Mobile Agents

About This Presentation

Title:

Mobile Agents

Description:

... plusieurs syst mes existants :Aglets, Odyssey, MOA, Voyager, et ... serialize the aglet. call onDispatching before departure. call onArrival after arrival ... – PowerPoint PPT presentation

Number of Views:77

Avg rating:3.0/5.0

Slides: 108

Provided by: Duda1

Category:

more less

Transcript and Presenter's Notes

Title: Mobile Agents

1
Mobile Agents
Laboratoire LSR Logiciels Systèmes Réseaux
Andrzej Duda LSR-IMAG Andrzej.Duda_at_imag.fr
2
Agents mobiles
Résumé

Ce tutoriel présente la problématique des agents
mobiles. Nous
commencerons par une introduction des concepts et
du problème de la
migration de processus. Nous discuterons ensuite
des problèmes
de sécurité, de communication, de nommage, de
localisation, de persistance.
Ensuite, nous présenterons plusieurs systèmes
existants Aglets,
Odyssey, MOA, Voyager, et MAP. Pour illustrer des
applications, nous
donnerons quelques exemples, en particulier dans
le domaine de
l'informatique nomade et des réseaux actifs. Nous
parlerons aussi des
activités de normalisation au sein de FIPA et de
OMG.

3
Overview

Motivating example
Principles of mobile code and mobile agents
distributed execution and mobility
What is an agent? Mobile Agent System?
Issues in Mobile Agent Systems
mobility
security
communication
naming and locating

4
Overview

Issues in Mobile Agent Systems
agent management
persistency
resource consumption
Examples of Mobile Agent Systems
Applications
nomadic access to WWW
active networks - ANTS

5
Overview

Emerging standards
OMG
FIPA
Conclusion
Resource pages
Programming examples

6
Motivating example
Data
Network
Data
Data
7
Remote Database Access

Connect a laptop via a wireless link
Activate an agent
Disconnect
Agent
query a directory for relevant databases
move to database servers
work on local data
return to a given home location
Reconnect and get results

8
Characteristics

Operations on remote servers
some of them may depend on the previous ones
Move execution closer to data
reduce traffic
results are usually smaller than data
reduce latency
local access to data
Asynchronous operation
no active entity at client site
suitable for nomadic and mobile hosts

9
Principles of mobile code and mobile agents

Distributed execution paradigms
Remote procedure call (RPC)
Remote evaluation (REV)
Code on demand (COD)
Mobile agents (MA)

10
RPC

Paradigm
application is split into two parts
server provides a fixed interface
synchronous operation
invocation, execution of the procedure, result

11
Example
REQUEST URL of an object
REPLY object MIME
Content-type image/gif
--- object content ---
Server WWW
Client WWW
httpd
Netscape
12
Characteristics of RPC

Fine-grain remote operation with static and
specialized interfaces
SUN RPC
object invocation - CORBA
HTTP methods
extension mechanism - CGI
Suitable for LANs
low latency
sufficient bandwidth
Synchronous - client waits for results

13
Remote evaluation

Paradigm
activity send a procedure to execute on the
target site
procedure groups several operations
synchronous operation
invocation, execution of the procedure, result

14
Example of REV - servlets
15
Characteristics of REV

Coarse-grain remote operation
client defines its own interface
Suitable for WANs
tolerates high latency
reduces network traffic
Synchronous - client waits for results

16
Code on demand
proxy
activity
Get

Paradigm
activity downloads a procedure
local execution

17
Example of COD - applets
18
Characteristics of COD

Coarse-grain remote operation
may provide user interface
Suitable for WANs
tolerates high latency
reduces network traffic
Asynchronous - local execution

19
Mobile agents

Paradigm
activity executes on a site
migrates to the target site
resumes execution on the target site

20
Characteristics of mobile agents

Coarse-grain remote operation
Suitable for WANs
tolerates high latency
reduces network traffic
Asynchronous
activating site may disconnect
Explicit notion of location
proactive - an agent decides where to go
reactive - responds to an event or request

21
Mobile code technology

Execution mobility
how to move code and execution across the nodes
of a network?
Data space management
how to rearrange resources after migration?

