Towards a policy based framework for mobile agent authorisation in mobile systems

Mobile agents appear to be a potentially important software paradigm for the mobile domain. If, however, these persistent, autonomous programs are permitted to roam freely in networks, interacting with systems and other agents to fulfil their predefined goals, the risk of a mobile agent with malicious intent damaging any system on which it is executed becomes a very real danger. Thus, determining whether or not a mobile agent should be executed on a particular platform is a very serious issue. This becomes especially critical in a mobile environment, where limited bandwidth and processing power may restrict the ability of a mobile node either to contact the agent´s originator or to perform detailed checking on the agent´s code.