1 / 35

Trust Negotiation and Service Level Agreements

Shamima Paurobally University of Westminster, U.K. paurobs@wmin.ac.uk. Trust Negotiation and Service Level Agreements. Dagstuhl Seminar – March 2009. EU FP6 Ontogrid Project. Ontogrid

gyala
Download Presentation

Trust Negotiation and Service Level Agreements

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Shamima Paurobally University of Westminster, U.K. paurobs@wmin.ac.uk Trust Negotiation and Service Level Agreements Dagstuhl Seminar – March 2009

  2. EU FP6 Ontogrid Project • Ontogrid • Ontogrid: Develop semantic grid services that enable software components to coordinate and negotiate to satisfy their overall goals • S. Paurobally, V. Tamma, and M. Wooldridge. (2007). A Framework for Web Service Negotiation. ACM Transactions on Autonomous and Adaptive Systems (TAAS) journal. Special Issue on the Agentlink perspective on autonomous and adaptive systems, 2(4), December 2007 • S. Paurobally, V. Tamma, M. Wooldridge, C. Van Aart, P. Van Hapert. (2007). Web Services Negotiation in an Insurance Grid. 6thInt. Joint Conference on Autonomous Agents and Multi-Agent Systems, Industrial Track, Hawai’i, USA. May 2007.

  3. Aim: SLA Negotiation for Resource/task Allocation • Automated Negotiation: Reconciliation between preferences and constraints through the negotiation of SLAs. • Optimal allocation of resources to grid users while assuring some specific quality of service for all Grid Services (=resources+constraints) TIME VO Formation Agreement on who will participate in VO, who will work with each other Virtual Organisations (=sets of services) Team formation Agreement on who does which task with which resource Teams (=subsets of VOs) Scheduling Agreement on how to dynamically coordinate

  4. Scenario 1: InsuranceGrid • Y’All B.V. and Boyd International, Netherlands • Traditional ways of handling claims in the insurance sector • Slow and costly because of inter-dependency between many parties • Every aspect of claim is dealt by a different department • Need for chain integration • Exchange large amount of data and maintain long term relationships • Human translation from one domain to another • Needs automation!

  5. The Insurance Grid Facts • DamageSecure looks after and controls all businesses involved in dealing with car damage claims for a number of insurance companies. • To enhance the quality and efficiency of the total damage claims handling process • Every year, ~100,000 damages are reported to DamageSecure • 40% repairs, 60% replacement • Automation could save 172Million Euros

  6. Repair Services Repair Grid Scenario Negotiation Customer i3 SLAs (dynamic) i1 i5 Contracts, Insurance policies i4 DamageSecure Long-term Contracts With repair services i2 Insurance Services Expert Services

  7. InsuranceGrid Contracts • Insurance companies • Repair companies • Contracts between insurance and repair companies • Contracts between customers and insurance companies • Insurance Companies • Policies • Damage reports • insured vehicles

  8. Adding SLA Negotiation • Advantages: • More efficient than the current manual settlement process • Provides a more healthy market for claim settlement • Repair prices will drop • Quality of repairs will increase because of open competition

  9. SLA template • Speech Act subject • Context • Job ID, sender, receiver • First offer?, Offer Number • Deadline for an auction in a call for bids • Name Issues List • IssuesList is a list of tuple issues {(name, value, isNegotiable),….} Example (EPR of provider, JobID YU7, {(price,£20,true), (response,20ms,false)}, bidNo 3, 1000ms)

  10. Elements for SLA Negotiation • Messages that can be exchanged (public) • Port-type of web service e.g. offer, bid, accept, cfp, propose, submit_bid • Negotiation protocols (public) • Sequence of invoking the methods e.g. provider cfp  consumer propose  provider accept  consumer inform • Preferences (private) • To decide what makes a good deal e.g. reserve prices • Decision strategies (private) • To evaluate and generate the content of the messages e.g. time dependent concession

  11. Implementation of WS-Negotiation • Prototypes implemented for: • Contract Net Protocol for task allocation • Bilateral bargaining protocol • English auction with timeouts for resource allocation • Deployed in Apache Axis and Tomcat (Version 1) • Reusable GT4 implementation (Version 2) • Integrated with OntoGrid architecture • Deployed in Car Repair Grid

