Agent Based System To Solve Issues In Telecomm Network Management Systems

Agent-based software systems are very problematic with respect to security, since the principle of mobile code brings new problems for system security, reliability, and safety. Not very long ago, there was a widespread belief that an interpreted program is already a safe program.

 However, over time, mobile agent people became concerned about security and regard it today to be one of the biggest obstacles that have prevented wider employment of mobile agents. There are three basic problems in agent-based systems: firstly, the hosts must be protected from potentially harmful agents, second, the roaming agents must be protected against manipulation from the visited hosts, and third the overall behavior of an agent-based system must be controlled.

Although, in principle, it is possible to secure a host against mobile agents, the price might be very high: hardware-based protection, reduced flexibility, and high cost. It is fundamentally impossible to protect an agentagainst a malicious host if no trusted hardware is available. 

There is a need for security profiles for agent execution environments to make informed judgments about tradeoffs between security and other desired features. The current state-of-the-art still fails to deliver an acceptable approach to cope with these problems: available technology (like sandbox-approaches, cryptography) can cover only certain aspects, and even fails to solve these aspects sufficiently. 

A sound overall concept to cope with the problems seems not yet in sight. Mobile agents constitute an active research field and security of mobile code is (still) an area for further research. It seems therefore prohibitive to fully opening Telecommunications networks for agents at this point. Even running only proprietary agents within controlled and isolated networks seems risky, since there is in practice no way to rigorously control a network beyond a certain size.

 It is not sufficient to come up with attractive applications based on mobile agents. What is also needed is an applicable concept for coping with the inherent security problems. Such an overall concept must meet very strong requirements, otherwise it will not be accepted where real money comes into play. 

Clearly, no running system can be 100% secure, and one has to compromise. In companies, however, compromises are governed by economic considerations: the potential earning must (at least in the long run) outweigh the costs, and the risk involved must be assessable. Thus, from a TNM’s perspective, the future of commercial applications of mobile agents is hardly predictable; what is predictable, however, is a promising future for security experts.