22
Executing units
Computational environment
23
Executing units

Executing unit
sequential flow of computation
Resources
external entities (may be shared)
files, objects, OS variables, other EU
State
execution state
instruction pointer, stack/heap
data state
references to resources

24
Execution mobility

Migrate the execution unit to another site
Weak mobility
code migration, no execution state
some initialization data
Strong mobility
both code and execution state migration
used for long time for other purposes
load balancing (Condor)
fault tolerance - checkpointing

25
Data space management

Resource bindings
by identifier
binding to a specific resource
by value
resource of a specific type value does not
change after migration
by type
binding to any resource of a given type

26
Mechanisms

By move
transfer resource

source CE
source CE
destination CE
27
Mechanisms

Network reference
distributed data space

source CE
source CE
destination CE
28
Mechanisms

By copy
create a copy of the resource

source CE
source CE
destination CE
29
Mechanisms

By re-binding
re-bind a resource of the same type

source CE
destination CE
source CE
destination CE
30
Taxonomy

Common sense definition
An agent is a program that a person or
organization vests with its authority, that can
run unattended for a long time (e.g., a week),
and that can meet and interact with other agents.
The person or organization is the agent's
authority.
One can distinguish two kinds of agent
A stationary agent executes on one computer
system. A mobile agent can execute on different
computer systems at different times of its life.

Jim White, General Magic
31
Taxonomy of agents

Program Agents
Agents in Java
Aglets
Migrating Processes
Telescript
Shipped Scripts
TCLAgents
MAP
Active Networks
ANTS

Intelligent Agents
User Assistance Agents
learning interface agents - P. Maes
e-mail filters
Multi-agent Systems
e.g. KQML or ACL interactions
collaborative systems

32
Types of agents

Mobile Agents
move between nodes
Autonomous Agents
own environment
Isolated Agents
do not collaborate with others

Stationary Agents
provide services
Dependable Agents
depend on their clients
Collaborative Agents
collaborate to accomplish a complex task

33
Mobile agents

Delegation
represent a user
perform actions on his behalf
Autonomy
executes in its proper environment
independent of the user
Mobility
extends autonomy to decide when to move, where to
move, and how to move

34
Benefits of mobile agents

Service customization
easy upgrade to a new functionality
Software deployment and maintenance
automate installation process
Overcome bandwidth limitations
execution over unreliable and slow links
Increased fault tolerance
immune from partial failures checkpointing
Suitable for nomadic computing
asynchronous operation

35
First mobile agents

Worms (Xerox PARC, 1982)
distributed computations
Enabled Mail(1994)
active mail using SafeTcl
Telescript (General Magic, 1994)
electronic marketplace
Messengers - M0 (Geneva, 1994)
language à la Postscript

36
First Mobile Agents

Tacoma (Tromsø, Cornell, 1995)
system support for agents
MAP (IMAG, 1995)
agents in Scheme on WWW
AgentTCL (Dartmouth, 1996)
agents in TCL
Agents in Java

37
Mobile Agents in Java

Aglets (IBM, 1996)
Mole (Stuttgart, 1996)
JAE (Aachen, 1997)
ARA (Kaiserslautern, 1997)
MuBot (Crystaliz, 1997)
Grasshopper (IKV, 1997)
Concordia, (Mitsubishi, 1997)
MOA (OpenGroup, 1997)
Odyssey (General Magic, 1997)
Voyager (ObjectSpace, 1997)

38
Mobile agents in Java

New opportunities
independence of hardware platform
Java portable applications - "skinny client"
Java run time, GUI, network support
wide range of devices hand held, mobile
availability of Java run time on many servers
databases, groupware, WWW
wrappers for legacy systems
provide mobility to stationary applications

