Security of mobile agents on the Internet

The Internet is an open and global programming environment where applicatio ns and services mostly follow the traditional client/server model. The use of new programming paradigms based on mobile entities, such as mobile agent s (MA), can accelerate the process of diffusion of new applications and ser vices in the areas of e-commerce, network and systems management, and mobil e computing. However, the lack of security is one of the main obstacles to a wide diffusion of MA. On the one hand, mobility increases the potential o f security breaches because of the injection of possibly malicious MAs; on the other hand, it introduces the new issue of protecting MAs against integ rity and secrecy attacks from their execution environments. This paper disc usses the security issues introduced by the MA technology and proposes a se curity architecture composed of a wide set of services and components, whic h adequately fulfil the requirements of several application areas. The impl ementation of the security framework in the secure and open MA system has p rovided the support for the development of a secure electronic marketplace prototype that demonstrates the effectiveness of adopting the MA technology in the Internet environment.