1 security and services in mobiquitous computing tim finin university of maryland, baltimore county...

11

Security and Services Security and Services inin

Mobiquitous Computing Mobiquitous Computing

Tim FininUniversity of Maryland,

Baltimore County

Mobiquitous ’04, 24 August 2004

http://ebiquity.umbc.edu/v2.1/event/html/id/45/

Joint work with Anupam Joshi, Yun Peng, Scott Cost & many students.

http://creativecommons.org/licenses/by-nc-sa/2.0/

This work was partially supported by DARPA contract F30602-97-1-0215, NSF grants CCR007080 and IIS9875433 and grants from IBM, Fujitsu and HP.

tell

register

tell

register

UMBCUMBCan Honors University in an Honors University in

MarylandMaryland 22

The QuestionThe Question

Is the service model Is the service model right for Mobiquitous right for Mobiquitous

computing?computing?


MarylandMaryland 33

The biquitous requirementsThe biquitous requirements

The The biquitousbiquitous part of the part of the MobiquitousMobiquitous vision often (typically?) assumes or vision often (typically?) assumes or requires:requires:

(1)(1) An open, heterogeneous and dynamic An open, heterogeneous and dynamic environment environment

(2)(2) A high degree of cooperation A high degree of cooperation

(3)(3) Context sensitive functionality Context sensitive functionality

(4)(4) Personalization driven by user models Personalization driven by user models and dataand data

(5)(5) AI like capabilities AI like capabilities


MarylandMaryland 44

My AnswerMy Answer

The service view is very appropriateThe service view is very appropriate We can’t do all this stuff on a cell We can’t do all this stuff on a cell

phone or wearable computerphone or wearable computer Even if we could, we need to interact Even if we could, we need to interact

with the other entities in the with the other entities in the environmentenvironment

Ensuring security, privacy and trust Ensuring security, privacy and trust is challenging in this environment is challenging in this environment and requires new ideas.and requires new ideas.


MarylandMaryland 55


(1)(1) An open, heterogeneous and An open, heterogeneous and dynamic environment dynamic environment Hosts, devices and people in motionHosts, devices and people in motion The context is constantly changingThe context is constantly changing Reasonable to model these as Reasonable to model these as

autonomous, self-interested agentsautonomous, self-interested agents Unreasonable to expect unique Unreasonable to expect unique

ontologies (data models) for most ontologies (data models) for most domains.domains.


MarylandMaryland 66


(2)(2) A high degree of cooperation A high degree of cooperation Devices are simple but many tasks are Devices are simple but many tasks are

complex – we will want to compose complex – we will want to compose simple functions and services to simple functions and services to accomplish our objectivesaccomplish our objectives

Tasks may also require interaction Tasks may also require interaction (e.g., negotiation) between requester (e.g., negotiation) between requester and providerand provider

Devices can fill multiple roles Devices can fill multiple roles (requester(requester


MarylandMaryland 77


(3)(3) Context sensitive functionality Context sensitive functionality Context can include location, time, Context can include location, time,

ongoing activities, user’s intent, etc.ongoing activities, user’s intent, etc. This adds to the dynamismThis adds to the dynamism And raises issues of recognition, And raises issues of recognition,

anticipation and adaptationanticipation and adaptation That requires lots of information, some of That requires lots of information, some of

which can only come from other entities which can only come from other entities in the environmentin the environment


MarylandMaryland 88


(4)(4) Personalization Personalization User profiles and models are a User profiles and models are a

common themecommon theme We want the environment to We want the environment to

recognize or anticipate our interests, recognize or anticipate our interests, desires and preferencesdesires and preferences

This gives rise to many privacy This gives rise to many privacy issuesissues


MarylandMaryland 99


(5)(5) AI like capabilities AI like capabilities The pervasive environment will be (we think) The pervasive environment will be (we think)

large and complex, so we shouldn’t assume large and complex, so we shouldn’t assume the end use will manage it allthe end use will manage it all

Desirable components (e.g., speech, NLP, Desirable components (e.g., speech, NLP, vision, etc) are very sophisticatedvision, etc) are very sophisticated

This has been there from the start, e.g., the This has been there from the start, e.g., the Enterprise bridge, Mark Weiser’s seminal paper Enterprise bridge, Mark Weiser’s seminal paper and in Apple’s Knowledge Navigator advertand in Apple’s Knowledge Navigator advert

While this is a project for generations, the While this is a project for generations, the incremental results will pay for the work.incremental results will pay for the work.


MarylandMaryland 1010

How do we approach this?How do we approach this?

Services are a good near term Services are a good near term approachapproach

New approaches to security, New approaches to security, privacy and trust are requiredprivacy and trust are required

Other components are needed, Other components are needed, or at least usefulor at least useful



Services are a good approachServices are a good approach What do we mean by services?What do we mean by services?

Not just uddi/wsdl/soap but also agent services, Not just uddi/wsdl/soap but also agent services, RMI services, etc.RMI services, etc.