39
Why Java?

Portability
interpreted bytecode and Virtual Machine
availability on many platforms
Rich APIs
AWT, JFC, JDBC, RMI, others
component programming - Java Beans
system, network, security support
object serialization
Development tools
Movement of software industry to Java

40
Network support in Java

Support for TCP, UDP et HTTP
java.net.Socket
java.net.DatagramSocket
java.net.URL
Connected mode java.io
methods getInputStream() and getOutputStream()
Specialize a socket via heritage class SSLSocket
extends java.net.Socket

41
RMI - Remote Method Invocation

Method invocation on objects from a remote Java
Virtual Machine
Distributed Java applications
Interaction with interfaces (not with their
implementation)
(Un)marshalling object serialization
References
name serverURL rmi//java.sun.com/my_object
argument or return value

42
RMI Architecture
Client
Server
Application
RMI System
43
Serialization

Storage and transfer of objects
Read/Write
ObjectInputStream
ObjectOutputStream
transient and static not serilized
Security
qualifier private transient
overloading read/write methods
encryption

44
Why not Java?

Resource management
no support for managing memory and disk limits
Process management
no support for preserving the thread execution
context
weak mobility - agents in Java do not migrate,
rather a thread invokes a specified method

45
Mobile agent systems
agent
security
place
agent
data
services
network

Agent primitives
move
meet
send/receive
locate
checkpoint

agent
security
46
Weak mobility

Java no support for preserving the thread
execution context
Simulating process migration
serialization of an agent
pack all objects of an agent into a message
save the state of opened channels (MOA)
transport the message to the destination node
check for security credentials
deserialize
reconstruct the object graph of the agent
execute a specified method

47
Mobility of Aglets

Dispatch method
serialize the aglet
call onDispatching before departure
call onArrival after arrival

48
Structure of Aglets
onArrival()
onActivation()
run() ... if(!_activated) // aglet before
deactivation deactivate() if(!_remote)
// aglet before dispatching ... dispatch()
deactivation/ activation
dispatching
onDispatching()
onDeactivating()
49
Other systems

Concordia
specify itinerary
sequence of sites and methods to execute
before moving
put partial results into a serializable object
Odyssey
when an Odyssey agent is transported from one
system to another, the agent's thread is
restarted at the destination
worker
set of tasks per destination

50
Strong mobility

Specific language and operating system support
save the state, move to a remote site, resume
execution
Telescript - proprietary language and OS
MAP - modified Scheme interpreter
Strong mobility in Java
modification of the Virtual Machine (Sirac, ARA,
Sumatra)
save/restore the execution state of one thread
preprocess agent programs (U. Darmstadt)
limitations (multiple threads, libraries)

51
Strong mobility

Problems
multiple threads
shared objects
synchronization
re-binding resources

52
Security

Basic aspects
secrecy
protection of information
authentication
access control
non-repudiation
proof of an operation
integrity
non-modification of the information

53
Security

Protecting hosts against malicious agents
access control and isolated executing environment
Protecting agents against malicious hosts
hard problem - open cryptographic issue

54
Security

Agents execute in a controlled environment
sandbox
Agents cannot carry encryption keys

data space
Executing unit
Computational environment
55
Java security support

Current security support for applets
typesafe language
no pointers
true arrays with bound checking
bytecode verifier - looks for
pointers,
instructions or call methods with invalid
parameters,
non-initialized variables

56
Java security support

Current security support for applets
class loader
system classes cannot be replaced
system classes have their own security measures
e.g. the file access class has a list of files
that may be accessed by applets

57
New Java security support

Java Security API in JDK 1.1
KeyPairGenerator Class
generate pairs of public and private keys
MessageDigest Class
calculate the message digest of specified data
Signature Class
sign and verify digital signatures
Encryption and decryption in future Java
Cryptography Extension

58
Host security
authority secret key
authentication
message digest
digital signature
encryption
authentication
agent system secret/public key
59
Host security