  12. The Negotiation Service

  13. Preferences Ontology • Preferences capture a user’s profile • Preferences for each issue • Issue Name e.g. price • Preferred value e.g. A seller has a preferred value of £30 for price • Prefers High or Low e.g. A seller prefers high value for price and so will concede in a negotiation • Reserve value (maximum or minimum value) e.g. A seller has minimum value for price • Is Negotiable e.g. price is negotiable, colour of a car is non negotiable • Weight of issue (normalised) • If weight of price issue is 0.7 and #statements is 0.3, then price is more important • Utility (normalised) • e.g. how useful is £30 for price for a seller (could vary with time, resources)

  14. Decision Making Algorithms Business Logic of Bidder submit_bid(highest_bid) Bidder Factory Initialise bidder resource Get preferences of bidder from database Evaluate highest bid and generate counter_bid WS-DAIONT Get strategy of bidder Decision Strategies

  15. Implemented Decision Strategies • Truth-Telling • Decrement • Cost Endowment • Utility evaluation • Time dependent • Utility based generation • Opponent dependent Increasing complexity

  16. Simulation Set up • Parameters • Number of WS bidders • Strategies • Deadline • Preferences • Metrics • Utility of offers and agreement • Number of offers to reach an agreement • Time to reach an agreement

  17. Varying Strategies • Auction is better than CNP • Decrement is better than truth • Time is better than Decrement • Larger deadline better agreement • It is good to negotiate!

  18. Stability of Market

  19. Intermediate Conclusions • Negotiation allows to find an agreement • Have an idea of what other party prefers • 2nd, 3rd, 4th, … chances on bidding. • Obtain a better deal for both parties • Decidable since strategies are based on mathematical functions • Negotiation has a cost • Need preferences (whether utility or not) • Different algorithms have different costs • Could be more costly to have no negotiation (blind search for an agreement) • Fairness and Nash Equilibrium

  20. Two Strands of Future Work • WS-Agreement Negotiation • Trust Negotiation for Semantic Web Services

  21. Extension to Trust Negotiation

  22. Motivation • Widen the context of a negotiation • quality of one's prior experience with a negotiating partner can help or hinder future deal making • Inter-personal relationships affect negotiation and its outcomes (Pruitt, 1981), • Motivation to work with and understand others • Trust, respect, liking can play a positive role in team working, but also in the resolution of disagreements

  23. Trust Negotiation • Multiple dynamic services to satisfy SLA • VOs need to support various security requirements, credentials, usage and access policies • Complex policies for resource access • Trust becomes relevant • Difficulty of current systems to establish trust between strangers [Winsborough et. al. 2000] • Requires prior knowledge and agreement • Parties have sensitive information that they are reluctant to disclose until a level of trustworthiness is achieved

  24. Trust Negotiation • Goal is to find a sequence of credentials to access resource • Automates the process of iteratively establishing bilateral (mutual) trust based on the parties’ access control policies • Not one-shot authorisation and authentification • Client and server are treated equally • May not need trusted third party, except for issuing digital certificates

  25. Trust Negotiation Example Stock Exchange Bob User Alice Has: Broker ID credential Needs: SEC cert. Step 1: Alice requests a service from Bob Has: SEC cert. Needs: Broker ID credential Step 2: Bob discloses his policy for the service Step 3: Alice discloses her policy for her Broker ID Step 4: Bob discloses his SEC registration Step 5: Alice discloses her Broker ID credential Step 6: Bob grants access to the service Stock Exchange Scenario – Oslon, Winslet et al. 2006

  26. Risks of Current Approaches • Malicious agents: Gather as much information as possible without intending to send their own final credentials Alice Alice Bob Has: Broker ID credential Needs: SEC cert. Has: SEC cert. Needs: Broker ID credential Step 1: Alice requests a service from Bob Step 2: Bob discloses his policy for the service Step 3: Alice discloses her policy for her Broker ID Step 4: Bob discloses his SEC registration Malicious user Step 5: Alice discloses her Broker ID credential Alice: Does not respond, fake faulty communication. Or Alice: I am no longer interested in Bob’s service Alice has obtained Bob’s SEC … Step 6: Bob grants access to the service

