1 / 69

Mobile Agent Programming in Ajanta

Mobile Agent Programming in Ajanta. Anand Tripathi Department of Computer Science University of Minnesota Minneapolis MN 55455 http://www.cs.umn.edu/Ajanta/ This work was supported by NSF grants ANIR 9813703 and EIA 9818338. Outline. Mobile Agent Paradigm

lyneth
Download Presentation

Mobile Agent Programming in Ajanta

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Mobile Agent Programming in Ajanta Anand Tripathi Department of Computer Science University of Minnesota Minneapolis MN 55455 http://www.cs.umn.edu/Ajanta/ This work was supported by NSF grants ANIR 9813703 and EIA 9818338 Anand Tripathi, University of Minnesota

  2. Outline • Mobile Agent Paradigm • Benefits, Obstacles, and Potential Applications • Evolution of the Mobile Agent Paradeigm • Ajanta Mobile Agent Programming System • Conclusions and Future Directions Anand Tripathi, University of Minnesota

  3. Contributors to Ajanta Project Neeran Karnik (currently with IBM New Delhi) Manish Vora (currently with Fore Systems) Tanvir Ahmed Ram Singh (currently with Cisco) Arvind Prakash (currently with Microsoft) Shremattie Jaman Anand Tripathi, University of Minnesota

  4. Aspects of Mobile Agent Research • Distributed System Research • Focus on system architectures and protocols for managing executions of mobile agent objects. • Security, fault tolerance, naming, yellow pages • Programming Languages Research • Code mobility, safety, programming constructs • Agent communication languages • Artificial Intelligence Research • Focus on intelligence, learning, and cooperation Anand Tripathi, University of Minnesota

  5. What is an agent? • An agent is a software component (object) which can perform one or more tasks in some predefined manner. • Properties of an agent: • Mobility • Autonomy • Deliberative vs. Reactive • Learning • Cooperation See: IEEE Spectrum April 1998 paper by Morreale Anand Tripathi, University of Minnesota

  6. Evolution Remote Procedure Call: parameters(data) Code resides at the server Client Server results (data) • Courier at Xerox PARC in 1980 • Sun RPC 1984 • DCE, CORBA late 1980’s Anand Tripathi, University of Minnesota

  7. Evolution … Process Migration • Process migration allows a partially executed process to be relocated to another node. • Execution state of the process is migrated. • Stack, memory, program counter, state of open files. • Mainly used for load balancing. • In the mid 1980s several mechanisms were investigated and supported in a local area network environments. • Locus (UCLA), Sprite (UC Berkeley), Condor (Wisconsin) Anand Tripathi, University of Minnesota

  8. Evolution … Object Migration • Object migration allows objects to be moved across address spaces at different nodes. • Requires mobility of object’s code and data. • Emerald supported object mobility under program control. (Univ. of Washington) (1986) • Chorus distributed system (1988) supported object mobility with autonomous control by the object. • Most of these system supported migration in a homogeneous system. Anand Tripathi, University of Minnesota

  9. Evolution ... Remote Programming and Code Mobility: procedure code + data Code transported to the server Server Client results (data) • Remote Evaluation model by Stamos and Gifford • (MIT) (1990). • Java Sun Microsystems (1995) allows code migration • across heterogeneous platforms. Anand Tripathi, University of Minnesota

  10. Mobile Agents A mobile agent is an object capable of autonomously migrating from one host to another in a distributed system to perform actions on behalf of its creator. Client Server 1 agent(code+data) Mobile Agent Server 2 Server 3 Anand Tripathi, University of Minnesota

  11. Mobile Agents A mobile agent is an object capable of autonomously migrating from one host to another in a distributed system to perform actions on behalf of its creator. Client Server 1 agent(code+data) Mobile Agent Server 2 Server 3 Anand Tripathi, University of Minnesota