Accept only authorized, not modified agents
Authentication and integrity
compute the message digest (MD5) on the content
of the agent,
encrypt the digest, the identity and the
authority of the agent using a secret key
concatenate with the agent
receiving agent system decrypts the signature
either using the shared secret key
either using the public key of the sender
compute the digest

60
Host security

Secrecy
encrypt the content of the agent
either using the shared secret key
either using the public key of the receiver
Denial of service attacks
limit resource consumption per agent

61
Agent security

Protect against tampering by a malicious host
change the lowest price found by the agent
Conceal the agent program
find the strategy used by the agent
Digitally sign a document
intercept encryption keys

62
Agent security

Smartcards as a Safe Haven
execute security sensitive code fragments on a
Smartcard
Executable encrypted functions
encrypt a function
execute it on an untrusted host
decrypt the result
(see C. Tschudin)

63
Digital signing by an agent

Signing with a concealed function s(x) S(x) is a
routine implementing s(x)
execute y P(x)
compute signature z S(y)
output (y, z)
Signing with a composition h s ? f
execute y F(x)
compute signature z H(y)
output (y, z)

64
Security in some systems

Aglets
security manager and Java Security API
Concordia
security manager that uses security credentials
of an agent
for full deployment, it may use strong security
functions from external authorities such as
Verisign
MOA
compatible with JDK 1.1, not yet implemented
JAR format with digital signatures

65
Communication

Three types of communication
mobile agent - stationary agent
mobile agent - mobile agent
rendez-vous of agents - locating and notifying
communication language (KQML, ACL)
mobile agent - client application
messages
wait until an agent returns

66
Communication

Nature of communication
locally
come to a place to communicate - meet (Odyssey)
remotely
communication channels (MOA)
channels migrate with an agent
synchronous and asynchronous messages (Aglets)

67
Naming

Unique identifier
example in MOA
hostportfamily_lounch-no.generation-no
needed to control agents
kill, suspend, resume
or to communicate or synchronize

68
Locating

Based on name servers
lookup, register, unregister
Different location schemes (MOA)
update the home location of every move
register at a predefined name server
search based on a predefined itinerary
forward based on the trails left during migration

69
Agent management

Controlling agents at all stages
creation, duplication, destruction
Examples of different types of control
go - proactive migration
retract - reactive migration
an agent is forced to move
clone - duplicate an agent
destruction - how to kill proliferating agents?

70
Persistence

Execution state is saved for migration
checkpointing
store the state to permanent storage
restarting agents
restore the state and resume execution
reliable execution in spite of failures

71
Resource consumption

Limits enforced on resources
agents
lifetime, places, hops, open channels, clones
money to buy resources (M0)
places
lifetime, open channels, agents
Negotiation
when agent arrives to a node, it negotiates how
many resources it can use
Resources not supported by JVM cannot be limited
size of VM, size of files

72
Aglets

Aglet
create, clone, dispatch, retract, deactivate,
activate, dispose
Context
aglet's workplace a means for maintaining and
managing running aglets
Itinerary
aglet's travel plan
Identifier
globally unique and immutable
Messages
synchronous and asynchronous message passing

73
Odyssey

Agent class
creation subclass of Agent or Worker class
Worker set of tasks and destinations
Agent system
a platform that can create, manage, execute,
transfer, and terminate agents
Place
a context within an agent system in which an
agent execute
Support for agents
Tickets, Petitions, ProcessNames

74
MOA

Agent
move, meet, openChannel, sendMsg
Place
a stationary object
Agent Environment
Agent Control (manages system resources)
Name Server (tracks agent locations)
Mover (transfer agent state)
Messenger (messaging between components)
different trust domains
one AE per JVM

75
Voyager

Built on top of CORBA
Agents
Voyager.startup(7000)
public void travel()
moveTo("tokyo9000", "atTokyo"
Persistent objects
saveNow method
Scalable group communication
synchronous, one-way, future, multicast
federated directory service

