Mobile%20Software%20Agents%20Tomasz%20M - PowerPoint PPT Presentation

Title: Mobile%20Software%20Agents%20Tomasz%20M


1
Mobile Software AgentsTomasz Müldner
October 2, 1998
2
Introduction History

• research on agents was originated by J. McCarthy
  in the mid-1950s
• the term agent was coined by O.G. Selfridge

3
Introduction According to some...

• Agent
• is an intelligent robot, or humanoid, that
  has emotions, feelings and perceptions, and
  therefore is concerned with cognitive science,
  speech acts, etc.

4
IntroductionDAI

• ...asking the question of what an agent is to a
  DAI researcher is as embarrassing as the question
  of what intelligence is for an AI
  researcher...Carl Hewitt

5
Introduction contents of this talk

• concentrate on mobile agents
• discuss
• communication
• security
• MALs

6
Agents - what are they?
7
Agents - what are they?

• a tool to perform client-server computing by
  transmitting running programs between clients and
  servers (White 1994)

server
8
Agents - what can they do?

• find and filter information
• customize views of information (e.g. email)
• automate work (respond to events, such as a new
  version)

9
Agents - what can they do?

• make recommendations and perform corporate tasks
  e.g. scheduling of meetings
• execute diagnostics, e.g. in networks
• rapid (re)deployment of applications
• active network load balancing

10
Agents - where are they used?

• distributed OO
• adaptive learning systems
• AI, expert systems, genetic algorithms
• electronic commerce
• collaborative environment
• mobile (nomadic) computing

11
Agents - main characteristics
12
Agents - main characteristics

• autonomous execution (life) have control over
  their own actions and may operate without the
  direct intervention of humans
• intelligent (perform domain oriented reasoning)

13
Agents - main characteristics

• perceive their environment
• adaptive (they learn)
• mobile (they move)
• persistent (they have their own idea as to how to
  accomplish a task)

14
Agents - main characteristics

• goal oriented (they realize a set of goals)
• reactive (or reflexive) they perceive
  environment and timely and accurately respond to
  changes that occur in it
• active, or proactive act to accomplish goals
  (take initiative not only respond to the
  environment)

15
Intelligent Agents

• An intelligent agent has some artificial
  intelligence for example based on a set of facts
  and inference rules
• learning agents are adaptive they can learn
  themselves about a subject in question by
  statistically matching subjects of interest with
  particular people

16
Basic Definitions
17
Basic Definitions

• An agent system can create, interpret, execute,
  transfer and terminate agents
• A host can contain several agent systems each is
  uniquely identified by its name and address.

18
Basic Definitions

• Both, an agent and an agent system have an
  authority a person or organization for whom they
  act
• An agent executes in a context, called the place
  there may be one or more places within an agent
  system

19
Basic Definitions

• agents have locations (names of their current
  places)
• agents have names (the agents authority and
  identity a unique value within the scope of the
  authority)

20
Basic Definitions

• There are two kinds of agents
• stationary agent is permanently attached to a
  place often resource managers, server programs
  or search engines
• mobile agent can move from one place to another

21
Basic Definitions

• Mobility is not new
• submitting batch jobs on mainframes
• perform distributed, real-time processing by
  executing scripts on networks of mini-computers
• databases have been using stored procedures.

22
Agents and DOOP

L. Lamport A distributed system is one in which
I cannot get something done because a machine I
have never heard of is down.
23
Agents and DOOP DOOP

• distribute applications and use a number of
  network nodes, rather than a single node
• communicate for example by
• messaging (asynchronous)
• RPC (synchronous)
• CORBA supports language and system independence

24
Agents and DOOP Efficiency

• Which is better
• to send data to the program
• to send a program to the source of data (move
  the code closer to data)

25
Agents and DOOP Robustness

Agents are better in their ability to recover
from server breakdowns or unavailability
(disconnected operations)
26
Agents and DOOP Flexibility

• Mobile agents are particularly useful for rapid
  deployment of applications and dynamic updates of
  software
• a code server can provide required code (this is
  also called code on demand).
• agents can be used for dynamic extensions of
  server services.