  12. Potential Benefits and Capabilities • Concurrency • Reduced network usage (bandwidth + frequency) • No need to maintain client-server connection • Move processing closer to where needed • Client-server asynchrony • Disconnected operations • Installation of client-specific interfaces • Dynamic interface upgrades Anand Tripathi, University of Minnesota

  13. Examples of Potential Applications • User-level applications • Search and information filtering agents • Personal assistants • Middleware systems • Global file systems • Distributed collaboration and workflow systems • System level tasks • Network status monitoring and control • Intrusion detection • Software distribution, installation, upgrades Anand Tripathi, University of Minnesota

  14. Basic Requirements • A mobile agent system needs to support migration of a partially executed agent object from one node to another. • Code migration to the destination node • Agent state migration • There are two approaches to state migration • Strong mobility refers to transfer of system level execution state, such as execution stack, program counter, memory • Weak mobility refers to application level state transfer • IEEE TSE May’98 paper by Fugetta, Picco, Vigna Anand Tripathi, University of Minnesota

  15. Obstacles -- Security Issues • Protection of host resources • Unauthorized access to host resources • files, processes, system programs • privacy concerns • Damage to resources • Denial of service attack • ‘annoyance’ attacks • Privacy & integrity of agent data • Passive & active attacks • Beyond applet security model Anand Tripathi, University of Minnesota

  16. Obstacles -- Robustness Issues • Fault Tolerance Issues • Exceptions during agent’s remote execution • Unavailability of server • Loss of an agent during migration • Status Monitoring and Control • Support to monitor an agent’s status • Support to recall or terminate an agent Anand Tripathi, University of Minnesota

  17. Obstacles - Programming Support • Programming model and APIs • Programming infrastructure and services • Naming scheme for servers, agents, resources • Agent transfer protocol • Inter-agent communication protocol • Debugging facilities Anand Tripathi, University of Minnesota

  18. Mobile Agent Systems - Approaches Mobile Agent Systems Languages Middleware Systems Telescript Oblique OO Language Based Script Language Based Java based Tcl, Python, Perl Anand Tripathi, University of Minnesota

  19. Agent Programming Systems • Telescript - A language developed by General Magic in the early 1990s. • OO language for programming mobile agents. • Designed with security requirements. • It was used for email • It was used in Sony’s Magic Link personal digital assistant linking to messaging and email services of AT&T and AOL • Now discontinued in favor of Odyssey. Anand Tripathi, University of Minnesota

  20. Agent Programming Systems • Tacoma - Tcl based system developed at Cornell and Tromso University (1994-95) • Agent Tcl - Tcl based system developed at Dartmouth College. (1994-95) D’Agents • Aglets - Java based system from IBM. (1996) • Concordia - Java based system from Mitsubishi Research. (1997) • Voyager - Java based system from ObjectSpace • Odyssey - Java based system from General Magic See http://www.informatik.uni-stutgart.de/pvr/projekte/mole/mal/mal.html Anand Tripathi, University of Minnesota

  21. Ajanta Mobile Agent System • Ajanta System Architecture • Agent Programming Primitives • Agent Server Architecture and Security • Agent Protection • Patterns for Agent Migration • Agent-Based Applications • Conclusions and Future Directions Anand Tripathi, University of Minnesota

  22. Ajanta System Architecture A mobile agent in Ajanta is a Java object • Infrastructure for agent-based applications • The baseAgent and AgentServer classes • Infrastructure for hosting agents • Applications extend the generic agent server to define • Name service • Location information and public-key distribution • Based on Uniform Resource Naming (URN) framework Anand Tripathi, University of Minnesota

  23. Mobile Agents in Ajanta Object Object byte array serialize deserialize Host-A Host-B n e t w o r k • state mobility using Java object serialization • code mobility based on “on-demand” class loading • Agent transfer is lightweight (no code or thread state transfer) weak mobility • execution context - control flow by method chaining Anand Tripathi, University of Minnesota

  24. Agent Programming Support • BaseAgentclass defines basic functionality for creating and launching an agent. • Agent execution model • arriveanddepartmethods defineentryandexit protocols at a host. • ItinAgentclass defines itinerary based agents • Migration patternsfor itinerary composition • Exception handling byguardians. Anand Tripathi, University of Minnesota