76
MAP - Mobile Assistant Programming
move
activate
agent
agent
MAP node
MAP node
data
services
data
services
clone
report
collector
get-result
report
agent
MAP node
MAP node
activation node
data
services
data
services
77
MAP primitives

Activation
start an agent on a chosen node, return a
capacity for a result collector
Get result
retrieve results from the collector if all
agents finished, tell it

78
Assistant primitives

Move
checkpoint the execution state
transfer to a remote node
resume execution
Clone
checkpoint the execution state
duplicate the state
resume execution
Report
store a message in a collector

79
Implementation

Scheme
fully fledged programming language
interpreted
the state of the interpreter can be saved
WWW
MAP node - a WWW server
communication on top of HTTP
access to the local space of HTML documents
Operational prototype
application front-end in Java

80
Properties

Strong mobility
modified Scheme interpreter
Strong system semantics in presence of
communication link and node failures
atomic actions
successful or not (an agent moves to another node
or stays, but not the both)
Agents - persistent processes
execution terminates eventually

81
Example of an assistant
(define (message msg) (assistant-report
(string-append (assistant- identity) "
" msg))) (define (name node) (string-append
"clone_at_" node))
82
Example of an assistant
(define (go-over node-list) (if (null?
node-list) (assistant-exit) (if (not
(assistant-move (car node-list))) (begin
(message "move failed") (go-over
(cdr node-list))) (if (not
(assistant-clone (assistant-node)
(name (assistant-node)))) (begin
(message "clone failed")
(go-over (cdr node-list))) (if
(equal? (assistant-identity) "main")
(go-over (cdr node-list)) (message
"work"))))))
83
Example of an assistant
(define (main . args) (begin (message
"Start \"go over\"") (go-over args)))
scenario (main "kita.imag.fr" "delos.imag.fr"
"fidji.imag.fr" )
84
Applications

Distributed information retrieval
gather information from a set of sources
Active networks
programmable routers
Network management
decentralize management architecture
Advanced telecommunication services
dynamic reconfiguration and customization
Electronic commerce
negotiate and perform business transactions

85
Application nomadic access to the WWW
Netscape
Alycta
query
HTML
A
R
nomadic host
86
Low bandwidth connectivity

GSM
low bandwidth connection (9.6 Kbit/s)
141 KB page with graphics
downloaded in 117 s (if cached)
285 s on Renater

Internet
GSM
Server WWW
MAP node
87
Low bandwidth connectivity

Reduce bandwidth bottleneck
asynchronous download by MAP agent
transfer over Internet not included in the user
response time
content distillation - adapt quality of graphics
JPEG, quality 5 ? 25 KB in 21 s
JPEG, quality 20 ? 62 KB in 52 s

88
Adaptive degradation

3086 KB 1928 KB 1333 KB
100 62 43

89
Active networks

Traditional packet networks
passive packets transit through routers
their operation is defined by a protocol, e.g. IP
Active networks
packet - active capsule
miniature programs executed at each router
router perform customized computations on the
messages flowing through them
it can modify the packet contents

90
Two views

Programmable switches
distinction between in-band data transfer and
out-of-band management channels
inject custom processing routines into the
required routers - COD
router examines the header and appropriate
program is dispatched to operate on the content
Capsules
every message is a program composed of
instructions
basic computations on the capsule content
can invoke built-in primitives

91
Common programming model

Program encoding
support mobility, safety, efficiency (Safe-TCL,
Java)
Common primitives
changing header, payload, length
access to node address, time, link status
control packet flow forward, copy, discard
Node resources
bandwidth, processing capacity, storage
routing tables, node's MIB

92
Applications of active networks

Merging and distribution of information
multi-user, multi-site applications
fusing information from a large number of sensors
users with different encoding and presentation
requirements
active Web caches
store and execute programs to generate
dynamically computed pages

93
Applications of active networks

Active network management
collecting and collating data
implement sophisticated approaches to network
monitoring and event filtering

