Uniform Resource Name (URN) In Ajanta, A Mobile Object Environment

1. Uniform Resource Name (URN) In Ajanta, A Mobile Object Environment Plan B Project Report By Tanvir Ahmed Advisor: Prof. Anand Tripathi

2. NR1 NR3 NR2 Ajanta Programming Environment Name registry Interaction Domain C Domain A Agent migration Name-registry Agent-server Domain B Agent

3. MOBILE OBJECT NAME • Requirements • Location independent • Global uniqueness and scope • Persistent • Maps to location (URL) or characteristics of an object • Name assignment can be delegated • Autonomy of name assignment and name-resolution

4. URN Syntax • <URN> ::= "urn:" <NID> ":" <NSS> • NID: Namespace Identifier • NSS: Namespace Specific String • Ajanta URN • urn:ans:umn.edu/tahmed/Resource • umn.edu = Creation Domain • tahmed = Naming Authority • Resource = A string name in this name-space

5. Functional Requirements • Query and Update calls • lookup(), bind(), rebind() • Fine and coarse grained APIs • Coarse: bind(), lookup() • Fine: getURL(), getVerifyKey() • Object type specific interfaces • Agent: rebindAgentServer() • Client to Name-registry APIs, Name-registry to Name -registry system interfaces

6. Security Requirement • Client/Server Authentication • Authentication of application level names • Access control on Name Registry entries • Read: all • Write/Update: Specific Principals • Access control on name space • Create-Name: Specific Principals

7. Name Creation • Name-Registry Boots, administrator “Admin” • Admin = urn:ans:umn.edu/Admin • Name Registry = urn:ans:umn.edu • “Admin” adds user “Usr” • urn:ans:umn.edu/Usr • “Usr” registers an agent-server “AS” • urn:ans:umn.edu/Usr/AS • “AS” registers an agent “Ag” • urn:ans:umn.edu/Usr/AS/Ag

8. Access Control & Delegation(1) • ACL owners can add/delete ACL entries. • “Create Name” permission can create names under this name-space. • “Update” permission can modify an Entry.

9. Access Control & Delegation(2) • a. Agent Ag is registered by agent-server AS1 • b. Agent Ag migrates to Agent-server AS2 • c. Agent Ag migrates to Agent-server AS3

10. Access Control & Delegation(3) • Agent Ag, residing on agent-server AS3 • Ag creates a child agent C • Agent-Server AS3, binds C

11. NR AS 1. authenticate(Alice , Na) 2. Tkt={NR, SigNR(Na), Nnr} Alice 3. bind({Alice, SigA(Nnr)}, AS) Agent Server Name Registry Name Resolution: Update • Name-registry Administrator adds Alice’s URN and Public Keys • Alice registers Agent-Server AS

12. NREntry NR1 urn = NR1/AS1/Ag server URN = AS1 acl = { Owner =Ag, AS1; Update =Ag, AS1; Create-Name = Ag, AS1;} bind AS1 Ag Name Resolution: Update(2) • Agent Ag is created and registered by AS1

13. NR1 NR2 NREntry urn = NR1/AS1/Ag server URN = AS2 acl = { Owner =Ag, AS1; Update =Ag, AS1, AS2; Create-Name=Ag,AS1,AS2} Name-registry Agent-server Agent Name Resolution: Update(3) • Agent Ag migrates to AS2 rebindAgentServer AS1 Domain A AS2 Ag Domain B

14. NR2 NR3 NR1 NREntry urn = NR1/AS1/Ag server URN = AS3 acl = { Owner =Ag, AS1; Update =Ag, AS1, AS3; Create-Name=Ag,AS1,AS3} Name-registry Agent-server Agent Name Resolution: Update(4) • Agent Ag is migrates to AS3. Ag’s creation domain NR1 2.rebindAgentServer Domain A AS2 1.rebindAgentServer AS3 Domain B Ag Domain C

15. NR1 NR1 AS1 AS1 Valid entry present Cached entry present Entry not present Name Resolution: Lookup(1) • Agent-server AS1 lookups a valid entry “NR1/X” present in the local name-registry, NR1 BEFORE AFTER

16. NR2 NR2 NR1 AS1 Valid entry present Cached entry present Entry not present Name Resolution: Lookup(2) • Mobile Agent entries are not cached • AS1 lookups an agent “NR2/X/X/Ag” not present in NR1 BEFORE AFTER NR1 2.lookup 3.return 1.lookup 4 .return AS1

17. NR2 NR2 NR1 AS1 Valid entry present Cached entry present Entry not present Name Resolution: Lookup(3) • AS1 lookups an non-agent entry“NR2/X/AS2”, not present in NR1. After lookup the entry is cached. BEFORE AFTER NR1 2.lookup 3.return 1.lookup 4 .return AS1

18. NR2 NR2 NR1 AS1 Valid entry present Cached entry present Entry not present Name Resolution: Lookup(3) • AS1 lookups the cached non-agent entry in NR1. NR1 updated its cache. BEFORE AFTER NR1 3.lookup 4.return 1.lookup 2 .return AS1

19. Conclusion • What is done • Basic Client to Name-Registry APIs • Name-Registry to Name-Registry System Interfaces • Client/Server Authentication • Access-Control on Name-Registry Entries • Access-Control on Name-Space • Name Space Delegation • Administrative Utility to Add User and to Add Name-Registry

20. Conclusion • Possible Future Work • Introduce the concept of “Subscriber”. • Multiple (K > 1) Name-Registries to maintain a name. • Map the name-resolution task to Agent Paradigm. Sent an agent to a Name-Server to get service.