Document

Download Report

Transcript Document

Agent Technology for e-Commerce

Chapter 11: Mobile Agents

Maria Fasli http://cswww.essex.ac.uk/staff/mfasli/ATe-Commerce.htm

Agent Technology for e-Commerce

Current approaches

   Current approaches to distributed computing: The client-server model Code-on-demand Web services approach   Advantages  security Disadvantages  network traffic   latency overloading of resources

Chapter 11

2

Agent Technology for e-Commerce

An alternative approach: mobile agents

       An autonomous executing entity that has the ability to migrate from machine to machine in a heterogeneous network and resume its execution. They can: reduce network traffic overcome network latency make better use of resources execute asynchronously and autonomously adapt dynamically be robust and fault tolerant

Chapter 11

3

Agent Technology for e-Commerce

Infrastructure requirements

   To implement a mobile agent we need: a suitable and transportable language in which the agent’s code will be written, an engine or interpreter for that language, communication protocols that allow engines on different machines to exchange agents.

Agents Places Engine Host

Chapter 11

4

Agent Technology for e-Commerce

Migration

Sender host Engine

Suspension Serialization Encoding Dispatch

Receiver host Engine

Execution resumption Deserialization Decoding Receipt Network

Agent transfer Chapter 11

5

Agent Technology for e-Commerce

Modes of migration

 The statefull or strong mobility (go) model An agent’s object state, code, and control state are captured. Execution is allowed to continue from the exact point at which it was stopped.

  More convenient for the end programmer, but more work for the system developer. Routines to capture state control are required on top of the interpreters.

 The stateless or weak mobility (known entry point) model The agent’s object state and code is captured. The execution in the new machine is continued from a known entry point.

Commercial Java-based systems use the entry point.

Chapter 11

6

Agent Technology for e-Commerce

Mobile agent systems

Non-Java mobile agent systems  Telescript    Agent Tcl D’Agents Ara  TACOMA Java-based mobile agent systems    Aglets Concordia NOMADS

Chapter 11

7

Agent Technology for e-Commerce

Aglets

  Implemented at the IBM Tokyo Research Laboratory. http://www.trl.ibm.co.jp/aglets/index.html

Aglets do not capture an agent’s control state during migration. That would require modifications to the standard Java virtual machine. Instead agent execution is restarted from a known entry point

Chapter 11

8

Agent Technology for e-Commerce

Basic concepts

   

Aglet

: a mobile Java object that visits aglet-enabled hosts in a network.

Proxy

: it is a representative of an aglet. It serves as a shield to protect the aglet from direct access to its public methods.

Context

: an aglet’s workplace. It corresponds to a place. Multiple contexts may reside on the same machine.

Identifier

: a unique identifier is assigned to each aglet after initialisation.

Chapter 11

9

Agent Technology for e-Commerce

Fundamental Aglet operations

     

Creation Cloning Dispatching Retraction Activation and Deactivation Disposal Chapter 11

10

Agent Technology for e-Commerce

Programming model

  The Aglet programming model is event-based Customised

listeners

can be used to catch particular events in the life cycle of an aglet:    Clone listener (clone creation) Mobility listener (dispatching, retraction, arrival) Persistence listener (deactivation, activation)

Chapter 11

11

Agent Technology for e-Commerce

    General process A mobile agent that wants to migrate calls the dispatch method The Aglets system calls the agent’s onDispatching method which performs application specific cleanup, kills the agent’s threads, serialises the agent’s code and object state, and sends the agent’s code and object state to the new machine On the new machine the system calls the agents onArrival method which performs application specific initialisation Finally the agent’s run agent’s execution method is called in order to start the

Chapter 11

12

Agent Technology for e-Commerce

Communication

 Communication between aglets    When an aglet wants to communicate with other aglets, it first has to obtain a proxy Public methods cannot be accessed directly Three different types of messages: now-type, future-type, oneway-types  Communication between engines  The ATP is used in the communication layer   The API abstracts the communication between agent systems Methods for creating, transferring, tracking and managing agents

Chapter 11

13

Agent Technology for e-Commerce

Security model

  The first level of security comes from Java itself. Imported code fragments are subjected into a series of tests and consistency tests As the second level the Tahiti (the visual agent manager) implements a configurable security manager that provides a fairly high degree of security for the hosting computer and its owner and it enables a number of principals to specify and enforce policies

Chapter 11

14

Agent Technology for e-Commerce

Mobile agent security

  Mobile agent security has two aspects: Protecting the host machine Protecting the mobile agent    Mobile agents and hosts are vulnerable to a number of threats Agent to host threats Agent to agent threats Host to agent threats

Chapter 11

15

Agent Technology for e-Commerce

Agent to host threats

    Masquerade Unauthorized access Tampering Denial of service

Chapter 11

16

Agent Technology for e-Commerce

Agent to agent

    Masquerade Tampering Denial of service Repudiation

Chapter 11

17

Agent Technology for e-Commerce

Host to agent

    Masquerade Tampering Eavesdropping and traffic analysis Denial of service

Chapter 11

18

Agent Technology for e-Commerce

Security services

      Authentication  User   Host Agent  Code Access control Integrity Confidentiality Nonrepudiation Auditing

Chapter 11

19

Agent Technology for e-Commerce

Protecting the host

     A number of approaches have been suggested: Safe code interpretation: use of an interpreted language Authentication: digital signatures Authorization: entities can be granted capabilities or access rights Resource allocation: various mechanisms for resource allocation, including market mechanisms Maintaining path histories in order to be able to check the origin of mobile agents

Chapter 11

20

Agent Technology for e-Commerce

Protecting the mobile agent

     Fortress model: agents execute in a safe environment where no untrusted hosts are allowed – compromises the advantages of mobile agents Sealing and signing intermediate results to prevent tampering Using shared secrets and interlocking The agent’s execution and behaviour is recorded (Execution tracing) Executable encrypted functions can prevent tampering

Chapter 11

21

Agent Technology for e-Commerce

Issues on mobile agents

       Technical issues Current mobile agents do not bring about significant benefits As they are written in interpreted languages, they are slow Starting an execution environment and inserting an agent involves an overhead – thus higher loads in transporting and executing them locally To recover from failure during migration additional support is required Appropriate naming and location services are required Security Lack of standardization

Chapter 11

22

Agent Technology for e-Commerce

  Nontechnical issues Lack of a killer application The advantages of mobile agents are modest when applications are considered in isolation   Potential applications Electronic marketplaces Mobile devices such as mobile phones and PDAs

Chapter 11

23