1 security and services in mobiquitous computing tim finin university of maryland, baltimore county...
TRANSCRIPT
11
Security and Services Security and Services inin
Mobiquitous Computing Mobiquitous Computing
Tim FininUniversity of Maryland,
Baltimore County
Mobiquitous ’04, 24 August 2004
http://ebiquity.umbc.edu/v2.1/event/html/id/45/
Joint work with Anupam Joshi, Yun Peng, Scott Cost & many students.
http://creativecommons.org/licenses/by-nc-sa/2.0/
This work was partially supported by DARPA contract F30602-97-1-0215, NSF grants CCR007080 and IIS9875433 and grants from IBM, Fujitsu and HP.
tell
register
tell
register
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 22
The QuestionThe Question
Is the service model Is the service model right for Mobiquitous right for Mobiquitous
computing?computing?
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 33
The biquitous requirementsThe biquitous requirements
The The biquitousbiquitous part of the part of the MobiquitousMobiquitous vision often (typically?) assumes or vision often (typically?) assumes or requires:requires:
(1)(1) An open, heterogeneous and dynamic An open, heterogeneous and dynamic environment environment
(2)(2) A high degree of cooperation A high degree of cooperation
(3)(3) Context sensitive functionality Context sensitive functionality
(4)(4) Personalization driven by user models Personalization driven by user models and dataand data
(5)(5) AI like capabilities AI like capabilities
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 44
My AnswerMy Answer
The service view is very appropriateThe service view is very appropriate We can’t do all this stuff on a cell We can’t do all this stuff on a cell
phone or wearable computerphone or wearable computer Even if we could, we need to interact Even if we could, we need to interact
with the other entities in the with the other entities in the environmentenvironment
Ensuring security, privacy and trust Ensuring security, privacy and trust is challenging in this environment is challenging in this environment and requires new ideas.and requires new ideas.
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 55
The biquitous requirementsThe biquitous requirements
(1)(1) An open, heterogeneous and An open, heterogeneous and dynamic environment dynamic environment Hosts, devices and people in motionHosts, devices and people in motion The context is constantly changingThe context is constantly changing Reasonable to model these as Reasonable to model these as
autonomous, self-interested agentsautonomous, self-interested agents Unreasonable to expect unique Unreasonable to expect unique
ontologies (data models) for most ontologies (data models) for most domains.domains.
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 66
The biquitous requirementsThe biquitous requirements
(2)(2) A high degree of cooperation A high degree of cooperation Devices are simple but many tasks are Devices are simple but many tasks are
complex – we will want to compose complex – we will want to compose simple functions and services to simple functions and services to accomplish our objectivesaccomplish our objectives
Tasks may also require interaction Tasks may also require interaction (e.g., negotiation) between requester (e.g., negotiation) between requester and providerand provider
Devices can fill multiple roles Devices can fill multiple roles (requester(requester
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 77
The biquitous requirementsThe biquitous requirements
(3)(3) Context sensitive functionality Context sensitive functionality Context can include location, time, Context can include location, time,
ongoing activities, user’s intent, etc.ongoing activities, user’s intent, etc. This adds to the dynamismThis adds to the dynamism And raises issues of recognition, And raises issues of recognition,
anticipation and adaptationanticipation and adaptation That requires lots of information, some of That requires lots of information, some of
which can only come from other entities which can only come from other entities in the environmentin the environment
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 88
The biquitous requirementsThe biquitous requirements
(4)(4) Personalization Personalization User profiles and models are a User profiles and models are a
common themecommon theme We want the environment to We want the environment to
recognize or anticipate our interests, recognize or anticipate our interests, desires and preferencesdesires and preferences
This gives rise to many privacy This gives rise to many privacy issuesissues
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 99
The biquitous requirementsThe biquitous requirements
(5)(5) AI like capabilities AI like capabilities The pervasive environment will be (we think) The pervasive environment will be (we think)
large and complex, so we shouldn’t assume large and complex, so we shouldn’t assume the end use will manage it allthe end use will manage it all
Desirable components (e.g., speech, NLP, Desirable components (e.g., speech, NLP, vision, etc) are very sophisticatedvision, etc) are very sophisticated
This has been there from the start, e.g., the This has been there from the start, e.g., the Enterprise bridge, Mark Weiser’s seminal paper Enterprise bridge, Mark Weiser’s seminal paper and in Apple’s Knowledge Navigator advertand in Apple’s Knowledge Navigator advert
While this is a project for generations, the While this is a project for generations, the incremental results will pay for the work.incremental results will pay for the work.
