Journal of Mobile, Embedded and Distributed Systems, vol. I, no.

1, 2009 ISSN 2067 4074

Mobile Agents Systems in Wireless Applications Mihaela MUNTEAN

Faculty of Economic Sciences Department of Business Informatics Timisoara West University, Romania mihaela.muntean@fse.uvt.ro
Abstract: The paper presents an introduction in the Mobile Agents Systems and describes how this technology

can be used in wireless applications. Also it is shown the possibility of securing wireless applications that use mobile agents and distributed computing. Wireless networks are a relatively new technology in the LAN market. With the weak encryption and security defined in the IEEE standards, wireless LANs, when improperly deployed or administered, can provide a significant risk to those economic sectors. These sectors include health-care, government, and banking in particular. Increasingly diverse heterogeneous wireless infrastructures in combination with more narrowly defined roles of parties participating in the delivery of applications to mobile users pose new challenges for support for delivering these applications.

Key-Words: mobile agents, artificial intelligence, intelligent agents, wireless applications.

1. Mobile and intelligent agents

Mobile software agents are a new concept used in distributed systems and this concept is based on human agents idea real estate agent, travel agent. Figure 1 presents a new vision about intelligent agents.

A New Development Technology

Distributed Systems Mobile Code Information Retrieval Data Structures

AGENTS
Database & Knowledge base Technology Machine Learning AI & Cognitive Science

Security cryptographic Technology

Structured Programming 1975 -> Objects 1982 -> Agents 1998 Vision of Tim Finin, 1998 A new vision, 2006

Fig. 1. Agents a new development technology This concept presents some advantages like: natural and easy-to-understand mechanism to describe a variety of applications and a powerful metaphor for designing and implementing complex software systems, since multiple cooperating agents can be used to solve very formidable problems. In figure 1 it is shown the concepts from computer science which cooperate in developing agents concept. Some example of agent applications are: user-interface agents Microsoft Office Assistant, Microsoft Agents; Page 13

Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009 ISSN 2067 4074 personal (expert) assistants calendar managers and investment assistants; e-commerce agents travel and shopping agents; network management; business process agents data driven workflow management; Information management agents email filtering, web browsing, notification and resource discovery agents.

An agent is a computer system, situated in some environment that is capable of flexible autonomous action in order to meet design objectives (Jennis, Sycara and Wookbridge, 1998). Summarizing some characteristics, it is told that an agent is: Autonomous proactive, goal-directed, long-lived; Adaptive adapt to their environment and users and learn from their users, other agents and their own experience; Cooperative cooperates with human agents and other software agents, utilize various agent communication languages, advertise their capabilities and understand the capabilities of other agents. In the figure 2 it is exhibit the types of software agents.

Types of Software Agents

Intelligent Agents

Collaborative Learning Agents

Cooperative

Adaptive

Autonomous
Collaborative Agents Vision of Hyachinth Nwana, 1996
Fig. 2. Types of software agents

Interface Agents

In software distributed applications it is preferred to use software agents because: they reduce human work many task can be performed faster and more accurately by a software agent; handle information overload agents can automatically sift through the vast amounts of unstructured information available on the networks; and provide a new, more powerful methodology to develop complex software systems. In real heterogeneous distributed applications there are used two types of mobile software agents: stationary agents executes only on the system where it begins execution and if it needs information on another system, or needs to interact with an agent on another system, it use client-server communication mechanism such as socket programming, RPC, RMI, DCOM or CORBA Page 14

Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009 ISSN 2067 4074 mobile agent not bound to the system where it begins execution, can move from one system to another within network and transports both its state and its code with it.

In the figure 3 it is present the difference between client-server, remote execution, mobile code and mobile agent approach. The mobile code exposes that the code is obtained from a remote, possibly un-trusted system, which is executed on your local system web applets, executable email attachments, proxies downloaded as part of a distributed object technology, such as Java RMI or Jini. In a general sense, mobile agents are also mobile code, since, from the view of the system receiving the mobile agent, code is being downloaded to it. The following analogy is applied in Java technology in figure 12.3: the Workshop is JVM in that is executed Java byte-code for building response, the phrases of type Tell me how to build a car is a HTTP request, CarPlan is byte-code and the image with the car is the result that is also a HTTP response or a Java object; mobile code approach corresponding to Java applets.

