A Pre-Kernel Agent Platform for security assurance

Without the security assurance from the underlining operating system, software agents and agencies are constantly under security threats through the operating system. Although the security issues between software agents and agencies have been studied intensively, any formulated counter-measurement of these issues are subject to attacks that are able to exploit the vulnerabilities of the operating system kernel (OS kernel). To protect agents and agencies against such risks, we proposed a novel approach that isolates the OS kernel and limit modifications to the agency system in the physical memory space. Our approach utilizes a hypervisor to create a virtualized environment for the operating system. The agency is then loaded into physical memory and injected into the operating system of the host without any interactions from the OS kernel. All memory access requests are monitored and managed by our approach to prevent unauthorized modification from the OS kernel and maintain the integrity of the agency system. Furthermore, any agent migrated to the host can be encrypted by our approach to prevent any alterations from the OS kernel. The encryption key is safely shared between the agency system and the hypervisor by utilizing part of the memory space of the agency as a communication interface. Consequently, our approach is able to limit the security threats that exploit the vulnerability of the operating system to the agency systems as well as ensure the integrity of both agents and agencies. This study describes the formulation and implementation of the proposed platform that can securely deploy agent agent systems to the host and effectively control access to host devices.