An agent-based approach to security service

Abstract

The tremendous growth of the network-centred (Internet and Intranet) computing environments requires new architecture for security services. Computer crimes are growing rapidly in these environments. In addition, these computing environments are open, and users may be connected or disconnected at any time. This makes computer security a necessity to all computer users. This paper presents a multi-agent system architecture for security services. The main objective of this system is to address some of the shortcomings that are present in contemporary security service systems that focused on providing solutions for specific security issues, such as authentication and authorization. Another objective is to provide a relatively complete security service solution to protect hosts and users. The proposed system architecture includes four types of agents: interface, authentication, authorization, and service provider agents (SPAs). The interface agents interact with the users to fulfill their interests. The authentication agents investigate the validity of using keystroke dynamics to strengthen security. The authorization agents make all decisions regarding who can access which resources and for what purposes. The SPAs offer different encryption services to different users. This paper provides the agents' architecture, design and implementations that enable them to cooperate, coordinate, and communicate with each other to provide a secure environment. A prototype of the system is implemented using the Java Agent Development Framework.