基于数据迷乱和时间核查技术的移动代理保护的研究  被引量：2

作　　者：吴杰宏[1] 常桂然[2] 高福祥[3] 尹航[1,2] 

机构地区：[1]沈阳航空工业学院工程训练中心,沈阳110136 [2]东北大学计算中心,沈阳110006 [3]东北大学信息科学与工程学院,沈阳110006

出　　处：《计算机研究与发展》2009年第3期363-369,共7页Journal of Computer Research and Development

基　　金：教育部博士点基金项目(20030145017);国家"九七三"重点基础研究发展计划基金项目(2006CB303003)~~

摘　　要：移动代理(MA)是能够在异构网络中自主迁移的软件实体,它的迁移性和自治性很好地弥补了分布式技术的不足,具有广阔的应用前景;但移动代理安全性问题的存在,严重阻碍了它在实际中的应用.保护代理免受恶意主机的攻击是移动代理系统独有的安全问题.由于代理必须在主机环境中运行,有效解决该问题比较困难.提出一种基于迷乱代理数据变量和时间核查技术的移动代理保护方案,同时给出获得时间核查技术中主要数据的方法.该方案在实际网络管理环境中进行了验证,能够有效地识别恶意主机,移动代理的保护率达95%以上.Mobile agents （MA） are autonomous software entities that are able to migrate across heterogeneous network execution environments. Mobility and autonomy compensate the deficiencies of distributed technology pretty well. Thus, mobile agents have wide application prospects. But security is an important issue for the widespread deployment of mobile agents applications. Especially the protection of mobile agents from attacks of malicious hosts is a unique security problem of mobile agent systems. It is difficult to solve this problem because agent is completely exposed in remote host and it is easy to be isolated and attacked by the malicious host. A protection scheme of mobile agents based on obfuscated agent data variables and time checking technology is presented in this paper. A method of how to obtain related data in time checking is given also. The idea of the time checking is based on limiting the execution time of the MA on the destination hosts. The original host checks three inequalities for the security of the hosts on the itinerary during the execution of the MA. If any of them is not satisfied, the hosts on both sides are suspicious. Through this time checking scheme, all the malicious hosts can be detected. The protection scheme is tested in actual network management environment, which can effectively identify the malicious host. The MA protection ratio reaches over 95 %.

关 键 词：移动代理 数据迷乱 时间核查 安全 主动保护 

分 类 号：TP393.08[自动化与计算机技术—计算机应用技术]