1 / 122

Agent Mobility: Performance, Security and a Case Study

Agent Mobility: Performance, Security and a Case Study. Bob Gray Dartmouth College Hanover, NH, USA robert.s.gray@dartmouth.edu. PAAM 2000 Manchester, England, April 10-12. Researchers. George Cybenko Thayer School of Engineering David Kotz Department of Computer Science

maille
Download Presentation

Agent Mobility: Performance, Security and a Case Study

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Agent Mobility: Performance, Security and a Case Study Bob Gray Dartmouth College Hanover, NH, USA robert.s.gray@dartmouth.edu PAAM 2000 Manchester, England, April 10-12

  2. Researchers • George Cybenko • Thayer School of Engineering • David Kotz • Department of Computer Science • Daniela Rus • Department of Computer Science Staff Programmers • Ron Peterson • Arne Grimstrup Acknowledgements Funders DARPA contract F30602-98-2-0107 ONR contract N00014-95-1-1204 DoD MURI (AFOSR contract F49620-97-1-03821) AFRL/Rome contract F30602-98-C-0006 PAAM'00

  3. D’Agents http://agent.cs.dartmouth.edu/ This tutorial http://agent.cs.dartmouth.edu/tutorials/ Other mobile-agent systems http://www.cetus-links.org/oo_mobile_agents.html Read More About It PAAM'00

  4. Why mobility? • Definition • Motivating Applications • Six reasons for mobility • Competing approaches • The “big picture” • Guidelines • Mobile-agent systems • Java-based systems • Other single-language systems • Multiple-language systems Roadmap PAAM'00

  5. Roadmap • D’Agents • Overview • Example: Writing a Tcl agent • Example: Writing a Java agent • Security • D’Agents security • Protecting a group of machines • Protecting an agent • The future of mobile agents PAAM'00

  6. Most general form of mobile code • Process that migrates under its own control in a heterogeneous network Search engine Machine A Machine B • Often, but not always, has “agent” characteristics • Autonomy, adaption, learning, … What is a Mobile Agent? PAAM'00

  7. Files Strong (data, code and control) Proxy references (“system” state) Files Weak (data and code only) No proxy references (no “system” state) Different Kinds of Mobility PAAM'00

  8. System Data Control Load- balancing Strong / Proxies Yes Yes Yes Strong / No proxies Yes Yes No D’Agents Weak / Proxies Yes No Yes Obliq Weak / No proxies Yes No No Tacoma Different Kinds of Mobility PAAM'00

  9. HQ Application: Soldiers in the Field Wired Network Wireless Network News Orders BGW Specs PAAM'00

  10. First name: Bob BGW Database Last name: Gray Weight: 140 5’8” Height: ... Phone Call Monitoring New phone calls Phone Call Database 4. Agent gets calls with right time/ region and uses name list to “score” them. 2. Agent gets names. A A 3. Agent jumps to phone machine. 1. Agent jumps to BGW machine with query. 5. Agent sends high-scoring calls back to analyst. PAAM'00

  11. Why Mobile Agents? Phone Call Database BGW Database Agent gets name list and starts phone-call query without interaction with the HQ machine. A A Only calls that pass the application-specific filter are sent to the HQ machine. PAAM'00

  12. Suspect Identification • Agent moves to soldier’s machine • Pictures • Code to “browse” the pictures • No interaction with HQ while browsing A proc showPictures {window} { … } PAAM'00

  13. Machine 1 Machine n Application: Technical Reports GUI on home machine ... 1. Send agent 2. Send child agents and collect partial results 3. Return merged and filtered results Dynamically selected proxy site PAAM'00

  14. Reasons for Mobile Agents • Reduce bandwidth usage • Reduce total completion time • Reduce latency • Continue when disconnected • Balance load • Dynamically deploy components PAAM'00

  15. Reason 1: Reduce Bandwidth Usage Dataset Merged and filtered data stream Dataset Dynamically selected proxy site Dataset PAAM'00

