SIF8072 Distributed Artificial Intelligence and Intelligent Agents - PowerPoint PPT Presentation

Loading...

PPT – SIF8072 Distributed Artificial Intelligence and Intelligent Agents PowerPoint presentation | free to download - id: 12420f-MjM0Y



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

SIF8072 Distributed Artificial Intelligence and Intelligent Agents

Description:

Typology 2. Autonomous Mobile Agents ... Typology 4. Active-mail Agents. The idea here is to 'piggy-back' agent programs onto mail. ... – PowerPoint PPT presentation

Number of Views:90
Avg rating:3.0/5.0
Slides: 45
Provided by: sap1
Learn more at: http://www.iro.umontreal.ca
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: SIF8072 Distributed Artificial Intelligence and Intelligent Agents


1
SIF8072 Distributed Artificial
IntelligenceandIntelligent Agents
Lecture 8 Mobile Agents
  • http//www.idi.ntnu.no/agent/
  • 6 March 2003

Lecturer Sobah Abbas Petersen Email
sap_at_idi.ntnu.no
2
Lecture Outline
  • What are mobile agents?
  • Remote Procedure Calls vs. mobile agents
  • Security
  • Threats, security of host, security of agent
  • Typology of mobile agents
  • Implementation of mobile agents
  • Telescript
  • TCL/TK

3
References - Curriculum
  • Wooldridge Introduction to MAS,
  • Chapter 10, Section 10.4
  • Not in curriculum
  • White, J. E., Mobile Agents, in Bradshaw, J.
    (ed.), Software Agents, MIT Press, Cambridge, MA,
    1997, p. 437-472.
  • D. M. Chess, C. G. Harrison, A. Kershenbaum.
    Mobile Agents Are they a good idea? Research
    Report, IBM Research Division, T. J. Watson
    Research Center, 1995, 21 pages.

4
What are Mobile Agents
  • Agents that are capable of transmitting
    themselves their programs and their state
    across a computer network, and recommencing
    execution at a remote site.
  • The program chooses when and where to migrate.
  • It can suspend its execution at an arbitrary
    point, transport itself to another machine and
    resume execution.
  • Moving programs while they run!

5
Current Approach - Remote Procedure Calls
  • Enables one computer to call procedures in
    another.
  • The two computers agree in advance upon a
    protocol
  • The effects of each remotely accessible procedure
    and the types of its arguments and results.
  • Each interaction entails two acts of
    communication - request acknowledge
  • ongoing interaction requires ongoing
    communication!
  • e.g. From a file server, delete all files that
    are atleast two months old. RPC n files gt
    2(n1) messages

6
New Approach -Remote Programming
Local procedure Call
Service
Agent Client
Client
Network
Server
PC
  • One computer not only calls procedures on another
    computer, but also provides the procedures.
  • Each message contains the procedure its
    arguments.
  • The two computers agree in advance upon a
    language
  • instructions and the types of data that are
    allowed.
  • A user computer and a server can interact without
    using the network once the agent is transported
  • ongoing interaction does not require ongoing
    communication!

7
Advantages of RP over RPC
  • Tactical
  • Performance - due to less message passing over
    the network.
  • Less connection time - need network connection to
    transport the agent.
  • Computer delegates a task to the agent.
  • Strategic
  • Customisation - agents let manufacturers of user
    s/w extend the functionalities of the server s/w.
  • In a RPC application, the server component needs
    to be statically installed by the user. In RP,
    they are dynamically installed by the application
    itself - each is an agent.
  • New RPC-based applications - business decisions
    by the provider. New RP-based applications -
    buying decision by the user.
  • A public network becomes like a platform.

8
Why Mobile Agents
  • Mobile agent procedure its state.
  • Efficient use of network resources.
  • Low-bandwidth networks.

9
Basic Mobile Agent Environment
  • A mobile agent environment is a software system
    which is distributed over a network of
    heterogeneous computers.
  • Its primary task is to provide an environment in
    which mobile agents can execute.
  • It implements the majority of models which appear
    in the mobile agent definition.

10
What is security
  • If I take a letter, lock it in a safe, hide the
    safe somewhere in New York, then tell you to read
    the letter, thats not security. Thats
    obscurity. On the other hand, if I take the
    letter and lock it in a safe and then give you
    the safe along with the design specifications of
    the safe and a hundred identical safes with their
    combinations so that you and the worlds best
    safecrackers can study the locking mechanisms
    and you still cant open the safe and read the
    letter thats security.

11
Security Model
  • General security requirements
  • Secrecy
  • requires that the information in a computer
    system be accessible for reading by authorised
    parties only.
  • Integrity
  • requires that the computer system assets can be
    modified by authorised parties only.
  • Availability
  • requires that the computer system assets be
    available to authorised parties.

