Between Dec 19, 2024 and Jan 2, 2025, datasets can be submitted to DRUM but will not be processed until after the break. Staff will not be available to answer email during this period, and will not be able to provide DOIs until after Jan 2. If you are in need of a DOI during this period, consider Dryad or OpenICPSR. Submission responses to the UDC may also be delayed during this time.

Browsing by Author "Ahmed, Tanvir"

Now showing 1 - 7 of 7
  • Thumbnail Image
    Item
    Design of a Dynamically Extensible System for Network Monitoring using Mobile Agents
    (2001-11-20) Tripathi, Anand; Ahmed, Tanvir; Pathak, Sumedh; Carney, Megan
    We present here a framework together with a set of paradigms for mobile agent based active monitoring of network systems. In our framework mobile agents are used to perform remote information filtering and control functions. Such agents can detect basic events or correlate existing events that are stored in a database to enforce system policies. A system administrator can securely modify the monitoring policies and information filtering functions of its agents, or install new agents at a node. The framework presented here includes monitor, subscriber, auditor and inspector agents. The policies and itineraries of these agents can be modified dynamically. In response to certain trigger events agents may change their itineraries to correlate event data. We present here a set of experiments that we have conducted using the Ajanta mobile agent system to evaluate and demonstrate the capabilities of our mobile agent framework.
  • Thumbnail Image
    Item
    Design of a Policy-Driven Middleware for Secure Distributed Collaboration
    (2001-11-20) Tripathi, Anand; Ahmed, Tanvir; Kumar, Richa; Jaman, Shremattie
    We present here the execution model of a policy-drivenmiddleware for building secure distributed collaboration systems from their high level specifications. Our specification model supports nested collaboration activities and uses role based security policies and event count based coordination specification. From the specifications of a collaboration environment, appropriate policy modules are derived for enforcing security and coordination requirements. A policy-driven distributed middleware provides services to the users to join roles in an activity, perform role specific operations, or create new activities. We describe here the design challenges for the middleware and present the runtime structures and protocols supported by it for creating activities, roles, and objects. Our design takes into consideration that only some designated nodes can be trusted to enforce the required security policies for an activity.
  • Thumbnail Image
    Item
    Design of Ajanta System for Mobile Agent Programming
    (2001-11-20) Tripathi, Anand; Karnik, Neeran M.; Ahmed, Tanvir; Vora, Manish K.; Pathak, Mukta; Prakash, Arvid; Kakani, Vineet
    We describe the architecture and programming environment of Ajanta, a Java-based system for programming applications using mobile agents over the Internet. Agents are mobile objects which are hosted by servers on the network. Ajanta provides primitives for creating and dispatching agents, securely controlling agents at remote sites, and transferring agents from one server to another. For secureaccess to server resources by visiting agents, a proxy-based access control mechanism is used. The Ajanta design includes mechanisms to protect an agent's state and prevent misuse of its credentials. We describe in this paper migration patterns for programming an agent's travel path. A pattern encapsulates the abstract notion of agent mobility. Pattern composition allows one to build complextravel plans using some basic migration patterns. Finally,we present three agent-based distributed applications implemented using the Ajanta system. These include a middleware for sharing files over the Internet, a distributed calendar management system, and an agent-based middleware for distributed collaborations.
  • Thumbnail Image
    Item
    Paradigms for Mobile Agent-Based Active Monitoring of Network Systems
    (2001-11-20) Tripathi, Anand; Ahmed, Tanvir; Pathak, Sumedh; Carney, Megan; Dokas, Paul
    We present here the design of a framework for building future generation network monitoring systems using mobile agents. It is designed to support dynamic configurability, extensibility, active monitoring, and secure operations.The policies for monitoring and information filtering implemented by agents can be modified remotely and dynamically. New event types and their detection procedures can be inclemently added in this system, and any desired event data aggregation policies can be defined using the publisher-subscriber model. The use of Prolog-based logic databases provides high level and easy-to-use abstractions for defining and detecting new events based on correlation of lower level events. Active monitoring in this system is supported by the incorporation of trigger rules that cause detection of an event to be initiated when certain other events are observed. The use of Ajanta, a secure mobile agent programming platform, provides the necessary infrastructure for protecting the monitoring system from attacks. We present here a set of experiments that we conducted using this system to evaluate and demonstrate its capabilities.
  • Thumbnail Image
    Item
    Robustness and Security in a Mobile-Agent based Network Monitoring System
    (2004-01-13) Tripathi, Anand; Koka, Muralidhar; Karanth, Sandeep; Osipkov, Ivan; Talkad, Harsha; Ahmed, Tanvir; Johnson, David; Dier, Scott
    In Konark, a network monitoring system based on mobile-agents,agents can communicate witheach other to perform system-wide correlation of data.To minimize management efforts, our system incorporatesmechanisms to detect and self-recover frominternal failures in a decentralized and scalable fashion.In this paper, we discuss the mechanisms for self-recoveryachievedby using the same mechanisms as those used for monitoringcomputing resources in thenetwork.Self-monitoring of Konark also provides all the features ofnetwork monitoring,such as dynamic extensibility, active monitoring, andonline-correlation of data.The security mechanisms of Konark are also discussed.This work demonstrates that mobile-agent based approach is aviable alternative forbuilding robust and secure network monitoring systems. Keywords: Self-Monitoring and Recovery, Network monitoring,Mobile agents, Multi-agent systems, Mobile code,Monitoring system security, Distributed Event Communication
  • Thumbnail Image
    Item
    Specification and Implementation of Secure Distributed Collaboration Systems
    (2001-11-20) Tripathi, Anand; Ahmed, Tanvir
    The focus of this paper is on building secure distributed collaboration and workflow systems from their high level specifications. We identify here unique requirements of role based security in dynamic collaboration environments, specifically role admission and activation constraints, separation of duties, a model for multi-user participation in a role, and intra and inter role coordination. We present a role-based model for specifying coordination and security requirements in collaboration systems. It also supports hierarchical structuring of a large collaboration environment using nested activities, which can be created dynamically. An activity defines a naming scope and a protection domain to specify security and coordination policies. We describe here how a middleware is used to realize and support a collaboration environment from its specifications, implementing the required security and coordination policies.
  • Thumbnail Image
    Item
    Specification and Verification of Security Requirements in Decentralized CSCW Systems
    (2005-02-25) Ahmed, Tanvir; Tripathi, Anand
    In this paper, we present a specification model and a verification methodology for security policies in distributed CSCW systems. To express security and coordination requirements in decentralized CSCW systems, a role-based specification model is developed. We show how dynamic security requirements in collaboration environments are expressed in this specification model. Given global security requirements, verification of a specification ensures correctness and consistency of the specification. The goal of our methodology is to ensure that sensitive security requirements cannot be violated in decentralized management of a collaboration involving multiple security domains where all the participating users in the collaboration may not be trusted. We have utilized finite-state based model checking for static verification of security requirements. Several verification models are developed to check security properties, such as task-flow constraints, information flow or confidentiality, and assignment of administrative privileges.