1 / 23

Agent Technology for e-Commerce

Agent Technology for e-Commerce. Chapter 11: Mobile Agents Maria Fasli http://cswww.essex.ac.uk/staff/mfasli/ATe-Commerce.htm. Current approaches. Current approaches to distributed computing: The client-server model Code-on-demand Web services approach Advantages security Disadvantages

rmee
Download Presentation

Agent Technology for e-Commerce

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Agent Technology for e-Commerce Chapter 11: Mobile Agents Maria Fasli http://cswww.essex.ac.uk/staff/mfasli/ATe-Commerce.htm

  2. Current approaches Current approaches to distributed computing: • The client-server model • Code-on-demand • Web services approach • Advantages • security • Disadvantages • network traffic • latency • overloading of resources

  3. An alternative approach: mobile agents • An autonomous executing entity that has the ability to migrate from machine to machine in a heterogeneous network and resume its execution. They can: • reduce network traffic • overcome network latency • make better use of resources • execute asynchronously and autonomously • adapt dynamically • be robust and fault tolerant

  4. Infrastructure requirements To implement a mobile agent we need: • a suitable and transportable language in which the agent’s code will be written, • an engine or interpreter for that language, • communication protocols that allow engines on different machines to exchange agents. Agents Places Engine Host

  5. Sender host Receiver host Engine Engine Execution resumption Suspension Serialization Deserialization Encoding Decoding Dispatch Receipt Network Agent transfer Migration

  6. Modes of migration The statefull or strong mobility (go) model • An agent’s object state, code, and control state are captured. Execution is allowed to continue from the exact point at which it was stopped. • More convenient for the end programmer, but more work for the system developer. Routines to capture state control are required on top of the interpreters. The stateless or weak mobility (known entry point) model • The agent’s object state and code is captured. The execution in the new machine is continued from a known entry point. • Commercial Java-based systems use the entry point.

  7. Mobile agent systems Non-Java mobile agent systems • Telescript • Agent Tcl • D’Agents • Ara • TACOMA Java-based mobile agent systems • Aglets • Concordia • NOMADS

  8. Aglets • Implemented at the IBM Tokyo Research Laboratory. http://www.trl.ibm.co.jp/aglets/index.html • Aglets do not capture an agent’s control state during migration. That would require modifications to the standard Java virtual machine. Instead agent execution is restarted from a known entry point

  9. Basic concepts • Aglet: a mobile Java object that visits aglet-enabled hosts in a network. • Proxy: it is a representative of an aglet. It serves as a shield to protect the aglet from direct access to its public methods. • Context: an aglet’s workplace. It corresponds to a place. Multiple contexts may reside on the same machine. • Identifier: a unique identifier is assigned to each aglet after initialisation.

  10. Fundamental Aglet operations • Creation • Cloning • Dispatching • Retraction • Activation and Deactivation • Disposal

  11. Programming model • The Aglet programming model is event-based • Customised listeners can be used to catch particular events in the life cycle of an aglet: • Clone listener (clone creation) • Mobility listener (dispatching, retraction, arrival) • Persistence listener (deactivation, activation)

  12. General process • A mobile agent that wants to migrate calls the dispatch method • The Aglets system calls the agent’s onDispatching method which performs application specific cleanup, kills the agent’s threads, serialises the agent’s code and object state, and sends the agent’s code and object state to the new machine • On the new machine the system calls the agents onArrival method which performs application specific initialisation • Finally the agent’s run method is called in order to start the agent’s execution

  13. Communication • Communication between aglets • When an aglet wants to communicate with other aglets, it first has to obtain a proxy • Public methods cannot be accessed directly • Three different types of messages: now-type, future-type, oneway-types • Communication between engines • The ATP is used in the communication layer • The API abstracts the communication between agent systems • Methods for creating, transferring, tracking and managing agents

  14. Security model • The first level of security comes from Java itself. Imported code fragments are subjected into a series of tests and consistency tests • As the second level the Tahiti (the visual agent manager) implements a configurable security manager that provides a fairly high degree of security for the hosting computer and its owner and it enables a number of principals to specify and enforce policies

  15. Mobile agent security Mobile agent security has two aspects: • Protecting the host machine • Protecting the mobile agent Mobile agents and hosts are vulnerable to a number of threats • Agent to host threats • Agent to agent threats • Host to agent threats

  16. Agent to host threats • Masquerade • Unauthorized access • Tampering • Denial of service

  17. Agent to agent • Masquerade • Tampering • Denial of service • Repudiation

  18. Host to agent • Masquerade • Tampering • Eavesdropping and traffic analysis • Denial of service

  19. Security services • Authentication • User • Host • Agent • Code • Access control • Integrity • Confidentiality • Nonrepudiation • Auditing

  20. Protecting the host A number of approaches have been suggested: • Safe code interpretation: use of an interpreted language • Authentication: digital signatures • Authorization: entities can be granted capabilities or access rights • Resource allocation: various mechanisms for resource allocation, including market mechanisms • Maintaining path histories in order to be able to check the origin of mobile agents

  21. Protecting the mobile agent • Fortress model: agents execute in a safe environment where no untrusted hosts are allowed – compromises the advantages of mobile agents • Sealing and signing intermediate results to prevent tampering • Using shared secrets and interlocking • The agent’s execution and behaviour is recorded (Execution tracing) • Executable encrypted functions can prevent tampering

  22. Issues on mobile agents Technical issues • Current mobile agents do not bring about significant benefits • As they are written in interpreted languages, they are slow • Starting an execution environment and inserting an agent involves an overhead – thus higher loads in transporting and executing them locally • To recover from failure during migration additional support is required • Appropriate naming and location services are required • Security • Lack of standardization

  23. Nontechnical issues • Lack of a killer application • The advantages of mobile agents are modest when applications are considered in isolation Potential applications • Electronic marketplaces • Mobile devices such as mobile phones and PDAs

More Related