Coalition Agents eXperiment - The Coalition TIE

1

Supported by the DARPA CoABS Program
CoAX - Coalition TIE Briefing DARPA CoABS PI
Meeting AFRL Rome, AIAI, Boeing, Dartmouth, DERA
Malvern, Lockheed Martin ATL, Michigan, MIT
Sloan, Stanford, USC/ISI, UWF/IHMC Support from
GITI, ISX, Mitre Coalition Agents eXperiment
(CoAX) http//www.aiai.ed.ac.uk/project/coax/
2
Briefing Outline

• Overview
• Key Coalition and Technical Drivers
• Binni Scenario
• CoAX Components
• Domain Management
• Demonstrations
• 6 Month Demonstration Report
• 9, 18 and 30 Month Demonstration Plans
• Status and Next Steps

3
Aim of Coalition TIE

• Aim
• Address unique aspects of coalition operations
  through the development and evaluation of agent
  domain and task management services.
• Aim will be met through delivery of
• Phased technical demonstrations of increasing
  complexity
• Technical reports and research papers
• Coalition-oriented grid services
• Requirements
• Use of existing military applications (MBP,
  CAMPS)
• Use of heterogeneous set of both domain-aware and
  come-as-you-are grid agents

4
Key Coalition Drivers

• Different doctrine, decision making, rules of
  engagement and, in general, mission agendas.
• Different technology skill and equipment levels.
• Different cultures and languages.
• Questionable compatibility of respective national
  information systems.
• Limited models for coalition force operations.
• Command authorities - agreement and transfers.
• Variable reliability of components and
  infrastructures.
• Information systems resource sharing agreements
  and capacity.
• Different interpretation of situational
  information.
• Lack of compatible security architectures.

From LeRoy Pearce (Canadian MOD), 1999
5
Key Technical Drivers

• Working with agents in multiple dynamic domains.
• Need for partial (secure) sharing and
  visualization of processes, data and facilities.
• Need flexible interagent task and process
  management.
• Unclear and/or emerging objectives and tasking.
• Cannot assume compatibility or complete
  reliability of functional capabilities,
  communications, security arrangements or
  information resources.
• Need to integrate and use legacy systems.
• Need for rapid formation and management of agent
  relationships.
• Need to respect national concerns, limitations,
  cultural and political differences, etc.

6
Binni - Gateway to theGolden Bowl of Africa
Rathmell, R.A. (1999) A Coalition Force Scenario
'Binni - Gateway to the Golden Bowl of Africa',
in Proceedings of the International Workshop on
Knowledge-Based Planning for Coalition
Forces, (ed. Tate, A.) pp. 115-125, Edinburgh,
Scotland, 10th-11th May 1999.
7
Binni - All Features
LAYERS
Setting
Geography
Transport
Water
Names
Lat / Long
Return
8
Forces separated by fire storm
Gao forces
Agadez forces
Fire Storm
9
Gao deception is intended to displace
firestorm separation fails.
Gao forces
False Gao forces
Agadez Forces
Fire Storm
False Agadez forces
10
CoAX Components

• Agent management services
• KAoS domain and resource management (Boeing,
  IHMC)
• Exception handling (MIT)
• Task management services
• Task and process management (AIAI)
• Plan deconfliction (Michigan)
• Market-based incentive management (Stanford)
• Domain-aware grid agents
• MBP (DERA)
• CAMPS (AFRL)
• Malicious agents (IHMC, Boeing)
• Various information, monitoring, visualization,
  and observer agents
• Come-as-you-are grid agents
• EMAA/CAST AODB info agent (LM-ATL)
• Ariadne Web-enabled weather agent (USC/ISI)
• Observer agents (Dartmouth)

11
Briefing Outline

• Overview
• Key Coalition and Technical Drivers
• Binni Scenario
• CoAX Components
• Domain Management
• Demonstrations
• 6 Month Demonstration Report
• 9, 18 and 30 Month Demonstration Plans
• Status and Next Steps

12
Agent Domains
DM
An agent domain consists of one or more agents
registered with a common Domain Manager which
provides for common administration and
enforcement of domain-wide, VM-specific, and
agent-specific policies.
13
Agent Domain Management in CoAX

• Broadens typical distributed security concerns to
  include
• Communication and access management Who can
  communicate with whom for what services?
• Registration management Who can join the domain
  under what circumstances?
• Resource management Who can have which kind and
  how much of a given computing resource?
• Mobility management Who can move where under
  what circumstances?
• Conversation management What constraints govern
  interaction between conversing agents?
• Obligation management Who is not meeting
  commitments?