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 1010
How do we approach this?How do we approach this?
Services are a good near term Services are a good near term approachapproach
New approaches to security, New approaches to security, privacy and trust are requiredprivacy and trust are required
Other components are needed, Other components are needed, or at least usefulor at least useful
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 1111
Services are a good approachServices are a good approach What do we mean by services?What do we mean by services?
Not just uddi/wsdl/soap but also agent services, Not just uddi/wsdl/soap but also agent services, RMI services, etc.RMI services, etc.
We need approaches that allow published APIs We need approaches that allow published APIs and protocols with “semantic” informationand protocols with “semantic” information
This will best support automated discovery, This will best support automated discovery, evaluation, composition, invocation and evaluation, composition, invocation and monitoringmonitoring
We require much more than syntactic We require much more than syntactic interoperability – it’s not just about plumbinginteroperability – it’s not just about plumbing
OWL and OWL-S are good startsOWL and OWL-S are good starts
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 1212
Security, trust and privacySecurity, trust and privacy In an open, dynamic and heterogeneous In an open, dynamic and heterogeneous environment we must interact with environment we must interact with agents we’ve never met beforeagents we’ve never met before
This happens at all levels of the stack: ad This happens at all levels of the stack: ad hoc networking, P2P, serviceshoc networking, P2P, services
Knowing their identity is also not enoughKnowing their identity is also not enoughWe will have to make decisions based on We will have to make decisions based on verifiable attributes, endorsements, verifiable attributes, endorsements, delegation of trust, etc.delegation of trust, etc.
Reputation is a promising approachReputation is a promising approach
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 1313
Other componentsOther components
We make heavy use of software agents and We make heavy use of software agents and semantic web languagessemantic web languages
Agents provide a powerful process Agents provide a powerful process abstractionabstraction Underlying BDI modelUnderlying BDI model Rich agent communication languagesRich agent communication languages
Semantic web languages provide an Semantic web languages provide an expressive knowledge sharing languageexpressive knowledge sharing language Designed for community development, use Designed for community development, use
and maintenanceand maintenance Supported by practical, open standardsSupported by practical, open standards
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 1414
The Celebrity CoupleThe Celebrity Couple
SemanticSemanticWebWeb
SemanticSemanticWebWeb
SoftwareSoftwareAgentsAgents
SoftwareSoftwareAgentsAgents
In 2002, Geek Gossip gushed “The semantic web will provide content for internet agents, and agents will make the semantic web “come alive”. Looks like a match made in Heaven!”
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 1515
TAGA: Travel Agent Game in Agentcities
http://taga.umbc.edu/
TechnologiesTechnologiesFIPA FIPA (JADE, April Agent Platform)(JADE, April Agent Platform)
Semantic Web Semantic Web (RDF, OWL)(RDF, OWL)
Web Web (SOAP,WSDL,DAML-S)(SOAP,WSDL,DAML-S)
Internet Internet (Java Web Start )(Java Web Start )
FeaturesFeaturesOpen Market FrameworkOpen Market Framework
Auction ServicesAuction Services
OWL message contentOWL message content
OWL OntologiesOWL Ontologies
Global Agent CommunityGlobal Agent Community
MotivationMotivationMarket dynamicsMarket dynamicsAuction theory (TAC)Auction theory (TAC)Semantic webSemantic webAgent collaboration (FIPA Agent collaboration (FIPA & Agentcities)& Agentcities)
Travel Agents
Auction Service Agent
Customer Agent
Bulletin BoardAgent
Market Oversight Agent
Request
Direct Buy
Report Direct Buy Transactions
BidBid
CFP
Report Auction Transactions
Report Travel Package
Report Contract
Proposal
Web Service Agents
OntologiesOntologieshttp://taga.umbc.edu/ontologies/http://taga.umbc.edu/ontologies/
travel.owl travel.owl – travel concepts– travel concepts
fipaowl.owl fipaowl.owl – FIPA content lang.– FIPA content lang.