27
Agents and DOOP Design

Designing a client/server architecture requires
making all decisions about the communication
between the server(s) and the client(s). These
decisions are tightly coupled with the underlying
problem of specific design and are very difficult
or even impossible to change
28
Agents and DOOP Java

• supports rapid deployment of applications, by
  using a thin bootstrap program and
  code-on-demand approach
• objects serialization
• local dynamic linking
• remote linking that would fetch the code to be
  linked from a remote site
• reflection

29
Agents and DOOP Java

• code servers
• applets - no need for installation

30
Agents and DOOP Java

• Java does not support mobility

31
Mobile Agent Languages

32
Mobile Agent Languages Definitions

• An executing unit, EU is a single process (or
  thread) image of execution. EU is always
  considered in the context of a place, which
  contains components either EUs, or resources,
  such as files.
• A MAL is a language designed for distributed
  systems, which supports EUs migrating between
  various places.

33
Mobile Agent Languages Definitions

• An EU consists of
• a static code segment
• a program state
• data space containing accessible resources
• execution state containing system information
  such as program counter and return address.
• The EU has a distributed state if its data space
  exists in more than one place.

34
Mobile Agent Languages Definitions

• For an agent to be moved, first it has to be
  suspended. An entry point is a point where
  execution of a suspended agent is resumed
• Two kinds of resumption
• standard resumption (after go)
• itinerary one or more entry points may be
  explicitly specified.

35
Mobile Agent Languages Definitions

• strong mobility means that the entire code and
  execution state of EUs can be moved
• Strong mobility combined with standard resumption
  strong MAL (implies that it must be possible
  to save the state of the execution, and later, to
  restore this state)

36
Mobile Agent Languages Definitions

• Strong MALs
• Java with a modified JVM
• Tcl with modified interpreter
• Scheme (no modifications)
• Weak MALs
• aglets

37
Mobile Agent Languages Dynamic Linking

38
Mobile Agent Languages Dynamic Linking

• Name resolution must be able to bind names to
  both local and remote entities
• remote code dynamic linking the code downloaded
  from a remote site and linked with an EU
• local resource dynamic linking arriving EU links
  with resources available in this place e.g. link
  with libraries.

39
Mobile Agent Languages Dynamic Linking in Java

• the standard class loader provides local resource
  linking and the user defined class loader can
  support remote code linking
• The programmer has a choice of
• fully resolving the class, i.e. load the code
  closure
• partially resolving the class, i.e. postpone
  resolving dependent classes until later time.

40
Mobile Agent Languages Dynamic Linking in MALs

• library site provides precompiled code that can
  be picked up by an agent to use at other sites
• we consider four kinds of dynamic linking. For
  each kind, we consider an example of a search on
  a list of sites, using a search procedure.

41
Mobile Agent Languages Local only Dynamic
Linking
All the bindings are voided when a program moves.
For our example, search is rebound at every
site.
42
Mobile Agent Languages Code-with-a-reference-is
-sticky Dynamic Linking
A binding is retained as long as there is at
least one reference otherwise it is
garbage-collected. In our example, the first
site provides binding which will be retained for
remaining sites.
43
Mobile Agent Languages User-specified-sticky
links Dynamic Linking

• The user specifies the initial binding which is
  then retained (as long as there is a reference).
• In our example, the user can specify which
  version of search should be used for the
  traversal.

44
Mobile Agent Languages User-specified Dynamic
Linking

• Gives the programmer complete control over
  linking.
• In our example, the user can specify which
  version of search should be used for the
  traversal.

45
Mobile Agent Languages Communication

46
Mobile Agent Languages Types of Communication

• agent to service agent this is typically a
  client/ server type of interaction (e.g. based on
  RPC)
• agent to agent this a peer-to-peer type of
  interaction and could be supported by messaging
• agent to group this is a group communication
  (e.g. based on an observer pattern)
• user to agent interaction this a standard
  human-computer interaction, HCI.