94
ANTS

A toolkit for building and dynamically deploying
network protocols
Capsule
generalized replacement for a packet
reference to the forwarding routine
Code group
collection of related capsules transferred as a
unit
Protocol
collection of related code groups treated as a
single protection unit

95
Structure of an ANTS node
applications
node cache
spawned threads
x
object-x
y
object-y
node thread
channel thread
code cache
routing table
ANTS capsules
96
ANTS classes

Class Key Methods
Node address, get, put, routefornode,
delivertoapp
Channel send, receive, node
Application send, receive (upcall), node
Capsule evaluate, length, encode, decode

97
Example of ANTS programming

Mobile Data - capsules used by source to send
data to the mobile host
Register - a capsule to register forwarding
information while roaming

98
Register capsule

// on entry Node n
// home home agent
// next node at which to register
// forward address to be registered
// go to foreign and then home agent
if (n.address() ! next)
n.routefornode(this, next) return
// insert a forwarding address
n.put(src, forward)
// after doing foreign, do home
if (n.address() ! home)
forward next
next home
n.routefornode(this, next)

99
Mobile Data capsule

// look up forwarding record
f n.get(dst)
// if found, update our route
if (f ! null) next f.node
// and continue on our way
if (n.address() ! next)
n.routefornode(this, next)
if (n.address() dst)
n.delivertoapp(this, destport)

100
Standards

OMG
MAF (Mobile Agent Facility)
MASIF (Mobile Agent System Interoperability
Facilities)
GMD Fokus, Crystaliz, General Magic, Open Group
interoperability between agent systems written
in the same language
agent management, agent transfer, agent and agent
system names, agent system types, location syntax

101
Standards

FIPA (Foundation for Intelligent Physical Agents)
Agent management
ACL (Agent Communication Language)
sort of KQML
Agent/Software integration
Applications
Personal travel assistance
Personal assistant
Network provisioning and management
Audio/Video entertainment and broadcasting

102
Conclusion

Mobile agents
new attractive paradigm for distributed computing
benefits
service customization
software deployment and maintenance
overcome bandwidth limitations
increased fault tolerance
suitable for nomadic computing

103
Conclusion

Problems
generic Java platform
security
need for high-level libraries
scripting language for agents?
Active networks
rapid deployment of new protocols
application specific processing

104
Resource pages

Papers on mobile agents
J. Kiniry, D. Zimmerman. A Hands-on Look at Java
Mobile Agents, IEEE Internet Computing,
July-August 1997
M. Baldi, G.P. Picco, F. Risso. Understanding
Code Mobility, IEEE Trans. Soft. Eng., 24(5),1998
Proc. 1st Workshop on Mobile Agents, LNCS 1219,
Berlin, April 1997
Proc. 2st Workshop on Mobile Agents, LNCS 1477,
Stuttgart, September 1997
A. Duda, S. Perret Une architecture d'agents
mobiles pour les réseaux de stations nomades,
Proc. CFIP 97, 1997 ftp//ftp.imag.fr/pub/DRAK
KAR/duda/cfip.ps

105
URLs

Aglets
http//www.trl.ibm.co.jp/aglets
MuBot
http//www.crystaliz.com
Grasshopper (IKV, 1997)
http//www.ikv.de/products/grasshopper
Concordia
http//www.meitca.com/HSL/Projects/Concordia
Odyssey
http//www.genmagic.com
ANTS
http//www.sds.lcs.mit.edu/activeware

106
URLs

MOA
http//www.camb.opengroup.org/RI/java/moa
D. Milojicic et al. Mobile Objects and Agents
(MOA), Design Implementation and Lessons Learned
Proc. USENIX COOTS'98, April 1998
Voyager
http//www.objectspace.com/Voyager
FIPA
http//drogo.cselt.it/fipa
MAF/MASIF
http//www.camb.opengroup.org/RI/MAF

107
URLs