12
Types of Threats 1
  • Interruption an asset of the system is destroyed
    (threat of availability).
  • Interception unauthorised party gains access to
    an asset (threat of secrecy)

13
Types of Threats 2
  • Modification unauthorised party tampers with an
    asset (threat of integrity)
  • Fabrication unauthorised party inserts
    counterfeit object into the system (threat of
    integrity)

14
Assets in a Computer System
15
Design Principles for Security
  • Least privilege (need-to-know) only the
    smallest set of privileges to complete the job
    the access rights should be acquired by explicit
    permission only.
  • Economy of mechanism- security mechanisms should
    be as small as possible an integral part of the
    design.
  • Acceptability - security mechanisms should not
    interfere unduly with the work of the users.
  • Complete mediation every access must be checked
    against the access control information.
  • Open design mechanisms can be reviewed by many
    experts, and users must have high confidence in
    them.

16
Main Intruders
  • Hackers
  • Viruses
  • Fraudulent users
  • Incompetent users
  • Technology by itself cannot solve the security
    problem.
  • Technology for security must be complemented by
    an awareness of security issues and disciplined
    application of techniques.

17
What does security do? 1
  • Security systems attempt to get you reliable
    answers to the following types of questions
  • Who is accessing our information system?
    (Identification)
  • Can I be sure who made the request?
    (Verification)
  • Can I be sure that this message has not been
    modified since it was sent? (Integrity)
  • Is this user entitled to make use of this
    resource? (Access control)

18
What does security do? 2
  • Will this program cause damage or disruption?
    (Viruses)
  • Can I safely send this message on a public
    network? (Privacy)
  • Can I be sure that this user will actually pay
    for the service s/he is requesting?
    (Nonrepudiation)
  • Can I be sure that this server will do what I
    want? (reputation)

19
Security in Using Agents 1
  • Some general issues in using agents
  • Delegation you are delegating to the agent some
    of your authority. This means that agents are
    doing things that you cannot always see.
  • Mobility they may be doing it on the other side
    of the planet. Or, an agent from the other side
    of the planet may be doing it on your server.

20
Security in Using Agents 2
  • Some general issues in using agents, contd.
  • Viruses agents share many characteristics with
    viruses. In creating an environment for agents,
    there is the additional risk that we expose
    weaknesses that may enable viruses to breed.
  • Trust humans have classified their co-workers
    into those who are reliable and those who are not.

21
Mobile Agents and Viruses
  • Its impossible, in principle, to verify with
    complete certainty that an arbitrary program is
    not a virus.
  • In practice, the problem of writing a program
    that can verify the correct behaviour of another
    program is unsolved.
  • Its difficult to define the necessary and
    sufficient tests that an agent must pass in order
    to determine its intentions.
  • Some precautions
  • Restriction of access to critical resources.
  • Restriction on altering other programs.

22
Delegation
  • The purpose of an agent is to perform some tasks
    that would otherwise be performed by its user.
  • The agent may need many, if not all, of the
    access rights of the user.
  • In a security environment, this can be readily
    achieved by passing the copy of the users
    certificate to the agent.
  • In this regard, the agent is indistinguishable
    from any other applications employed by the user.
  • However, the certificates are valid for a finite
    period, defined by the security administrators.

23
Security for Hosts 1
  • Limiting delegation
  • Give the agent and the user separate identities
  • Secure co-processors have a physically separate
    processor on which the agent is run, execute the
    agent in a padded cell
  • Allow the agent to interact with the system
    environment only in a language with limited
    expressiveness (e.g. ACL)
  • Limiting resource consumption
  • Limit the amount of each resource that an agent
    is permitted to consume
  • Limit the amount of e.g. money and processor time
    an agent can access (e.g. Telescript)

24
Security for Hosts 2
  • Unix-like access rights on hosts.
  • Safe libraries for access to filestore, process
    space, etc.
  • Some agent languages allow security properties of
    an agent to be verified on receipt.
  • Host must handle crashed programs cleanly what
    do you tell an owner when their agent crashes?

25
Security for Agents 1
  • We need to protect mobile agents from malicious
    hosts because
  • Agents have a right to privacy!
  • We often do not want to send our programs, as to
    do so might enable the recepient to determine its
    purpose, and hence our intent.
  • The agent might be modified (sabotaged) in some
    way, without the owners knowledge or approval.

26
Security for Agents 2
  • Some possibilities for protection
  • Data integrity - an agent can be protected in
    transit by using conventional encryption
    techniques, (e.g. PGP).
  • In order to ensure that an agent is not tampered
    with, it is possible to use digital watermarks.
  • Origin authentication certification.
  • Access itenary control restriction on visiting
    some environments.

