Abstract
Multi-agent systems have attracted the attention of researchers because of agents’ automatic, pro-active, and dynamic problem solving behaviors. Consequently, there has been a rapid development in agent technology which has enabled us to provide or receive useful and convenient services in a variety of areas such as banking, transportation, e-business, and healthcare. In many of these services, it is, however, necessary that security is guaranteed. Unless we guarantee the security services based on agent-based systems, these services will face significant deployment problems. In this paper, we survey existing work related to security in multi-agent systems, especially focused on access control and trust/reputation, and then present our analyses. We also present existing problems and discuss future research challenges.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Abadi M, Burrows M, Lampson B, Plotkin G (1992) A calculus for access control in distributed systems. In: Feigenbaum J (eds) CRYPTO 1991, LNCS 576. Springer, Berlin, pp 1–23
Abdul-Rahman A (2005) A framework for decentralised trust reasoning. Ph.D. Thesis, Department of Computer Science, University College London, UK
Abdul-Rahman A, Hailes S (2000) Supporting trust in virtual communities. In: Proceedings of the 33rd international conference on system sciences. IEEE Computer Society, p 6007
Aglets (2002) Aglets. http://www.trl.ibm.com/aglets/. Accessed 1 Apr 2011
Arts D, Gil Y (2007) A survey of trust in computer science and the semantic web. J Web Semant 5: 58–71
Bäumer C, Magedanz T (1999) Grasshopper—a mobile agent platform for active telecommunication networks. In: Albayrak S (eds) Intelligent agents for telecommunication applications, LNCS 1699. Springer, Berlin, pp 19–32
Bell DE, La Padula L (1976) Secure computer system: unified exposition and multics interpretation. ESD-TR-75-306 ESA/AFSC, The MITRE Corporation
Berkovits S, Guttman JD, Swarup V (1998) Authentication for mobile agents. In: Vigna G (eds) Mobile agents and security, LNCS 1419. Springer, Berlin, pp 114–136
Bertino E, Bonatti PA, Ferrari E (2001) TRBAC: a temporal role-based access control model. ACM Trans Inf Syst Security 4(3): 191–233
Beydoun G, Gonzalez-Perez C, Henderson-Sellers B, Low G et al (2006) Developing and evaluating a generic metamodel for MAS work products. In: Garcia A (eds) Software engineering for multi-agent systems IV, LNCS 3914. Springer, Berlin, pp 126–142
Beydoun G, Low G, Mouratidis H, Henderson-Sellers B (2009) A security-aware metamodel for multi-agent systems (MAS). Inf Softw Technol 51: 832–845
Boella G, van der Torre LWN (2004) Permission and authorization in policies for virtual communities of agents. In: Proceedings of the 3rd international workshop on agents and peer-to-peer computing, pp 86–97
Borselius N (2002) Mobile agent security. Electron Commun Eng J 14(5): 211–218
Bresciani P, Giorgini P, Giunchiglia F, Mylopoulos J, Perini A (2004a) TROPOS: an agent-oriented software development methodology. J Auton Agents Multi Agent Syst 8(3): 203–236
Bresciani P, Giorgini P, Mouratidis H, Manson G (2004b) Multi-agent systems and security requirements analysis. In: Proceedings of software engineering for multi-agent systems, LNCS 2940. Springer, Berlin, pp 35–48
Bürkle A, Hertel A, Müller W, Wieser M (2009) Evaluating the security of mobile agent platforms. Auton Agents Multi Agent Syst 18(2): 295–311
Chandran SM, Joshi JBD (2005) LoT RBAC: a location and time-based RBAC model. In: Proceedings of the 6th international conference on web information systems engineering (WISE 2005)
Chess D, Harrison C, Kershenbaum A (1996) Mobile agents: are they a good idea? In: Proceedings of 2nd international workshop on mobile object systems, LNCS 1222. Springer, Berlin, pp 25–47
