API-S Calculus: Formal Modeling for Secure Mobile Intelligent Agent Systems


Jean Gourd

Date of Award


Degree Type


Degree Name

Doctor of Philosophy (PhD)



First Advisor

Dia Ali

Advisor Department



Mobile code has, for some time, been an intriguing area of research. Unfortunately, it has not propagated much to real-world applications primarily due to serious security concerns associated with processes that possess the capability to move across administrative domains (e.g. mobile intelligent agents). In order to ensure the future success and safety of mobile code, it is imperative that comprehensive mechanisms be developed that permit thorough modeling and analysis of such systems. The use of formal methods to give software meaningful function and performance guarantees is becoming more widespread as the staggering cost of software bugs increases. Using formal methods provides opportunities to experiment with complex systems in order to ultimately prove their functionality, thus offering some sort of validity guarantee. API Calculus stands out in a sea of similar modeling tools as particularly adept at modeling mobile agents and multi-agent systems (MAS). We propose to extend the API Calculus to include the capability to model the security of mobile agents (and agent hosts). We introduce the API-S Calculus as an extension to the API Calculus. In this calculus, we introduce several new and unique constructs that provide mechanisms to formally model cryptographic protocols and various security techniques unique to the mobile intelligent agent paradigm. We introduce Ω-terms and Ω-processes which allow the detailed analysis of various cryptographic protocols. Moreover, we provide a way to more accurately model realistic distributed computational systems by introducing the milieu listener , a form of agent broadcast. We extend the concepts of milieu, knowledge unit , and term as defined in the API Calculus in order to impart our calculus with the added flexibility to provide the mechanisms necessary to model and analyze the security of interacting mobile agents, particularly with respect to MAS. Furthermore, we believe that these extensions will support accurate modeling of the security of mobile intelligent agents while distinguishing between groups of cooperating agents, thus providing the tools necessary to model a common security model for a group of mobile agents working together to perform some computational task. The need to formally model a MAS initially motivated the development of the API-S Calculus. This multi-agent fuzzy logic framework-termed DDI (Defense Data Integration)--ultimately provides a fused input to an external inclusive decision support system. This framework utilizes mobile intelligent agents to collect, sort, filter, and fuse heterogeneous data for inclusion in the fuzzy logic engine.