Implementing mobile agents is possible with available technology; implementations will help researchers work on the many open questions of mobile agents. An obvious first concern is determining exactly what applications mobile agents are good for, what agents will be used for once the medium necessary to support them exists. A simple, useful application would be to provide customized access to online databases. For example, a Web search engine could be augmented by allowing users to send over an agent to perform more complex searches. It is likely that a system such as this will soon be developed, probably under the name of servlets.
In anticipation of a wider deployment of agents it is important to study the emergent behavior of mobile in complex networks of resource servers. Towards this end, it would be useful to have an actual distributed computer server based on mobile agents. The batch-level approach of the Enterprise system should be simple to implement in Java with aglets; the major open issue is resource accounting. In addition to being a first step towards mobile agents research, an Enterprise-like network could have practical use as a distributed CPU server. With the coarse grained resource distribution of Enterprise in place explorations could then be made towards the finer grained distribution of agoric computation systems.
While Java and aglets fulfill many of the needed technologies for mobile agents, several pieces are missing. Java 1.1 adds code signatures, the fundamental mechanism needed to establish trust level, but the details of controlling the resources an agent has access to will not be fully implemented. A good design for an access control system would be of general benefit in providing configurable sandboxes. The larger question of the longterm viability of sandbox security needs further exploration. Do sandboxes only protect the underlying computer from dangerous agents or is there some way to enforce security at a more detailed level so individual agents are protected from each other?
The question of how to guarantee agent safety from malicious servers is unanswered. A complete solution will very likely require rethinking the way we perform computation. One partial approach might be in inventing a way to do computations so that pieces of the work are independently verifiable for less cost than performing the computation itself. Reputation systems for servers could also be developed to allow some social enforcement of agent security.
Finally, issues of resource accounting have not been well addressed in mobile agent work to date. Resource accounting is not conceptually difficult but efficient implementations take work. Digital cash systems need to be created that allow agents to easily pay for the resources they use. And the merit of using economic systems needs much further study; the effectiveness of markets to control distributed computations will only be determined after much experimentation.
Mobile agents are a useful paradigm for enabling the use of distributed computational resources. A proper implementation of a network computational medium involves many complicated technical and social issues, but the solutions to many of these problems are at hand. It is time to implement and experiment with mobile agent systems; Java and aglets look to be the best technologies for doing that today.
