportunities to experiment with complex systems in order to ultimately prove their functionality, thus offering some sort of validity guarantee. API Calculus stands out in a sea of similar modeling tools as particularly adept at modeling mobile agents and multi-agent systems (MAS). We propose to extend the API Calculus to include the capability to model the security of mobile agents (and agent hosts). We introduce the API-S Calculus as an extension to the API Calculus. In this calculus, we introduce several new and unique constructs that provide mechanisms to formally model cryptographic protocols and various security techniques unique to the mobile intelligent agent paradigm. We introduce Q-terms and ^-processes which allow the detailed analysis of various cryptographic protocols. Moreover, we provide a way to more accurately model realistic distributed computational systems by introducing the milieu listener, a form of agent broadcast. We extend the concepts of milieu, knowledge unit, and term as defined in the API Calculus in order to impart our calculus with the added flexibility to provide the mechanisms necessary to model and analyze the security of interacting mobile agents, particularly with respect to MAS. Furthermore, these extensions will support accurate modeling of the security of mobile intelligent agents while distinguishing between groups of cooperating agents, thus providing the tools necessary to model a common security model for a group of mobile agents working together to perform some computational task. The need to formally model a MAS initially motivated the development of the API-S Calculus. This multi-agent fuzzy logic framework-termed DDI (Defense Data Integration)- ultimately provides a fused input to an external inclusive decision support system. The framework utilizes mobile intelligent agents to collect, sort, filter, and fuse heterogeneous data for inclusion in the fuzzy logic engine. The unique security requirements of DDI provided the primary motivation for the design of the API-S Calculus. The lack of a formal modeling tool that can capably model MAS and the intrinsic security characteristics of such systems furthermore motivated the development of the API-S Calculus. We ultimately show how the calculus can be used to accurately model the DDI framework as well as numerous cryptographic protocols and security techniques relevant to the mobile intelligent agent paradigm.

Share

COinS