SAgent is a software framework for protecting the computations of mobile agent applications while executing on remote hosts, where "protecting" refers to the confidentiality and/or integrity of data being used by the mobile agent. It is designed to work with JADE (the Java Agent Development Environment), and provides models and abstractions to ease secure agent development, as well as implementations of several concrete protocols providing the services required by the framework.

While a lot of work has been performed in protecting hosts from potentially malicious agents, using techniques such as sandboxing, there has been less work on the more challenging problem of protecting agents and agent data from potentially malicious hosts. Proposed techniques for this problem include software-based techniques based on cryptographic protocols, and hardware-based techniques based on trusted execution environments. In our earlier work, we proposed software-based techniques based on multi-agent protocols and threshold cryptography. For our publications as well as pointers to other techniques and related work, please follow the "Publications" link on the left.

While a few other research projects have examined protocols and techniques for protecting agents, these have been theoretical explorations. SAgent's goal is to bring these theoretical techniques into practice so that they can be experimented with. SAgent is designed to provide abstract security services to agents, operating on generic "secure data" objects, where the interface design is generic enough to support both software-based and hardware-based techniques. The abstractions are clean, so that there is a well-defined way for a new security "provider" to implement and experiment with new techniques for protecting mobile agents. SAgent is currently distributed with two providers: an implementation of our own multi-agent protocol using threshold cryptography, and an implementation of the earlier protocol due to Algesheimer, Cachin, Camenisch, and Karjoth that uses a trusted third party (see the "References" link for more information). Both of these protocols rely on representing secure functionality using boolean circuits, and the same object framework is used in both cases -- in other words, once an application is written for one provider, it is easy to test it with the other technique as well.

SAgent is currently at version 0.9.0 — everything works, but there are two things remaining before the 1.0 release: optimizing agent size and completing documentation. The "Documentation" link on the left now provides documentation of the SAgent API, but isn't as "tutorial" as we'd like it to be. That's in the works, and should be done in the next month or so.

SAgent is freely distributed under the GNU LGPL license (a license from the Free Software Foundation known as the "GNU Library General Public License", or more recently called the "GNU Lesser General Public License"), and the software can be downloaded by following the "Download" link at the left.

This software is a product of the Computer Privacy and Security (CoPS) Lab at the University of North Texas. The main authors are Vandana Gunupudi, Steve Tate, and Ke Xu.

We gratefully acknowledge the support of the National Science Foundation, under award 0208640.