Secure Mobile Agents

Joint work with Mehrdad Jalali-Sohi, Ulrich Pinsdorf, Jan Peters, Peter Ebinger and many others. I served as the principal scientist and system architect of SeMoA.


Mobile (software) agents are bundles or code, data and stat information that migrate autonomously in a network of host computers, acting on behalf of their owners. The idea of mobile software agents has inspired many researchers ever since the term was coined, probably by Jim White of General Magic around 1994, although the principal idea is much older. Shoch and Hupp at Xerox PARC published their idea of the "Worm programs" already in 1982, and they were in turn inspired by John Brunner's 1975 science fiction novel "The Shockwave Rider". One of the most challenging problems in building practical mobile agent systems and applications is that of protecting mobile agents against malicious hosts and protecting the integrity and availability of a mobile agent server. The Secure Mobile Agent (SeMoA) project, running since 1997, has the goal to provide a robust platform on which a variety of research topics can be implemented.


The heart of SeMoA is a modular and extendible runtime environment and server for mobile code with a focus on security. The system is written in pure Java and is available as open source. A strength of SeMoA is its transparent encryption & signing support for mobile code with countermeasures against protocol interleaving attacks. A sketch of its overall security architecture is given below.

SeMoA's security architecture combines a comprehensive set of mechanisms, and is an excercise in modular design. Please refer to my publications for a discussion of its features.
SeMoA spawned a number of subprojects such as CODEC (support for cryptographic syntax standards), ATLAS (a scalable and secure tracking service for mobile code), MACBR (a distributed content-based search engine for digital images), and others.

Among the many features of SeMoA is an interoperability layer, which allows to run components and agents of other systems in SeMoA transparently e.g., JADE agents.

Selected Publications

  1. Volker Roth.
    Programming Satan's agents.
    In Klaus Fischer and Dieter Hutter, editors, Proc 1st International Workshop on Secure Mobile Multi-Agent Systems (SEMAS 2001), volume 63 of Electronic Notes in Theoretical Computer Science. Elsevier Science Publishers, 2002.
    ISBN 0444512268.
    [pdf] Search on Scholar
  2. Volker Roth.
    On the robustness of some cryptographic protocols for mobile agent protection.
    In Proc. Mobile Agents 2001, volume 2240 of Lecture Notes in Computer Science. Springer Verlag, December 2001.
    [pdf] Search on Scholar
  3. Volker Roth.
    Mutual protection of co-operating agents.
    In Jan Vitek and Christian Jensen, editors, Secure Internet Programming: Security Issues for Mobile and Distributed Objects, volume 1603 of Lecture Notes in Computer Science, pages 275-285. Springer-Verlag Inc., New York, NY, USA, 1999.
    [pdf] Search on Scholar
  4. Volker Roth.
    Empowering mobile software agents.
    In N. Suri, editor, Proc. 6th IEEE Mobile Agents Conference, volume 2535 of Lecture Notes in Computer Science, pages 47-63. Spinger Verlag, October 2002.
    ISBN 3-540-0085-2.
    [pdf] Search on Scholar
  5. Volker Roth.
    Obstacles to the adoption of mobile agents.
    In Proc. IEEE Int'l Conference on Mobile Data Management, Berkeley, CA, January 2004. IEEE, ACM SIGMOBILE, ACM SIGMOD.
    Invited panel session.
    [pdf] Search on Scholar