Client-Server
Host A Build me a car Car Plans Workshop CAR Host B Host A

Remote Execution
Host B Build me a car. Take Car Plans Workshop CAR

Client Mobile Code

Host A Tell me how to build a car Workshop Car Plans

Server
Host B

Client
Host A Agent Genera tor Let me use your workshop to build a car Client Code Car Plans

Server Mobile Agent

Host B

Workshop

Client

Server

Client Computer

Server

Fig. 3. Different approach for building distributed systems Strong and weak mobility used in agent theory is translate that the strong mobility means migration of agent code, data and execution state and the weak mobility means migration of only the agent code and data. It is obvious that strong mobility is difficult to accomplish because: first if the agent code is interpreted, access to the execution state is difficult to obtain and second if the agent code is compiled before execution, the execution state is represented by the stack of program. Transporting the stack and rebuilding it on a different host, which can be an entirely different architecture, is a not easy task.

2. Mobile and intelligent agents features

In order to use a dedicated terms in mobile agent technology it is shown the most used terms and their meanings [2]: Page 15

Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009 ISSN 2067 4074 Agent Mobility - the ability to transport agents between computers; Agent Naming - the ability to assign globally unique names to agents to distinguish one agent from another; Agent Authentication - the ability to authenticate the identity of the owner (authority) of an agent; Agent Permissions - the ability to assign permissions to agents that restrict access to data and unintended consumption of computer resources. Selected agents may have the ability to grant permissions to other agents or renegotiate their own set of permissions; Agent Collaboration - the ability to request and respond to requests for establishing a meeting with another agent. Agents should also have the ability to begin and end meetings with other agents and enforce rules for the meetings; Agent Creation - the ability for agents to create other agents locally and remotely. New agents may have the authority of the existing agent and either the same permissions or a subset of them; Agent Life Cycle - the ability to control the life-span of agents by age and resource consumption; Agent Termination - the ability to terminate agents gracefully, thereby allowing them to notify other agents they are collaborating with; Agent Staging - the ability to write to disk agents that must wait for long periods of time for events to occur; Agent Persistence - the ability to checkpoint agents to disk so that they survive crashes on their host computers; Agent Interaction - the ability for related agents to interact. The means of interaction might depend upon whether the agents occupy the same or different computers; Agent Management - the ability to manage a collection of agents in the system Agent Tracking - the ability to track and locate agents that have migrated to other computers; Agent Debugging- the ability to monitor and log agent activities and exceptions.

So after Danny Lange there are seven good reasons to use mobile agents: reduce network load, overcome network latency, encapsulate protocols, execute asynchronously and autonomously, adapt dynamically, are naturally heterogeneous, are robust and fault-tolerant. An important issue is that there is still no killer application for mobile agents. Also important is to securing mobile agents in order to perform their task using new cryptographic techniques. The security issues with mobile agent systems are: Masquerading o Agent poses as another agent to gain access to services or data at a host. o Host assumes false identity in order to lure agents. Denial of Service o Agents may attempt to consume or corrupt an hosts resources to preclude other agents from accessing the hosts services. o Hosts can ignore an agents request for services or access to resources. Unauthorized Access o Agents can obtain access to sensitive data by exploiting security weaknesses. o Agent interferes with another agent to gain access to data. Eavesdropping

Page 16

Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009 ISSN 2067 4074 With agents that are interpreted, the host can inspect their internal algorithms and data, such as the maximum price the agents owner is willing to pay for item X. Alteration o Hosts can change an agents internal data or results from previous processing to influence the agent. Repudiation o After agreeing to some contract, an agent can subsequently deny that any agreement ever existed or modify the conditions of the contract. o

Mobile agent systems (Aglets, Voyager, Mole, Jumping Beans, HIVE) are developed from distributed object technologies (RPC, RMI, CORBA, Jini, JavaSpace) and it is relatively easy to use in computer network. In mobile phone networks wireless and in another kind of network the software agent can be limited to travel across network. For example from a mobile phone that implements MIDP 1.0 or 2.0 the socket programming it is not allowed it is impossible to create an environment for agent. All the things the mobile applications can do is to send messages to the place where the software agent is running and also these messages will be HTTP requests. If the mobile phone implements MIDP 2.0, have SymbianOS or run applications in Java smart card, it is quiet possible to make call of remote procedures using socket programming ensure migration of calculus and also send/receive messages ensure data migration.