Covington M, Fogla P, Zhan Z, Ahamad M (2002) A context-aware security architecture for emerging applications. In: Proceedings of the 18th annual computer security applications conference, pp 249–258
Cremonini M, Omicini A, Zambonelli F (2000) Coordination and access control in open distributed agent systems: the TuCSoN approach. In: Porto A, Roman GC (eds) Coordination languages and models, LNCS 2906. Springer, Berlin, pp 369–390
Damiani M, Bertino E, Catania B, Perlasca P (2007) GEO-RBAC: a spatially aware RBAC. ACM Trans Inf Syst Security (TISSEC) 10(1): 1–42
Farmer WM, Guttman J, Swarup V (1996) Security for mobile agents: authentication and state appraisal. In: Proceedings of the 4th European symposium on research in computer security, pp 118–130
Ferber J (1999) Multi-agent system: an introduction to distributed artificial intelligence. Addison Wesley Longman, Harlow
FIPA (2002a) FIPA abstract architecture specification, SC00001L. http://www.fipa.org/specs/fipa00001/SC00001L.pdf
FIPA (2002b) FIPA agent massage transport service specification, SC00067F. http://www.fipa.org/specs/fipa00067/SC00067F.pdf
FIPA (2002c) FIPA MAS security white paper, f-out-000113
FIPA (2004) FIPA agent management specification, SC00023K. http://www.fipa.org/specs/fipa00023/SC00023K.pdf
Fischmeister S, Vigna G, Kemmerer RA (2001) Evaluating the security of three Java-based mobile agent systems. In: Proceedings of the 5th international conference on mobile agents, pp 31–41
Franklin S, Graesser A (1996) Is it an agent, or just a program? a taxonomy for autonomous agents. In: Proceedings of the workshop on intelligent agents III, LNCS 1193. Agent Theories, Architectures, and Languages, London, pp 21–35
Ghanea-Hercock RA, Gifford I (2001) Top-secret multi-agent systems. Electron Notes Theor Comput Sci 63: 77–90
Grandison T, Sloman M (2000) A survey of trust in internet applications. IEEE Commun Surv Tutor 3(4): 2–16
Greenberg MS, Byington JC, Harper DG (1998) Mobile agents and security. IEEE Commun Mag 36(7): 76–85
Griffiths N (2005) Task delegation using experience-based multi-dimensional trust. In: Proceedings of AAMAS’05, Utrecht, Netherlands, pp 489–496
Hohl F (1998) Time limited blackbox security: protecting mobile agents from malicious hosts. In: Vigna G (eds) Mobile agents and security, LNAI 1419. Springer, Berlin, pp 92–113
Hu Y, Tang C (2003) Agent-oriented public key infrastructure for multi-agent E-service. In: Proceedings of the 7th international conference on knowledge-based intelligent information and engineering systems, pp 114–136
Huynh D (2009) A personalized framework for trust assessment. In: Proceedings of ACM symposium on applied computing, Honolulu, pp 1302–1307
Huynh D, Jennings NR, Shadbolt NR (2004) FIRE: developing an integrated trust and reputation model for open multi-agent Systems. In: Proceedings of 16th ECAI, pp 18–22
Huynh D, Jennings NR, Shadbolt NR (2006a) An integrated trust and reputation model for open multi-agent systems. Auton Agent Multi Agent Syst 13: 119–154
Huynh D, Jennings NR, Shadbolt NR (2006b) Certified reputation: how an agent can trust a stranger. In: Proceedings of AAMAS’06, Hakodate, Japan, pp 1217–1224
JADE (2007) http://jade.tilab.com/
Jansen WA (2000) Countermeasure for mobile agent security. Comput Commun 23(17): 1667–1676
Jennings NR, Sycara K, Wooldridge M (1998) A roadmap of agent research and development. Auton Agents Multi Agent Syst 1(1): 7–38
Joshi JBD, Bertino E, Latif U, Ghafoor A (2005) A generalized temporal role-based access control model. IEEE Trans Knowl Data Eng 17(1): 4–23
Jumping Beans (2006) http://jumpingbeans.com/, Accessed 1 Apr 2011
Jung Y, Masoumzadeh A, Joshi JBD, Kim M (2008) RiBAC: role interaction based access control model for community computing. In: Proceedings of 4th international conference on collaborative computing: networking, applications and worksharing
