Open-network multi-agent systems face security threats from malicious agents. These agents may try to unregister their competitors from Agent Name Servers (ANSs) and Matchmakers, eavesdrop on supposedly private communications, and spoof other agents, including their own human delegators. System integrity demands that agent deployers be held accountable for problems caused by misbehaving agents.
The security architecture we are developing counteracts these threats by binding each agent to a unique Agent ID (or AID). To prevent agent spoofing or masquerading, we use a certification mechanism that requires agent deployers to register their agents prior to deployment. To join a system, agents need to get a public key pair, and have it certified by an agent certification authority. This public key pair and corresponding certificate are used to securely identify the agent.
Within this security infrastructure, all interactions with RETSINA mediating agents (e.g., Matchmakers, Agent Name Servers) require signatures and certificates. Inter-agent interactions can also be secured through the application of security protocols, such as Netscape's SSL (Secure Socket Layer Protocol).