Path-history-based access control for mobile agents.

The mobility of agents is a distinct characteristic of mobile agent systems. Meanwhile, it has introduced new security issues. In this paper, we analyze the impact of an agent's path history (PH), as a resulting attribution of its mobility, on the access control decisions against it. The path could be an authorization basis. At the same time, the validity of the statically defined trust relationship with mobile agents is to be re-evaluated respecting where they have been, in which case the path information serves as a debasement of agents' trust degree and, therefore, weakens their privileges. To build a path-history-based access control model for the mobile agent application environment, path pattern and host patch are proposed here as conceptional components to declare the dynamic trust relationship with the migrating agents in a flexible and fine-grained manner. An integration of these two components with the well-known RBAC model is presented formally as a phRBAC model. Several application scenarios of phRBAC show its ability to enforce the special security policy in mobile agent environment. Some issues in implementing such a model are also discussed. [ABSTRACT FROM AUTHOR]