Abstract

The heterogeneous nature of distributed systems raises many security issues and concerns. Traditional systems cannot provide customized security policies and mechanisms for heterogeneous applications. Historically, applications have relied on a static security architecture to provide ad-hoc-security guarantees. In this paper we propose a new security architecture based on mobile agents for applications in distributed environments. Our approach allows applications to create and enforce customized policies at run time. These policies and access control requirements can be specified using programs. In addition our framework can handle dynamic requests to change or update these policies and adapt to situational requirements.