Lampson BW (1974) Protection. SIGOPS Oper Syst Rev 8(1): 18–24
Lampson B, Abadi M, Burrows M, Wobber E (1992) Authentication in distributed systems: theory and practice. ACM Trans Comput Syst 10: 265–310
Li B, Xing M, Zhu J, Che T (2008) A dynamic trust model for the multi-agent systems. In: Proceedings of international symposiums on information processing, pp 500–504
Liau C (2003) Belief, information acquisition, and trust in multi-agent systems—a modal logic formulation. Artif Intell 149(1): 31–60
Lim Choi Keung SN, Griffiths N et al (2008) Towards improved partner selection using recommendations and trust. In: Falcone R (eds) Trust in agent societies, LNAI 5396. Springer, Berlin, pp 43–64
Mouratidis H (2007) Secure tropos: a security-oriented extension of the tropos methodology. Int J Softw Eng Knowl Eng (IJSEKE) 17(2): 285–309
Mouratidis H, Giorgini P (2009) Enhancing secure tropos to effectively deal with security requirements in the development of multiagent systems. In: Barley M, Mouratidis H, Unruh A, Spears D, Scerri P, Massacci F (eds) Safety and security in multiagent systems, LNAI 4324. Springer, Berlin, pp 8–26
Mouratidis H, Giorgini P, Manson G (2003) Modeling secure multiagent system. In: Proceedings of the 2nd international joint conference on autonomous agents and multiagent systems, Melbourne, pp 859–866
Mui L, Mohtashemi M, Halberstadt A (2002) A computational model of trust and reputation. In: Proceedings of the 35th international conference on system science, pp 280–287
Necula GC, Lee P (1998) Safe, untrusted agents using proof-carrying code. In: Vigna G (eds) Mobile agents and security, LNCS 1419. Springer, Berlin, pp 61–91
Novák P, Rollo M, Hodík J, Vlcek T (2003) Communication security in multi-agent systems. In: Proceedings of the 3rd international central and eastern European conference on multi-agent systems, pp 454–463
Omicini A, Ricci A, Viroli M (2005) RBAC for organisation and security in an agent coordination infrastructure. Electron Notes Theor Comput Sci 128(5): 65–85
Poggi A, Tomaiuolo M, Vitaglione G (2004) A security infrastructure for trust management in multi-agent systems. In: Falcone R, Barber S, Sabater-Mir J, Singh M (eds) Trusting agents for trusting electronic societies, LNCS 3577. Springer, Berlin, pp 162–179
Poslad S, Charlton P, Calisti M (2002) Specifying standard security mechanisms in multi-agent systems. In: Proceedings of autonomous agents and multi-agent systems (AAMAS 2002)
Pujol JM, Sanguesa R, Delgado J (2002) Extracting reputation in multi agent systems by means of social network topology. In: Proceedings of autonomous agents and multi-agent systems (AAMAS 2002), Bologna, pp 467–474
Ramchurn SD, Huynh D, Jennings NR (2004) Trust in multi-agent systems. Knowl Eng Rev 19(1): 1–25
Resnick P, Kuwabara K, Zeckhauser R, Friedman E (2000) Reputation systems. Commun ACM 43(12): 45–48
Riordan J, Schneier B (1998) Environmental key generation towards clueless agents. In: Vigna G (eds) Mobile agents and security, LNCS 1419. Springer, Berlin, pp 15–24
Roth V (1998) Secure recording of itineraries through cooperating agents. In: Proceedings of 4th workshop on mobile object systems: secure internet mobile computations. INRIA, France, pp 147–154
Sabater J, Sierra C (2001) REGRET: a reputation model for gregarious societies. In: Proceedings of 4th workshop on deception, fraud and trust in agent societies, Montreal, Canada, pp 61–69
Sabater J, Sierra C (2002) Reputation and social network analysis in multi-agent systems. In: Proceedings of 1st AAMAS, Bologna, pp 475–482
Sabater J, Sierra C (2005) Review on computational trust and reputation models. Artif Intell Rev 24: 33–60
