Transcript Document
Agent Technology for e-Commerce
Chapter 11: Mobile Agents
Maria Fasli http://cswww.essex.ac.uk/staff/mfasli/ATe-Commerce.htm
Agent Technology for e-Commerce
Current approaches
Current approaches to distributed computing: The client-server model Code-on-demand Web services approach Advantages security Disadvantages network traffic latency overloading of resources
Chapter 11
2
Agent Technology for e-Commerce
An alternative approach: mobile agents
An autonomous executing entity that has the ability to migrate from machine to machine in a heterogeneous network and resume its execution. They can: reduce network traffic overcome network latency make better use of resources execute asynchronously and autonomously adapt dynamically be robust and fault tolerant
Chapter 11
3
Agent Technology for e-Commerce
Infrastructure requirements
To implement a mobile agent we need: a suitable and transportable language in which the agent’s code will be written, an engine or interpreter for that language, communication protocols that allow engines on different machines to exchange agents.
Agents Places Engine Host
Chapter 11
4
Agent Technology for e-Commerce
Migration
Sender host Engine
Suspension Serialization Encoding Dispatch
Receiver host Engine
Execution resumption Deserialization Decoding Receipt Network
Agent transfer Chapter 11
5
Agent Technology for e-Commerce
Modes of migration
The statefull or strong mobility (go) model An agent’s object state, code, and control state are captured. Execution is allowed to continue from the exact point at which it was stopped.
More convenient for the end programmer, but more work for the system developer. Routines to capture state control are required on top of the interpreters.
The stateless or weak mobility (known entry point) model The agent’s object state and code is captured. The execution in the new machine is continued from a known entry point.
Commercial Java-based systems use the entry point.
Chapter 11
6
Agent Technology for e-Commerce
Mobile agent systems
Non-Java mobile agent systems Telescript Agent Tcl D’Agents Ara TACOMA Java-based mobile agent systems Aglets Concordia NOMADS
Chapter 11
7
Agent Technology for e-Commerce
Aglets
Implemented at the IBM Tokyo Research Laboratory. http://www.trl.ibm.co.jp/aglets/index.html
Aglets do not capture an agent’s control state during migration. That would require modifications to the standard Java virtual machine. Instead agent execution is restarted from a known entry point
Chapter 11
8
Agent Technology for e-Commerce
Basic concepts
Aglet
: a mobile Java object that visits aglet-enabled hosts in a network.
Proxy
: it is a representative of an aglet. It serves as a shield to protect the aglet from direct access to its public methods.
Context
: an aglet’s workplace. It corresponds to a place. Multiple contexts may reside on the same machine.
Identifier
: a unique identifier is assigned to each aglet after initialisation.
Chapter 11
9
Agent Technology for e-Commerce
Fundamental Aglet operations
Creation Cloning Dispatching Retraction Activation and Deactivation Disposal Chapter 11
10
Agent Technology for e-Commerce
Programming model
The Aglet programming model is event-based Customised
listeners
can be used to catch particular events in the life cycle of an aglet: Clone listener (clone creation) Mobility listener (dispatching, retraction, arrival) Persistence listener (deactivation, activation)
Chapter 11
11
Agent Technology for e-Commerce
General process A mobile agent that wants to migrate calls the dispatch method The Aglets system calls the agent’s onDispatching method which performs application specific cleanup, kills the agent’s threads, serialises the agent’s code and object state, and sends the agent’s code and object state to the new machine On the new machine the system calls the agents onArrival method which performs application specific initialisation Finally the agent’s run agent’s execution method is called in order to start the
Chapter 11
12
Agent Technology for e-Commerce
Communication
Communication between aglets When an aglet wants to communicate with other aglets, it first has to obtain a proxy Public methods cannot be accessed directly Three different types of messages: now-type, future-type, oneway-types Communication between engines The ATP is used in the communication layer The API abstracts the communication between agent systems Methods for creating, transferring, tracking and managing agents
Chapter 11
13
Agent Technology for e-Commerce
Security model
The first level of security comes from Java itself. Imported code fragments are subjected into a series of tests and consistency tests As the second level the Tahiti (the visual agent manager) implements a configurable security manager that provides a fairly high degree of security for the hosting computer and its owner and it enables a number of principals to specify and enforce policies
Chapter 11
14
Agent Technology for e-Commerce
Mobile agent security
Mobile agent security has two aspects: Protecting the host machine Protecting the mobile agent Mobile agents and hosts are vulnerable to a number of threats Agent to host threats Agent to agent threats Host to agent threats
Chapter 11
15
Agent Technology for e-Commerce
Agent to host threats
Masquerade Unauthorized access Tampering Denial of service
Chapter 11
16
Agent Technology for e-Commerce
Agent to agent
Masquerade Tampering Denial of service Repudiation
Chapter 11
17
Agent Technology for e-Commerce
Host to agent
Masquerade Tampering Eavesdropping and traffic analysis Denial of service
Chapter 11
18
Agent Technology for e-Commerce
Security services
Authentication User Host Agent Code Access control Integrity Confidentiality Nonrepudiation Auditing
Chapter 11
19
Agent Technology for e-Commerce
Protecting the host
A number of approaches have been suggested: Safe code interpretation: use of an interpreted language Authentication: digital signatures Authorization: entities can be granted capabilities or access rights Resource allocation: various mechanisms for resource allocation, including market mechanisms Maintaining path histories in order to be able to check the origin of mobile agents
Chapter 11
20
Agent Technology for e-Commerce
Protecting the mobile agent
Fortress model: agents execute in a safe environment where no untrusted hosts are allowed – compromises the advantages of mobile agents Sealing and signing intermediate results to prevent tampering Using shared secrets and interlocking The agent’s execution and behaviour is recorded (Execution tracing) Executable encrypted functions can prevent tampering
Chapter 11
21
Agent Technology for e-Commerce
Issues on mobile agents
Technical issues Current mobile agents do not bring about significant benefits As they are written in interpreted languages, they are slow Starting an execution environment and inserting an agent involves an overhead – thus higher loads in transporting and executing them locally To recover from failure during migration additional support is required Appropriate naming and location services are required Security Lack of standardization
Chapter 11
22
Agent Technology for e-Commerce
Nontechnical issues Lack of a killer application The advantages of mobile agents are modest when applications are considered in isolation Potential applications Electronic marketplaces Mobile devices such as mobile phones and PDAs
Chapter 11
23