  16. Dataset Reason 1: Reduce Bandwidth Usage Proxy Server Dataset Proxy Server PAAM'00

  17. All results for a Tcl agent running in the D’Agents system. TR Application: Bandwidth Usage PAAM'00

  18. TR Application: Bandwidth Usage PAAM'00

  19. Reason 2: Reduce Total Time Dataset Dataset Dataset • Fact • Sending an agent avoids remote interaction. • Goal • Avoiding remote interaction leads to faster completion times. • Current Systems • Do not meet the goal in all network environments • Tradeoff: Local interaction vs. interpretive overhead PAAM'00

  20. TR Application: Total Time PAAM'00

  21. TR Application: Total Time Why? Tcl is slow. Transmitting documents over a 10 Mb/s link is faster than inspecting them with a Tcl agent. PAAM'00

  22. TR Application: Total Time PAAM'00

  23. Why? Migration overhead plus slow inter-agent communication. TR Application: Total Time PAAM'00

  24. 2 to 4 times smaller latency in trial runs 2. Move to better location Reason 3: Reduce Latency Sumatra chat server [RASS97] 1. Observe high average latency to clients PAAM'00

  25. Reason 4: Disconnected Operation Dataset Agent continues its task even if the link to its home machine goes down (temporarily). Dataset X Dynamically selected proxy site Dataset PAAM'00

  26. Machine A Agent moves to balance load Machine B Machine B Machine A Reason 5: Load Balancing PAAM'00

  27. Dataset Dataset Reason 6: Dynamic Deployment PAAM'00

  28. Invocation Dataset Client Server RPC Results Queued invocations Queued results Queued RPC Dataset Client Server 5 4 3 2 1 Traditional Techniques: RPC • No mobile code • Client constrained to server’s interface • All requests and results over client’s network link • No latency or bandwidth reduction • Blocked if link goes down PAAM'00

  29. Stored procedures REV Dataset Dataset Server Server Client Proc Client Proc 2. Send results (and maybe a server procedure) 1. Send procedure code and arguments to server - procedure called immediately 1. Send procedure code to server 3. Send results Serv Proc 2. Call procedure Client Client Stored Procedures and REV • Perfect if accessing one server • Difficulties if accessing more than one server • Procedures usually can not communicate with each other • Procedures usually can not send out their own procedures (e.g., no proxy) PAAM'00

  30. Servlets Applets Web Pages Web Pages Web Server Web Server Servlet 2. Receive page and “embedded” applet; execute applet 1. Request Web page 1. Send servlet 2. Get results Browser Browser Applet Applets and Servlets • Same limitations as stored procedures and REV … • But more attention to security PAAM'00

  31. TR without agents 1. Lot of work. Queued RPC Queued RPC ... Pre-installed application-specific proxy Higher-level database interface 2. Much less work, but now try to extend it. Client Code “Queued” REV “Queued” REV ... Client Code Client Code PAAM'00

  32. The Big Picture • Simple, unified framework for implementing many distributed applications • Application might require several traditional techniques. • Application might require “impossible” pre-installation. • Different applications require different traditional techniques. • Extending other techniques produces mobile-agent systems. • Agents move or stay still as their needs dictate. • Current systems • Performance advantages for some applications • Performance penalties for others PAAM'00

  33. Remote communication just as fast as RPC • No penalty for stationary agent • Just-in-time compilation and software fault isolation • Execution at near-native speeds • Code caching • Low migration overhead • Thus … • Mobile agents will do no worse than traditional implementations, and will often do better. • Service providers will see a load only a little bit higher than if they had provided the high-level operations themselves. Next-Generation Systems PAAM'00

  34. Guidelines • If pre-installing code is easy, no need for mobile agents. • Pre-installing must be difficult … • Unpredictable client needs? • Many and varied client needs? • Unpredictable service needs? • Unpredictable network environment? • … and efficiency must be important. • Bandwidth or latency • Total time • Load • Disconnections PAAM'00