Samarati P, De Capitani di Vimercati S (2001) Access control: policies, models, and mechanisms. In: Focardi R, Gorrieri R (eds) Foundations of security analysis and design, LNCS 2171. Springer, Berlin, pp 137–196
Sandhu R, Samarati P (1996) Authentication, access control, and audit. ACM Comput Surv 28(1): 241–243
Sandhu R, Coyne EJ, Feinstein HL, Youman CE (1996) Role-based access control models. Computer 29(2): 38–47
Schillo M, Funk P, Rovatsos M (2000) Using trust for detecting deceitful agents in artificial societies. Appl Artif Intell 14((8): 825–848
Sekar R, Ramakrishnan CR, Ramakrishnan IV, Smolka SA (2001) Model-carrying code (MCC): a new paradigm for moblie-code security. In: Proceedings the new security paradigms workshop (NSPW2001), pp 23–30
SeMoA (2007) http://semoa.sourceforge.net/
Such J, Alberola J, Garcia-Fornes A, Espinosa A, Botti V (2009) Kerberos-based secure multiagent platform. In: Hindriks KV, Pokahr A, Sardina S (eds) Programming multi-agent systems, LNCS 5442. Springer, Berlin, pp 197–210
van’t Noordende GJ, Brazier FMT, Tanenbaum AS (2004) Security in a mobile agent system. In: Proceedings of the 1st IEEE symposium on multi-agent security and survivability, pp 35–45
Vigna G (1997) Protecting mobile agents through tracing. In: Proceedings of the 3rd ECOOP workshop on mobile object systems, Jyvälskylä
Vuong ST, Fu P (2001) A security architecture and design for mobile intelligent agent systems. ACM SIGAPP Appl Comput Rev 9(3): 21–30
Wang Y, Singh MP (2006a) Trust representation and aggregation in a distributed agent system. In: Proceedings of 21st AAAI, pp 1425–1430
Wang Y, Singh MP (2006b) Trust via evidence combination: a mathematical approach based on certainty. TR 2006-11, North Carolina State University, Raleigh
Wang Y, Singh MP (2007) Formal trust model for multiagent systems. In: Proceedings of the 20th international joint conference on artificial intelligence (IJCAI’07), pp 1551–1556
Wang S, Hu J, Liu A, Wang J (2005) Security frame and evaluation in mobile agent system. In: Proceedings of 2nd international conference on mobile technology, applications, and systems, pp 1–6
Wangham MS, da Silva Fraga J, Schmidt R, Rabelo RJ (2004) MASS: a mobile agent security scheme for the creation of virtual enterprises. In: Proceedings of the 1st international workshop on mobility aware technologies and applications, pp 234–243
Wen W, Mizoguchi F (2000) An authorization-based trust model for multiagent systems. Appl Artif Intell 14(9): 909–925
Wilikens M, Feriti S, Sanna A, Masera M (2002) A context-related authorization and access control method based on RBAC. In Proceedings of the 7th ACM symposium on access control models and technologies, pp 117–124
Wooldridge M, Jennings NR (1995) Intelligent agents: theory and practice. Knowl Eng Rev 10: 115–152
Young A, Yung M (1997) Sliding encryption: a cryptographic tool for mobile agents. In: Proceedings of the 4th international workshop of fast software encryption, LNCS 1267, pp 230–241
Yu B, Singh MP (2002) Distributed reputation management for electronic commerce. Comput Intell 18(4): 535–549
Yu B, Singh MP (2003) Searching social networks. In: Proceedings 2nd of AAMAS, pp 65–72
Zacharia G, Maes P (2000) Trust through reputation mechanism. Appl Artif Intell 14: 881–907
Zhang G, Parashar M (2004) Context-aware dynamic access control for pervasive applications. In: Proceedings of communication networks and distributed systems modeling and simulation conference
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Jung, Y., Kim, M., Masoumzadeh, A. et al. A survey of security issue in multi-agent systems. Artif Intell Rev 37, 239–260 (2012). https://doi.org/10.1007/s10462-011-9228-8
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10462-011-9228-8