Agents are an emerging technology that grants programmers a new way to exploit distributed resources. Roles are a powerful concept that can be used to model agent interactions, allowing agents to dynamically acquire operations to make specific tasks, and enabling separation of concerns and code reusability. Nevertheless roles should be developed taking into account permissions needed for the execution of their operations. The standard Java policy file mechanism does not suffice in this scenario, since a fine grain in managing permissions is required. This paper focuses on how to exploit the Java Authentication and Authorization Service (JAAS) at the role level in order to apply authorization and local policies to Java agents for limiting their operations.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Michael Becht , Thorsten Gurzki , Jürgen Klarmann , Matthias Muscholl, ROPE: Role Oriented Programming Environment for Multiagent Systems, Proceedings of the Fourth IECIS International Conference on Cooperative Information Systems, p.325, September 02-04, 1999
	2	G. Cabri, L. Ferrari, L. Leonardi, "Role Agent Pattern: a developer Guideline", in Proceedings of the 2003 IEEE International Conference on Systems, Man & Cybernetics, October 2003, Washington D.C., U.S.A.
	3	G. Cabri, L. Leonardi, F. Zambonelli, "Modeling Role-based Interactions for Agents", Workshop on Agent-oriented methodologies at OOPSLA 2002, Seattle (USA), November 2002.
	4	Giacomo Cabri , Letizia Leonardi , Franco Zambonelli, Implementing Role-based Interactions for Internet Agents, Proceedings of the 2003 Symposium on Applications and the Internet, p.380, January 27-31, 2003
	5	SUN Microsystem, "Enterprise Java Beans", available material at http://java.sun.com/ejb
	6	Erich Gamma , Richard Helm , Ralph Johnson , John Vlissides, Design patterns: elements of reusable object-oriented software, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1995
	7	SUN Microsystems, "Java Authentication and Authorization Service (JAAS) 1.0 Developer's Guide", available material at http://java.sun.com/security/jaas/doc/api.html
	8	Nicholas R. Jennings, An agent-based approach for building complex software systems, Communications of the ACM, v.44 n.4, p.35-41, April 2001  [doi>10.1145/367211.367250]
	9	N. Lhuillier, M. Tomaiuolo, G. Vitaglione, "Security in Multi-Agent Systems: JADE-S goes Distributed", Special issue on JADE of the TILAB Journal "EXP - in search of innovation", September 2003
	10	Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996  [doi>10.1109/2.485845]