  35. Guidelines (current systems) Primary Goal Recommendation Load balancing Do not use mobile agents Latency reduction • Network time dominates • Use mobile agents • CPU time dominates • Do not use mobile agents Bandwidth conservation Use mobile agents (but have agents decide if and when to move) Disconnection handling Use mobile agents Total-time reduction Application by application PAAM'00

  36. Roadmap • Why mobility? • Representative systems • Java-based systems • Other single-language systems • Multiple-language systems • D’Agents • Security • The future PAAM'00

  37. Java-based systems Aglets, Voyager, Jumping Beans Other single-language systems Messengers, Obliq, Telescript Multiple-language systems Ara, Tacoma, D’Agents Representative Systems PAAM'00

  38. 2.A contacts B and sends serialized code and state 3.B authenticates and restarts agent Agent Server Agent Server 1.Agent decides to move Machine A Machine B • Two general kinds of server • Single process • Every agent is a thread. • Multiple process • Every agent is a process. • Hybrid servers as well • D’Agents Same General Architecture PAAM'00

  39. Java Other languages Single language Multiple languages Strong mobility Weak mobility Imperative Functional or declarative VS. Interpreted Just-in-time (JIT) compilation and software fault isolation (SFI) Tight Web integration Stand-alone FIPA/OMG standards Unique protocols Differences and Similarities PAAM'00

  40. Portability Efficiency Compiled into bytecodes for a stack-based virtual machine Just-in-time (JIT) compilation Security manager Security Java bytecodes Bytecode verifier Class loader Runtime (VM) Why Java? PAAM'00

  41. IBM http://www.trl.ibm.co.jp/aglets/ Aglets • Java • Weak mobility • Event-driven programming model (dispatch, onDispatching, onArrival, …) • Persistent store • “Proxies” for location transparency • Machine protection PAAM'00

  42. Ad Astra Engineering http://www.JumpingBeans.com/ “Mini-server” Agency • Java • Weak mobility • Central server for tracking, managing and authenticating agents (but also failure point and bottleneck) • Persistent store • Machine protection Jump through central server Central Domain Server Agency Agency Jumping Beans PAAM'00

  43. ObjectSpace http://www.objectspace.com/products/ Voyager • Java • Built on top of CORBA • Weak mobility • Persistent store • Federated directory service and group communication (multicast) • Machine protection PAAM'00

  44. Why not Java? • Limited per-thread resource accounting (or enforcement) • No strong mobility • Support for multiple languages? • Inefficient on top of Java VM PAAM'00

  45. University of Geneva http://cuiwww.unige.ch/tios/msgr/home.html Messengers • MØ (similar to Postscript) • Weak mobility • Intended for low-level services, e.g., in the Messenger Operating System (MOS) • Bulletin boards for data exchange and service listings • Limited security, but work on fine-grained resource control in progress PAAM'00

  46. DEC Research (Compaq) http://www.luca.demon.co.uk/Obliq/Obliq.htm Obliq • Obliq (interpreted, lexically scoped, object-oriented) • Weak mobility • Full proxy references • Visual Obliq • Limited security (access checks in Visual Obliq) PAAM'00

  47. General Magic http://www.genmagic.com/ Telescript • Telescript (OO language similar to Java and C++) • Strong mobility • Telescript is compiled into bytecodes for a RISC virtual machine • Persistent store • Machine protection • No longer available PAAM'00

  48. Why not a single language? • Many applications for mobile agents • No one language is good for all of them. PAAM'00

  49. http://www.uni-kl.de/AG-Nehmer/Projekte/Ara/ Ara • C/C++, Tcl and Java • Strong mobility • C/C++ compiled into bytecodes for RISC virtual machine • Server plus all agents inside one Unix process • Machine protection PAAM'00

  50. Tacoma University of Tromsø / Cornell University http://www.tacoma.cs.uit.no/ • C, Tcl/Tk, Scheme, Python, Perl (public release), several more internally • Weak mobility • Single, simple abstraction: meet • Easy to add a new language • Less opportunity for optimization • Machine protection PAAM'00

More Related