  27. Bob Bob Alice Alice Step 1: Alice requests C1 Alice requests C1 Step 2: Bob requests C2 Bob requests C2 Alice requests C3 Step 3: Alice requests C3 Bob discloses C3 Step 4: Bob discloses C3 Alice requests C4 Step 5: Alice requests C4 Bob does not have C4, but has C5 Alice: instead of C3+C4. send C5+C6 Step 6: Bob discloses C4 Bob discloses C5, C6 Step 7: Bob requests C2 C3 disclosed unnecessarily! Step 8: Alice defaults out Sending Credentials during Interaction Problem 1: Alice has obtained C3 and C4 from Bob Bob has not obtained anything from Alice Problem 2: Nature of Negotiation: To search a space of possible agreements and convergence of preferences according to dynamic concessions. Here, sequence of messages is fixed, no bargaining, only one interaction path possible. Problem 3: Unnecessary credential disclosure in case of backtracking.

  28. Proposal: Negotiation of Credentials in SLA • Do not pass actual credentials during a negotiation • Negotiate about what credentials to send in/after SLA • Credentials only exchange at end of successful negotiation when a SLA agreement is reached • Reduces risks of exploitation and unnecessary credential disclosure • No sensitive credential is disclosed if negotiation unsuccessful.

  29. Assumptions about Negotiation Parties • We do not assume cooperation, parties are self-interested. • We do not assume prior trust established. • Service consumers: • Have digital certificates • Own preferences and constraints for resource access • Membership in VOs • Access resource asap • Service providers: • Enforce access policies for resource access • Own preferences and constraints for resource access • May want as much security and proof of trustworthiness as possible before granting access

  30. Credentials in the SLA <xsd:complexType name="CredentialListType"> <xsd:sequence> <xsd:complexType name="CredentialType"> <element name="class" type="xsd:string"/> <element name="sign" type="xsd:string"/> <element name="Cr" type="wsa:EndpointReferenceType"/> <element name="recipient" type="wsa:EndpointReferenceType"/> <element name="negotiable" type="xsd:boolean"/> <element name="VO_membership" type="wsa:EndpointReferenceType"/> <element name="validity_period" type="date"/> <element_name="private_key" type="String"/> <element_name="policy_details" type="URI"/> <element_name="any_other_details" type="any"/> </xsd:complexType> </xsd:sequence> </xsd:complexType> Negotiation Subject is: {Sender, NegotiationID, CredentialListType}

  31. Preliminary Findings • Evaluating Trustworthiness • Truth < Decrement < time-dependent < Experience • English auction achieves higher level of trustworthiness faster because of open competition • Experience strategy + English auction – full advantage of open competition • Trustworthiness achieved decreases with increase in difference between preferences • Again English auction performs better than bilateral negotiation • With more complex strategies such as time and experience, less difference in trustworthiness achieved • Time dependent strategy performs better than experience strategy for short deadlines

  32. Extension: An Ontology for SLA Trust Negotiation • To structure credentials and policies  infer satisfiable possible sequences of credentials • share information about credentials and their attributes • Encrypt those attributes that we do not want to disclose • Use rules to reason if policy attributes are satisfied • Need to know disclosure: ontology will determine that in a particular transaction, do not need to disclose certain credentials • Safeguard against phishing attacks “How to exploit ontologies in trust negotiation”. Leithead et al. [2004]

  33. Can Trust Negotiation Help SLAs? • Would we spend less resources protecting ourselves in a trusting society? • Generation • Selecting a service/provider according to trustworthiness • Reputation systems for service selections • Influence guarantee terms? • Standard guarantees but in addition the less you trust, the more guarantees you add • Monitoring • Would you monitor less frequently if you trusted the other party? • Enforcement • Less chance of violating SLAs since better service selection • Incentive to fulfil SLA since loss of reputation • SLA execution feedback into trust value

  34. Open Questions • Negotiate about whole credential or about values in a particular credential • Need more work on evaluation and generation of credentials • Did not consider inter-dependencies between credentials • Can we trust Grids?

  35. Thank YouQuestions?Is Anyone travelling via Merzig tomorrow?

More Related