Initial capability shown in six-month
demo Initial capability slated for nine-month
demo Initial capability slated for 2001-2002 demos
14
Policy Admin Tool
Policy Management Framework
Authorized user makes changes over the Web
KAoS Domain Manager
1. Ensures policy consistency at all
levels 2. Stores policy changes 3. Notifies guards
HTTP
RMI
Servlet
Event-driven policy changes
RMI
JNDI
Policy Directory
Other
Guard
Aroma VM
Guard
Java VM
Guard
Agent
Native Mech
Agent
Agent
Agent
Agent
Agent
Native Mech
1. Abstract, mechanism- neutral
representation/XML syntax (DAML
collaboration) 2. Distributed networked
availability 3. Secure
Guard is responsible for 1. Interpreting
policy 2. Enforcing with appropriate native
mechanism
15
Policy EnforcementProblems and Solutions

• Problem Enforcing policies on unmodified,
  potentially malicious agents

• Solution Platform-based enforcement (e.g., Java
  2 security)

• Problem Permissions granted statically according
  to code source (cant have different permissions
  for two agent instances from same code base)

• Solution Hack JAAS (Java Authentication and
  Authorization Service) to allow dynamic
  permissions and instance-level authentication and
  authorization

• Problem High-level agent security requirements
  do not always map to low-level built-in Java
  security mechanisms

• Solution Lock down permissions of untrusted
  (agent) code and force agent to use a trusted
  privileged-code wrapper under control of the
  guard (eventually to be packaged as domain-aware
  grid helper) to perform selected actions

• Problem Fine-grained resource allocation and
  control and revocation of permissions in the face
  of denial-of-service attacks

• Solution Run agent under Java-compatible Aroma
  VM allowing dynamic fine-grained resource rate
  and quantity control

• Problem Obligation policies cannot be enforced
  by preventing actions in advance but only by
  monitoring and after-the-fact sanctions

• Solution Sentinel-based policy enforcement
  (relevant work in this area by MIT)

16
Briefing Outline

• Overview
• Key Coalition and Technical Drivers
• Binni Scenario
• CoAX Components
• Domain Management
• Demonstrations
• 6 Month Demonstration Report
• 9, 18 and 30 Month Demonstration Plans
• Status and Next Steps

17
Demonstration Schedule

• 1-month demo at kick-off in February 2000 showing
  direct connection between DERA MBP and LM ATL
  AODB.
• 6-month demo (internal milestone) in July 2000
  showing initial integration of selected CoAX
  components for 9-month demo.
• 9-month demo (deliverable) in October 2000
• Brief the CoAX TIE and Binni scenario
• Show full integration of selected CoAX
  components
• Show that selected components interoperate in a
  Binni-based scenario and that a relevant 'story'
  can be told about agent functionality
• Additional stand-alone demos of other components.
• 18-month demo in July 2001 showing full
  integration of all CoAX components in a rich
  coalition scenario
• Focal point to engage other nations and research
  teams.
• 30-month demo in July 2002 showing dynamic
  aspects of domain management and tasking.

18
6-Month Demonstration Report

• Overall Objective
• Integrated Binni scenario demonstration centered
  on MBP containing Process Panel monitoring and
  multiple information-providing agents showing
  dynamic communication policy management between
  three KAoS domains on the grid
• Specific accomplishments
• Binni scenario information used to populate MBP,
  PP, and LM-ATL agents and shape storyboard
• Domain-aware conversational grid agents
  registered in three separate KAoS-managed domains
  representing coalition function units and
  countries
• KAoS matchmakers transparently federate across
  domain boundaries consistent with current domain
  policy
• LM-ATL come-as-you-are message-based grid agent
  interacts with domain-aware agents
• Tasking and control across coalition functional
  units
• Visualization of coalition C2 process via a
  simple process model
• Use of simple web-based policy administration
  tool to change domain policies and update policy
  enforcement mechanisms to selectively block and
  unblock interdomain agent communication