  25. Defining an Application Agent • An application specific agent is defined by inheriting from Ajanta’s base Agent class. • The base Agent class has empty definitions for run, arrive, and depart methods. • Application specific agent class must suitably redefine these methods. Anand Tripathi, University of Minnesota

  26. Agent Credentials • Credentials object includes: • agent name (its own identity, in URN format) • owner (URN of the human user it represents) • creator (program/application that created it) • guardian (its “home site”/exception handler) • code base(class bytecode server) • owner’s signature on the above Anand Tripathi, University of Minnesota

  27. Agent Migration Request go(destination,methodName, parameter description) • If no method is specified, by defaultrun methodis executed at the destination server. • Absolute vs Relative migration (co-location with other agents/resources) Anand Tripathi, University of Minnesota

  28. Agent Execution at a Server When an agent arrives at a server: • Its credentials are verified. • A thread is created for its execution. • This thread first executes the arrive method of the agent. • It then executes the requested method. • Finally it executes the depart method. Anand Tripathi, University of Minnesota

  29. Exception Handling -- Guardian Agent Server Agent Creator Agent launch Agent Code Base Server Exception Agent transfer on exception Agent Agent colocates with the Guardian’s and calls its Report method Guardian Anand Tripathi, University of Minnesota

  30. Protection of Server Resources • Agents should be granted controlled access to host resources based on their credentials. • Access to files, network, application resources • Agents should be prevented from bringing impostor code for security sensitive classes. • Agents should be prevented from transferring a resource to a remote site. Anand Tripathi, University of Minnesota

  31. Protection of Server Resources • Based on JDK 1.1 security model • Protection domains for agents • Thread groups in Java • Using the thread-group ID to identify the agent • The Domain Registry • Class loading in Java [Lindholm & Yellin 1996] • Class loader-based namespace isolation • One class loader per agent (domain) • On-demand, secure code transfer Anand Tripathi, University of Minnesota

  32. Code M3 M1 M2 Agent and Server - Interactions AGENT Itinerary current AGENT SERVER State Resource Unprotected Data AppendOnly Data Targeted Data ReadOnly Data Proxy1 Proxy2 Credentials AccessProtocol host Agent Environment RMI ServerInterface ResourceRegistry DomainRegistry AgentTransfer ATP Anand Tripathi, University of Minnesota

  33. Proxy Based Resource Access • Agents aren’t given references to resource objects • Proxy interposition [Shapiro 1986] • Proxy as identity-based capability [Gong 1989] • access control • dynamic revocation • usage metering • Assumption: agent server is not malicious Agent1 Proxy1 Resource Agent2 Proxy2 Anand Tripathi, University of Minnesota

  34. Resource binding protocol Resource Agent Proxy2 Proxy1 6 AccessProtocol 1 4 5 2 Agent Environment 3 Resource Registry Domain Registry Server Interface Agent Transfer 1.Resource registers its URN2. Agent requests a resource3. Server locates resource in registry 4. getProxy method is invoked5. New proxy object is returned to agent6. Agent accesses resource via proxy Anand Tripathi, University of Minnesota

  35. Security against potential attacks • Indirect access to the embedded resource: prevented using Java encapsulation (private). • Copying of embedded resource via serialization: prevented using Java’s transient keyword. • Use of proxy class that compromises embedded resource: Ajanta class loader only loads trusted proxy classes. • Typecasting of proxy: not possible, since proxy class has no ancestors (other than the base Java class Object). • Cloning of proxy: not allowed, since proxy class does not implement Cloneable interface. Anand Tripathi, University of Minnesota

  36. Inter-agent Communication • Inter-agent communication for co-located agents: using proxy-based binding • Remote communication with agent using RMI: • leakage of sensitive data via remote invocation • proxy interposition between remote caller and agent • the createRMIProxy primitive • proxy screens (authenticates) incoming RMI calls • security manager screens outgoing connections Anand Tripathi, University of Minnesota

