18th Annual Computer Security Applications Conference
December 9-13, 2002
Las Vegas, Nevada

Enforcing Resource Bound Safety for Mobile SNMP Agents

Weijiang Yu and Aloysius K. Mok
University of Texas at Austin

The integration of mobile agents with SNMP creates significant advantages for the management of complex networks. Nevertheless, the security concerns of mobile agent technology limit its acceptance in practice. A key issue is to safeguard resource usage abuse by malicious or buggy mobile agents on the hosting system. This paper describes how the TINMAN architecture, a framework and a suite of tools for enforcing resource safety of mobile code is applied to mobile SNMP agents. TINMAN uses resource-usage checking tools consisting of a resource bound predictor, a usage certification generator and a verifier at compile-time, and certificate validation and monitoring tools at run-time. The paper shows how TINMAN tools can provide 100% coverage by a combination of off-line static analysis and run-time monitoring in enforcing safety on resource consumption of mobile SNMP agents. Experimental results from the current TINMAN implementation are given

Keywords: Resource safety, Mobile Agents, SNMP

Read Paper Read Paper (in PDF)