27
Proposed Advantages of Mobile Agents
  • Efficiency mobile agents consume less network
    resources
  • Asynchronous autonomous interaction
  • Interaction with real-time entities
  • Support for heterogeneous environment
  • Support for electronic commerce
  • Convenient development paradigm

28
General Requirements to Mobile Agent Environments
  • Expressiveness as a programming language
  • Ability to execute remotely or to transport state
  • Support for agent communication language
  • Security support
  • Management support

29
Typology of Mobile Agents 1
  • Mobile agents can be divided into atleat 3 types
  • Autonomous
  • On-demand
  • Active-mail type

30
Typology 2Autonomous Mobile Agents
  • Autonomous mobile means that the agents are able
    to decide for themselves where to go, when and
    what to do when they get there (subject to
    certain resource constraints, e.g. how much
    emoney they can spend).
  • Such agents are generally programmed in a special
    language that provides a go instruction (e.g.
    Telescript).

31
Typology 3On-demand Mobility
  • The idea here is that a host is only required to
    execute an agent when it explicitly demands the
    agent.
  • The best known example of such functionality is
    that provided by the JAVA language, as embedded
    within HTML.
  • A user with a JAVA-compatible browser can request
    HTML pages that contain applets.
  • These applets are downloaded along with all other
    images, text, forms, etc. and once downloaded,
    are executed on the users machine.

32
Typology 4Active-mail Agents
  • The idea here is to piggy-back agent programs
    onto mail.
  • The best known example of this work is the mime
    extension to email.

33
Mobile Agent Implementation
  • Java
  • Contains no mobile agents. Its simply an
    enabling technology for mobile agents. Most
    important are Remote Method Invocation and Object
    Serialisation.
  • e.g. Aglets
  • Telescript
  • Language-based environment for constructing MAS.
  • Tcl/TK and other scripting languages

34
Telescript 1
  • Telescript was a language-based environment for
    constructing mobile agent systems.
  • 2 key concepts agents and places.
  • Telescript Technology is focussed towards an
    electronic marketplace, where agents are the
    providers and consumers of goods in the
    electronic market place.
  • Agents are mobile they are able to move from
    one place to another, in which case their program
    and state are encided and transmitted across the
    network to another place, where execution
    recommences.

35
Telescript 2 - Concepts
  • Implements the concepts places, agents, travel,
    go, meeting, connections, authorities and
    permits.
  • The network is a collection of places. The
    application consists of agents, each occupying a
    place.
  • Agents can travel from one place to another to
    have a meeting with another agents.

36
Telescript 3 - Concepts
Shopping agent
Network
Tickets
Directory
Florist
PC
Shopping Centre
  • Places Shopping centre, with a Directory
    service, a ticket office and a florist.
  • Agents Agents reside in Places and can move from
    one place to another. e.g. The shopping agent can
    go to the florist.
  • Travel Lets an agent obtain a service offered
    remotely and return to its starting place.

37
Telescript 4 - Concepts
  • Travel is achieved by executing go.
  • Go requires a ticket - specifies the agents
    destination and the terms of the trip.
  • Meetings let agents in the same computer call one
    anothers procedures.

38
Telescript 5 - Concepts
  • Connections let two agents on different computers
    communicate.
  • A connection requires a target - specifies the
    distance agent and the terms of the connection.
  • One agent or place can discern the authority of
    another.

39
Telescript 6 - Concepts
  • Authority is associated with regions - verifies
    the authority when the agent travels from one
    region to another.
  • Permits grant capabilities. They let authorities
    limit what agents and places can do. 2 kinds
  • Grant the right to execute a certain instruction.
    e.g. create another agent.
  • Grant the right to use a certain resource in a
    certain amount - allowance.

40
Tcl/TK and Scripting Languages 1
  • TCL was primarily intended as a standard command
    language. But every time a new application is
    developed, a new command language must be as
    well. TCL provides the facilities to easily
    implement your own command language.
  • It provides facilities for making GUI features
    such as buttons, labels, text and graphic
    windows.
  • It provides powerful facilities for interprocess
    communication, via the exchange of Tcl scripts.

41
Tcl/TK 2
  • TCL is an interpreted language.
  • It is extendable it provides a core set of
    primitives implemented in C/C and allows the
    user to build on these, as required.
  • It can be embedded the interpreter itself is
    available as C code, which can be embedded in
    an application, and can itself be extended.

42
Tcl/TK 2
  • So, where does the idea of an agent come in?
  • Its easy to build operations where Tcl scripts
    are exchanged across a network, and executed on
    remote machines.
  • A key issue is safety. You dont want to provide
    someone elses script with the full access rights
    to your computer that an ordinary scripting
    language provides.
  • Safe TCL provides mechanisms for limiting the
    access provided to a script.
  • It was not intended as an agent programming
    environment.

43
Summary
  • Efficient use of bandwidth!
  • Main issue is that of security, both for the host
    and the mobile agent.
  • Mobile agents can be implemented in Java, agent
    programming environment (e.g. Telescript) and
    some scripting languages (e.g. Tcl/TK).

44
Next LectureAgent Architectures
  • Wooldridge Introduction to MAS,
  • Chapters 4 and 5
About PowerShow.com