3. A sample architecture for mobile agents applications

The privacy and security in wireless and mobile application is very important but is different from the point of view of designing and building in two approaches: using a defined security protocol or using mobile agents than encapsulate the protocol. For a better understanding it is studied in this part of paper the mobile application eBroker using two kind of approach. In this moment m-application is in version 1 [6] eBroker v1.0. The m-application will be used in financial field and it is composed from many modules. The entire architecture can be seen in picture 4. The application realizes the transactions with capital stocks depending of stocks quota. In this version it is used communication protocols between applications modules instead mobile agents. The protocols use XML format (eXtended Markup Language), and the format is validate using DTD (Document Definition Type) or XML Schema (the communications between applications modules deployed in banks, application server and stock markets are in XML format). There are few conditions that have to be fulfilled for the architecture from figure 4: The mobile device must have WAP connection, WAP browser and to implement MIDP 1.0 or better. The link between mobile network and local network LAN or Internet it is through WAP Gateway (a program that is running for translate data packets between TCP/IP stack protocols and WAP stack protocols). Before WAP Gateway there is a GSM modem which it is linked to gateway using serial or parallel port; on the same computer with WAP Gateway is running a RAS (Remote Access Server) that will take the phone calls for WAP connections. Using RAS the WAP data packets arrive at WAP Gateway and after that they are transformed in TCP/IP data packets. The application server analyze the requests of data and information and answer if it is possible (eBroker v1.0 application server is a WEB Server Jakarta Apache Tomcat 4.0.1 which have JSP and servlet containers and treat the HTTP requests that ar coming from Page 17

Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009 ISSN 2067 4074 mobile device m-application eBroker and the answers are send back via HTTP-WAP to m-application midlet).

Bank DB

Bank Server

Internet or LAN

Data Wherehouse or Databases

= Software Agents, malicious or not

Distributed Computing

WAP Gateway

Application Server eBroker JavaServlet

, CORBA, JSP, ASP, PHP, Web Services .NET

Fig. 4. General framework of eBroker v1.0

A user using eBroker v1.0 application can view quotes stocks from different stocks markets and can sell and buy using his bank account. Each client has an authentication password and ID. Using the password the eBroker server generates a secret key that is stored in servers database.

4. Conclusions
Wireless technologies can face inherent technical vulnerabilities when improperly deployed or administered. However, these technologies do not represent a specific threat to privacy any more than other technologies, and have not as yet been specifically addressed in existing legislation and regulation. Privacy represents a higher level, information flow discipline that extends to roles, definitions, collection, and disclosure of specifically defined, often industry specific, personal information. Wireless networks will simply serve as another avenue of access to this information. Understanding information flow across these infrastructures, combined with established restrictions on access, transmission, and dissemination, should drive any potential deployments of these new technologies.

References
[1] [2] [3] [4] A. Aquilon, G. Bage, A. Danne, J. Gabrielsson, and S. Willehadson, Mobile agent-architecture for robust services - Mars, World Telecommunications Congress (WTC/ISS2000), May 2000. Bob Tarr, Danko Nebesh, Sterling Foster, Introduction to Mobile Agent Systems and Applications, Department of Defense Presentation, USA 2000. Scott Fluhrer, Itsik Mantin, and Adi Shamir, Weaknesses in the KeyScheduling Algorithm of RC4, Eighth Annual Workshop on Selected Areas in Cryptography, August 2001 Ion Ivan, Paul Pocatilu, Cristian Toma, Alexandru Leau, e3-com, Informatic Page 18

Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009 ISSN 2067 4074 Economic Nr. 3(19)/2001, Bucuresti 2001 [5] [6] [7] [8] [9] [10] Ion Ivan, Cristian Toma, Requirements for building distributed informatics applications, The Automatics and Computer Science Romanian Magazine, vol. 13, No. 4, November 2003 Ion Ivan, Paul Pocatilu, Marius Popa, Cristian Toma, The reliability of mapplications based on transactions, The Automatics and Computer Science Romanian Magazine, vol. 13, No. 2, September 2003 Jini Technology Internet Resources http://www.sun.com/jini/ http://www.jini.org/ Arnold, OSullivan, Scheifler, Waldo, Wollrath, The Jini Specification, Addison Wesley, 1999 T. Kanter, Adaptive Personal Mobile Communication, Service Architecture and Protocols, Doctoral Dissertation, Department of Microelectronics and Information Technology, Royal Institute of Technology (KTH), November 2001 RMI Technology http://java.sun.com/products/jdk/rmi/

Page 19