  37. Protection of Agent State • On the network: ATP uses encryption • Types of objects contained in an agent • read-only (constants) • append-only (logs, write-once data) • targeted (private, for specific servers) Anand Tripathi, University of Minnesota

  38. Agent Control Primitives • Remote agents can be terminated or recalled home: • public void terminate (URN agent,...); • public void recall (URN agent,...); • public void retract (URN agent,...); • Authentication necessary for these primitives • public Ticket authenticate (URN caller, int nonce); Anand Tripathi, University of Minnesota

  39. Agents and Itineraries An example of a simple itinerary next Host A, action M Host B, action M Current Host C, action M Host D, action M Host E, action M Host F, action M Anand Tripathi, University of Minnesota

  40. 4 2 3 1 Migrations Patterns An itinerary is a sequence of patterns. A pattern is a collection of patterns. (Recursive) ItinEntry - primitive pattern host, action Sequence of patterns: execute the patterns in a sequential order. Set of patterns: execute in any arbitrary order 3 1 4 3 Selection of one pattern among a set of patterns 1 Anand Tripathi, University of Minnesota

  41. Applications of mobile agents • A Calendar Management System • a ‘calendar server’ maintaining users’ calendars • agents for scheduling meetings using patterns: • Global File Access System • agent-based remote file access system • Web Index Search Service • built above the file access system. Agents are used for searching a user’s web-page directory. • Distributed Collaboration Anand Tripathi, University of Minnesota

  42. Distributed Calendar System • Each person in a group maintains a calendar and runs acalendar server. • Calendar is a collection of events, organized by days. • An event has:start time, duration, description • To schedule a meeting of a set of people, an agent is sent to check each participant’s calendar server with proposed meeting times. Anand Tripathi, University of Minnesota

  43. Calendar Agent and Servers Cal Server of User A Cal Server of User B Agent Agent Calendar Calendar Cal Server of User C Cal Server of User D Agent Agent Calendar Calendar Anand Tripathi, University of Minnesota

  44. Global File Access System Agent Migration Client User A’s File Access Server Files with ACL Agent to fetch/deposit files Files with ACL Files with ACL User A’s File Access Server User A’s File Access Server Anand Tripathi, University of Minnesota

  45. Global File Access System • File load, store, transfer, ‘stat’, keyword search • Interface primitives: • fetchFile (URN fileName); • transferFile (URN fileName, URL dest); • depositFile (byte[] data, URN fileName); • getFileStat (URN fileName); • search (String keywords); • ‘root’ directory, and access control list Anand Tripathi, University of Minnesota

  46. Web Index Search Service • A user can run a Web-Index Server for his/her web directory. • This server stores an index for the user’s web directory. • This index is prepared using Glimpse, an indexing and search tool from the University of Arizona. • A client can send an agent to one or more web-index servers to search for files containing some given set of words. Anand Tripathi, University of Minnesota

  47. Agent Based Web Search Server Client Launch Agent Browser View Processing Results File Server Thread Search/Filter Glimpse index of the .www Anand Tripathi, University of Minnesota

  48. Global File System • Requirements - open, read and write a remote file - support for different consistency model (AFS, Sprite, NFS etc) - dynamically configurable cache module (block size, cache size etc) - centralized as well as distributed caching policy Anand Tripathi, University of Minnesota

  49. 1 2 getProxy 3 5 6 Data and Control channel Agent Transfer 4 File System Initialization and Open Command Client Agent Environment File Server open Agent AjfsFile File Server Agent File Client Agent File Client Agent Anand Tripathi, University of Minnesota

  50. Agent-based Distributed Collaboration • Agent can be used as workflow objects. • Agents can be installed or transported to different user’s nodes for executing coordination protocols. • Specify workflow constraints for a dynamic collaboration • Role based access-control Anand Tripathi, University of Minnesota

More Related