19
6-Month IntegratedDemo Structure
20
9-Month Demonstration Plan

• Overall Objective
• Integrated Binni scenario demonstration with
  MBP/CAMPS link containing PP monitoring,
  information-providing, and malicious agents, and
  showing dynamic task and communication,
  registration, and resource control policy
  management of 25 agents in six KAoS domains
  (including a subdomain) on the grid
• Stand-alone demonstrations of additional
  coalition-related capabilities
• Specific additional objectives beyond the 6-month
  demonstration
• US domain with domain-aware AODB and CAMPS agents
• Ariadne come-as-you-are open source weather
  agent
• Observer (Intel) domain containing surrogates for
  Dartmouth agents
• Gao Observer subdomain containing malicious
  observer agent whose denial-of-service attack is
  countered by KAoS and NOMADS resource control
  mechanisms
• Stand-alone demonstrations of MIT agent death
  exception handling, Stanford incentive
  management, U. Michigan plan deconfliction, and
  Dartmouth observer agents
• More powerful web-based policy administration
  tool administering communication, registration,
  and resource policies

21
9-Month Integrated Demo Structure
22
18-Month Demonstration Plan

• Overall Objective
• Integrated Binni scenario demonstration including
  all CoAX participants showing exception handling,
  incentive management, plan deconfliction
  services, and dynamic task and domain management
  of 35 agents in nine KAoS domains (including a
  subdomain and agents with multiple domain
  membership) on the grid
• Specific additional objectives beyond the 9-month
  demonstration
• Emphasis on execution phase of Binni scenario
• Packaging of initial task and domain management
  capabilities as grid services
• Separate UK and meteorology domains and coalition
  superdomain
• Policy conflict resolution mechanisms in place
  for GAO agent registered as member of multiple
  domains
• Use of MIT exception handling grid services
• Use of Stanford to allocate tasks and computing
  resources and manage incentives
• Use of Michigan services to identify and resolve
  plan conflicts
• Use of Dartmouth observer agents to feed
  coalition command
• Management of mobility and conversation policies
  through policy admin. tool
• Additional forms of attack by malicious agents
  countered by enhanced agent domain management
  mechanisms

23
18-Month Integrated Demo Structure
Plan Dec.
IM
EH
24
30-Month Demonstration Plan

• Overall Objective
• Integrated Binni scenario demonstration including
  CoAX participants showing dynamic creation and
  reconfiguration of agent domains, virtual
  organization, and overall coalition process
• Specific additional objectives beyond the
  18-month demonstration
• Demonstration includes all phases of Binni
  scenario
• Possible participation of other nations
  (especially TTCP) and additional CoABS research
  teams
• New coalition members and domains added
  on-the-fly
• Generic task and process management facilities
• Tailored visualizations
• High-level task, process, and domain management
  tools
• Management of obligation policies, and fleshing
  out set of communication, access control,
  resource management, conversation, and mobility
  policies

25
Briefing Outline

• Overview
• Key Coalition and Technical Drivers
• Binni Scenario
• CoAX Components
• Domain Management
• Demonstrations
• 6 Month Demonstration Report
• 9, 18 and 30 Month Demonstration Plans
• Status and Next Steps

26
Status andNext Steps

• 1-month and 6-month demo milestones successfully
  completed
• 100 page living document describing CoAX and
  Binni FLASH scenario delivered
• Ongoing work with GITI on design for packaging of
  agent domain services for the grid
• 9-month demonstration ready in October
• Integrated demonstration
• Stand-alone demonstrations
• Sneak preview of progress on 9-month
  demonstration at Malvern TTCP meeting in
  September

27
Summary

• Coalition operations is a matter of high concern
  for the military and a great proving ground for
  agent research
• Binni provides mature rich source of realistic
  scenario data
• Actual military tools used in true cross-national
  collaborationhope to expand to additional
  nations in the not-too-distant future
• Fourteen CoABS partners cooperating in phased
  technical integration
• Grid provided necessary interoperability
• Significant new research issues being addressed
  of both theoretical and practical significance

28
Further Information

• See http//www.aiai.ed.ac.uk/project/coax/
• coax_at_aiai.ed.ac.uk, coax-info_at_aiai.ed.ac.uk
• CoAX and Binni documentation available