auction.owl auction.owl – auction services– auction services
tagaql.owl tagaql.owl – query language– query language
FIPA platform infrastructure services, including directory facilitators enhanced to use OWL-S for service discovery
Owl for representation and reasoning
Owl for service
descriptions
Owl for negotiatio
n
Owl as a content languag
e
Owl for publishing
communicative acts
Owl for contract
enforcement
Owl for modeling trust
Owl for authorization policies
Owl for protocol
description
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 1616
What we learnedWhat we learned OWL is a good KR language for a reasonably OWL is a good KR language for a reasonably
sophisticated MASsophisticated MAS Integrates well with FIPA standardsIntegrates well with FIPA standards
OWL made it easy to mix content from OWL made it easy to mix content from different ontologies unambiguouslydifferent ontologies unambiguously Supporting partial understanding & extensibilitySupporting partial understanding & extensibility
The use of OWL supported web integrationThe use of OWL supported web integration Using information published on web pages and Using information published on web pages and
integrating with web services via WSDL and SOAPintegrating with web services via WSDL and SOAP OWL has limitations: no rules, no default OWL has limitations: no rules, no default
reasoning, graph semantics, …reasoning, graph semantics, … Some of which are being addressedSome of which are being addressed
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 1717
A Love Triangle?A Love Triangle?
SemanticWeb
SoftwareAgents
PervasiveComputing
Even matches made in Heaven don’t always work out as planned.
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 1818
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 1919
Representing and Reasoning about Context
CoBrACoBrA: a broker centric agent : a broker centric agent architecture for supporting pervasive architecture for supporting pervasive context-aware systemscontext-aware systems Using SW ontologies for context Using SW ontologies for context
modeling and reasoning about devices, modeling and reasoning about devices, space, time, people, preferences, space, time, people, preferences, meetings, etc.meetings, etc.
Using logical inference to interpret Using logical inference to interpret context and to detect and resolve context and to detect and resolve inconsistent knowledgeinconsistent knowledge
Allowing users to define policies Allowing users to define policies controlling how information about them controlling how information about them is used and sharedis used and shared
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 2020
A Bird’s Eye View of CoBrAA Bird’s Eye View of CoBrA
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 2121
Security in P2P SystemsSecurity in P2P Systems
Peer-to-peer systems are manifest at multiple Peer-to-peer systems are manifest at multiple levels, such as ad hoc networking, file-sharing levels, such as ad hoc networking, file-sharing applications, and multiagent systems, applications, and multiagent systems,
Recognizing “bad actors” in P2P systems is Recognizing “bad actors” in P2P systems is hardhardBad actors might be having trouble, incompetent, Bad actors might be having trouble, incompetent, uncooperative, or maliciousuncooperative, or malicious
Ad Hoc networks can be subverted by the Ad Hoc networks can be subverted by the introduction of malicious nodesintroduction of malicious nodesE.g.: blackhole routers that do not forward packetsE.g.: blackhole routers that do not forward packets
MANETS offer additional challengesMANETS offer additional challenges
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 2222
Neighborhood WatchNeighborhood Watchin ad hoc networksin ad hoc networks
Node A sends packet Node A sends packet destined for E, destined for E, through B & D.through B & D.
When B When B D, B and C D, B and C make snoop entry make snoop entry (A,E,Ck,B,D,(A,E,Ck,B,D,EE).).
B and C check if D B and C check if D forwarded the packet forwarded the packet or dropped, altered, or dropped, altered, or misrouted it.or misrouted it.
A
B
C
D
E
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 2323
T.T.T: things take timeT.T.T: things take time Prior to the 1890’s, papers Prior to the 1890’s, papers
were held together with were held together with straight pens.straight pens.
The development of The development of “spring steel” allowed the “spring steel” allowed the invention of the paper clip invention of the paper clip in 1899.in 1899.
It took about It took about 25 years (!)25 years (!) for the evolution of the for the evolution of the modern “gem paperclip”, modern “gem paperclip”, considered to be optimal considered to be optimal for general use.for general use.
UMBCUMBCan Honors University in an Honors University in
MarylandMaryland 2424
http://ebiquity.umbc.edu/http://ebiquity.umbc.edu/
Annotatedin OWL
For more For more informationinformation