SIATA

Competence Center: Security
Contact: Prof. Dr. Sahin Albayrak, Dr. Karsten Bsufka
Partner: Deutsche Telekom, T-Nova Deutsche Telekom Innovationsgesellschaft mbH Berkom

 

The development of modern telecommunication applications with agent technology raises a lot of security issues in regard to data access and program control flows. This is especially the case when agents act as proxies for real life entities in financial transactions. The goal of the project "Security Infrastructure for Agent-based Telecommunication Applications" (SIATA) is to develop a security infrastructure for the agent framework JIAC, which is developed within in the sister projects AARFTA and MIATA. This infrastructure will turn JIAC into a secure development and execution environment for modern agent-based telecommunication applications.

Goal

The project SIATA has three main goals for the development of security mechanisms for the agent framework JIAC:

  1. The security mechanisms are embedded within in the core architecture and not a mere add-on.
  2. The designed security mechanisms are based on established security standards and techniques.
  3. An easy to extend and flexible library of security mechanisms should be offered to developers of JIAC-based applications.

The fulfilment of these three goals ensures the development of secure and modern telecommunication application with JIAC.

Implementation

SIATA develops security mechanisms for the different layers within an agent-based application:

  • Runtime environment: JIAC is a Java-based agent architecture. Thus, SIATA will use the Java security mechanisms to secure agents and agent platforms running in a Java Virtual Machine.
  • Single agent: At this layer, it is possible to configure basic security settings, e.g. adding private and public keys to an agent and select trustworthy certification authorities. SIATA will support the X.509 standard for public key infrastructures. A single agent is also responsible for the observation and the enforcement of his security policy. One aspect of an agent security policy is access control to services offered to other agents.
  • Agent community: This layer addresses the protection of communication channels and mobile agents. Communication between agents will be protected on the transport layer and on the application layer. SSL will be used at the transport layer; the additional protection on the application layer is required to enable communication between agents which use a FIPA-compliant Agent Communication Channel (ACC). The protection of mobile agents relies on trust relationships between agent platforms and special agent migration protocols, which take these relationships into account.

SIATA was the first project concerning security mechanisms for JIAC. These mechanisms were extended and refined in follow-up projects, and developer tools added. As a consequence, the JIAC version 4.3.11 was certified after Common Criteria EAL 3.