Information Technology Reference
In-Depth Information
3.3.1 Self Protected Mobile Agents
In MedIGS scheme, agents protect their code and data by carrying their own protection
mechanisms [1]. This approach improves traditional solutions, where protection was
managed by the platform. Hence, security is no longer a rigid part of the system, but
travels within the agent. Thus, each agent could use its own protection schemes, inde-
pendently of those supported by the platform. This allows the coexistence of different
security mechanisms at the same platform and time.
This solution is based on a public decryption function provided by the platform
through a cryptographic service, which is accessed by properly structured agents. It rec-
onciles opposing requirements by introducing a hybrid software architecture that incor-
porates the advantages of agent driven proposals while limiting the impact of platform
driven approaches. Interoperability, code reuse and deployment flexibility concerns are
also fully addressed.
3.3.2 Retrieved Medical Information Protection
Another important asset to protect is the information carried by the agent. Although the
protection of the agent code is of utmost importance, if the results carried by the agent
are not protected against modifications or eavesdroppers the whole security is jeopar-
dized. MedIGS uses a scheme based on hash chains to protect agent's results. Similar
mechanisms have been used before to protect agent data, as described in [13]. This type
of protection prevents the results from being undisclosed or changed by unauthorized
parties. Moreover they allow to check the actual itinerary that the agent has followed.
3.3.3 Access Control
MedIGS purposes a multi-domain scenario where several health institutions come to-
gether to share medical data. However, in order to regulate the access to the medical
data arises the following problems:
- Roaming agents act on behalf of unknown users:
When a local user launch a
retrieval query, for the rest of the health institutions the user is unknown. However,
it can be determined where the query comes from.
- Credentials are defined locally:
Each independent health institution grants its
users with local privileges which are not directly understood in the rest of the health
institutions.
In order to solve the above problems, MedIGS purposes a credential conversion mech-
anism [34] which allows, through conversion policies, the credentials translation from
one institution to another. Thus, the Collector Agent privileges are computed in each
institution based on the privileges of the local user who launched the query.
4
Mobile Agents for Critical Medical Information Retrieving from
the Emergency Scene
Lacking medical information about a victim in the aftermath of an emergency makes
the early treatment and the efficient allocation of resources difficult. On the other hand,
communication infrastructures are normally disrupted in these situations, thus hindering
Search WWH ::
Custom Search