250 likes | 376 Views
Secure Dynamic Reconfiguration of Scalable Systems with Mobile Agents. Fabio Kon, Binny Gill, Manish Anand, Roy Campbell, and M. Dennis Mickunas {f-kon,roy}@cs.uiuc.edu Department of Computer Science University of Illinois at Urbana-Champaign http://choices.cs.uiuc.edu/2K. Introduction.
E N D
Secure Dynamic Reconfiguration of Scalable Systems with Mobile Agents Fabio Kon, Binny Gill, Manish Anand, Roy Campbell, and M. Dennis Mickunas {f-kon,roy}@cs.uiuc.edu Department of Computer Science University of Illinois at Urbana-Champaign http://choices.cs.uiuc.edu/2K
Introduction Network-Centric Operating System: • Facilitate management in modern computing environments • Heterogeneity: embedded sys., PDAs, laptops, workstations • Dynamism: rapid software evolution, mobile users & computers • GOAL: • Facilitate management by building a middleware-level operating system on top of this heterogeneous world
2K Research • Automatic Configuration • based on component prerequisites • Dynamic Reconfiguration • based on component configurators • QoS-aware Resource Management • Security Service • User Environment Service • Data Management Service • Mobile Reconfiguration Agents
Motivation • Scope of Internet services is expanding: • e-commerce, banking, news, distance learning, medical applications, active spaces. • Basic requirements: • Scalability • Availability • Software evolution brings an additional requirement: • Dynamic Reconfiguration
Dynamic Reconfiguration • Dynamic Reconfiguration is required for 1. changing system parameters at runtime 2. replacing components at runtime: • fixing bugs • updating functionality • adaptation to changes in the environment • Challenge: integrate 3 conflicting requirements (scalability, availability, and dynamic reconfiguration) • Solution: mobile reconfiguration agents
Our Approach • 2K services and applications are built on top of the CORBA standard middleware. • But, traditional CORBA was not very flexible. • We created dynamicTAO, a reflective CORBA ORB that supports: • inspection of dynamic software architecture • dynamic reconfiguration of software architecture
dynamicTAO • reflective capabilities can be used to • reconfigure the ORB internals, • reconfigure applications that run on top of the ORB. • Our infrastructure for mobile reconfiguration agents is implemented inside dynamicTAO. • So, it is available to any 2K service and application.
Mobile Agents • A mobile agent visits a collection of ORBs. • In each ORB along its path, it can • install new components on the disk, • dynamically link new components, • inspect the state and configuration of the ORB and the applications on top of it, • reconfigure ORBs and applications.
A Flexible Framework • Different NetworkBrokers support different agent flavors. For example: • simple, lightweight, script-based agents (carrying data and DCP commands only). • powerful, heavyweight, Java-based agents (carrying data, bytecode, and dynamic state, taking autonomous decisions). • Simple agents are suitable for PDAs, embedded systems.
Reconfiguration with Mobile Agents • SysAdmins use a GUI to build agents for • reconfiguration • inspection • GUI is used to 1. Build distribution graph 2. Select reconfiguration and inspection commands 3. Visualize results.
Security • SecureAgentBroker uses the GSS-API and supports Role-Based Access Control. • Agents are signed and transmitted via secure connections, using encryption. • RBAC is used in each ORB to decide which commands each agent is allowed to perform.
Experimental Results • Testbed: • Three Ultra Sparcs, Solaris 7 @cs.uiuc.edu • Three 333MHz PCs, Linux RH6.1 @escet.urjc.es • Three 300MHz PCs, Linux RH6.1 @ic.unicamp.br • 100Mbps Fast Ethernet (intra-domain) • Public Internet (inter-domain)
Related Work • Our work was influenced by previous research on: • mobile agent infrastructures • dynamic reconfiguration of distributed systems • object-oriented frameworks • security • Our main contribution was to show how to combine all these results in an integrated architecture.
Future Work • Support for fault-tolerance: • fault-recovery when part of the reconfiguration process fails within a node • fault-recovery when the reconfiguration fails in part of the distributed system • New implementation of Java reconfiguration agents based on one of the existing infrastructures. • Deploying agents for reconfiguration of active spaces.
Conclusions • Mobile agents is an effective mechanism for reconfiguration of distributed systems, combining scalability and availability with dynamic reconfiguration. • A framework enabling different agent flavors is important for taking agents to devices with limited resources (e.g.PDAs).
How to contact us e-mail: {f-kon,roy}@cs.uiuc.edu 2K Web site: http://choices.cs.uiuc.edu/2K
Reconfiguration Agents • Code uploading example: upload_impl Connection UDPCon load_impl Connection UDPCon hook_impl >Connection Reflector UDPConnection • Reconfiguration example: configure_impl Reflector “MAX_NUM_CLIENTS=200”
Accessing the ORB Reconfiguration Interface 1. Local or remote code through IDL 2. Telnet 3. Java GUI 4. Reconfiguration Agents