47
Mobile Agent Languages Types of Communication

• agent to service agent and agent to agent are
  session oriented

48
Security

49
SecurityDefinitions

• a security policy is a set of guidelines
  describing whether various actions are allowed or
  not(may also include royalties)
• a security policy is static if its guidelines do
  not depend on external conditions otherwise it
  is dynamic.
• a security policy may include credentials, or
  level of trust.

50
SecurityDefinitions

• Java Security Manager implements a static
  security policy, which controls access to
  resources such as file I/O, network access, and
  others. There is no provision to limit access to
  other resources such as CPU cycles.

51
Security Protection

• In general, we need to
• protect agent hosts from agents
• agents from agent hosts
• one agent from another
• one agent host from another
• a group of hosts
• the communication between agent hosts.

52
Security Protecting one agent from another

• Doable, but two agents operating on the same host
  share the same interpreter and they share memory
  (no hardware faults)
• Software Fault Isolation inserts a checking code
  before each unsafe instruction
• Sandboxing before each unsafe instruction inserts
  a code which sets the high order bits of the
  target address to the correct segment identifier

53
Security Protecting agent hosts from agents

• cryptography can be used to authenticate
  credentials
• a credential means that the receiver will trust
  the sender
• access-level monitoring and control uses a
  security manager which maintains a list of
  allowed activities (perhaps associated with
  fees)- can be misleading

54
Security Protecting agent hosts from agents

• code verification by the host may try to examine
  the code of the agent (does not help if the agent
  is self-modifiable)
• the host can apply various limitation techniques,
  e.g. limit the time, or record all agent
  activities.

55
Security Protecting agent hosts from agents

• A static byte code verifier checks for the right
  magic number in the class file, and performs data
  flow analysis on each method to test for things
  such as branches must be within the bounds of the
  code, or there is no attempt to access variables
  which are not in the scope
• JVM performs various run-time checks.

56
Security Protecting agent hosts from agents

• Trail obscuring means that the agent constantly
  modifies its image so it can avoid tracing by
  hosts
• Code obfuscation means that the agent is sent
  together with a kind of interpreter, so the host
  doesnt really see the code of this agent.

57
Security Protecting agent from agents hosts

• a host can steal information (normal routing)
• a host can mutate an agent (e.g. rerouting)
• since the host agent has access to an agent, it
  is not possible to protect an agent from the
  agent host (unless a specialized hardware is used)

58
Security Protecting agent from agents hosts

• visit only trusted sites and from there use safer
  mechanisms, such as RPC or stateless agents
• maintain reliable data that can be used (after
  the fact) to determine whether the agent has been
  tampered with
• divide an agent into components, encrypted each
  component (when traveling through untrusted
  sites) update only while on trusted sites

59
Security Protecting agent from agents hosts

• maintain a safe migration history and use it
  against rerouting attacks or keep audit logs
• there is new research on encrypting programs
  which are equivalent to the original programs,
  are directly executable and produce encrypted
  output.

60
Network Awareness

61
Network Awareness Requirements

• awareness - an ability to monitor resources
• agility - an ability to react to changes in
  resources
• authority - an ability to control the way
  resources are used on their behalf by support
  code.

62
Network Awareness Requirements

• Resource awareness can be represented by
• on-demand monitoring
• continuous monitoring (specific filters should be
  used to avoid jitters).

63
Network Awareness Requirements

• Authority can
• give a complete control over resources, with
  explicit authorization for every use (like in
  applets)
• consider a resource violation as an asynchronous
  event and associate a handler with every
  restriction on resource.

64
Criticism

65
Criticism

• Sheinderman
• There is a growing danger that agents will be a
  deception and an empty promise.
• machines are not people, nor can they ever
  become so ...
• For me, computers have no more intelligence
  that a wooden pencil ...