We need approaches that allow published APIs We need approaches that allow published APIs and protocols with “semantic” informationand protocols with “semantic” information

This will best support automated discovery, This will best support automated discovery, evaluation, composition, invocation and evaluation, composition, invocation and monitoringmonitoring

We require much more than syntactic We require much more than syntactic interoperability – it’s not just about plumbinginteroperability – it’s not just about plumbing

OWL and OWL-S are good startsOWL and OWL-S are good starts



Security, trust and privacySecurity, trust and privacy In an open, dynamic and heterogeneous In an open, dynamic and heterogeneous environment we must interact with environment we must interact with agents we’ve never met beforeagents we’ve never met before

This happens at all levels of the stack: ad This happens at all levels of the stack: ad hoc networking, P2P, serviceshoc networking, P2P, services

Knowing their identity is also not enoughKnowing their identity is also not enoughWe will have to make decisions based on We will have to make decisions based on verifiable attributes, endorsements, verifiable attributes, endorsements, delegation of trust, etc.delegation of trust, etc.

Reputation is a promising approachReputation is a promising approach



Other componentsOther components

We make heavy use of software agents and We make heavy use of software agents and semantic web languagessemantic web languages

Agents provide a powerful process Agents provide a powerful process abstractionabstraction Underlying BDI modelUnderlying BDI model Rich agent communication languagesRich agent communication languages

Semantic web languages provide an Semantic web languages provide an expressive knowledge sharing languageexpressive knowledge sharing language Designed for community development, use Designed for community development, use

and maintenanceand maintenance Supported by practical, open standardsSupported by practical, open standards



The Celebrity CoupleThe Celebrity Couple

SemanticSemanticWebWeb

SemanticSemanticWebWeb

SoftwareSoftwareAgentsAgents

SoftwareSoftwareAgentsAgents

In 2002, Geek Gossip gushed “The semantic web will provide content for internet agents, and agents will make the semantic web “come alive”. Looks like a match made in Heaven!”



TAGA: Travel Agent Game in Agentcities

http://taga.umbc.edu/

TechnologiesTechnologiesFIPA FIPA (JADE, April Agent Platform)(JADE, April Agent Platform)

Semantic Web Semantic Web (RDF, OWL)(RDF, OWL)

Web Web (SOAP,WSDL,DAML-S)(SOAP,WSDL,DAML-S)

Internet Internet (Java Web Start )(Java Web Start )

FeaturesFeaturesOpen Market FrameworkOpen Market Framework

Auction ServicesAuction Services

OWL message contentOWL message content

OWL OntologiesOWL Ontologies

Global Agent CommunityGlobal Agent Community

MotivationMotivationMarket dynamicsMarket dynamicsAuction theory (TAC)Auction theory (TAC)Semantic webSemantic webAgent collaboration (FIPA Agent collaboration (FIPA & Agentcities)& Agentcities)

Travel Agents

Auction Service Agent

Customer Agent

Bulletin BoardAgent

Market Oversight Agent

Request

Direct Buy

Report Direct Buy Transactions

BidBid

CFP

Report Auction Transactions

Report Travel Package

Report Contract

Proposal

Web Service Agents

OntologiesOntologieshttp://taga.umbc.edu/ontologies/http://taga.umbc.edu/ontologies/

travel.owl travel.owl – travel concepts– travel concepts

fipaowl.owl fipaowl.owl – FIPA content lang.– FIPA content lang.

auction.owl auction.owl – auction services– auction services

tagaql.owl tagaql.owl – query language– query language

FIPA platform infrastructure services, including directory facilitators enhanced to use OWL-S for service discovery

Owl for representation and reasoning

Owl for service

descriptions

Owl for negotiatio

n

Owl as a content languag

e

Owl for publishing

communicative acts

Owl for contract

enforcement

Owl for modeling trust

Owl for authorization policies

Owl for protocol

description



What we learnedWhat we learned OWL is a good KR language for a reasonably OWL is a good KR language for a reasonably

sophisticated MASsophisticated MAS Integrates well with FIPA standardsIntegrates well with FIPA standards

OWL made it easy to mix content from OWL made it easy to mix content from different ontologies unambiguouslydifferent ontologies unambiguously Supporting partial understanding & extensibilitySupporting partial understanding & extensibility

The use of OWL supported web integrationThe use of OWL supported web integration Using information published on web pages and Using information published on web pages and

integrating with web services via WSDL and SOAPintegrating with web services via WSDL and SOAP OWL has limitations: no rules, no default OWL has limitations: no rules, no default

reasoning, graph semantics, …reasoning, graph semantics, … Some of which are being addressedSome of which are being addressed



A Love Triangle?A Love Triangle?

SemanticWeb

SoftwareAgents

PervasiveComputing

Even matches made in Heaven don’t always work out as planned.



Representing and Reasoning about Context

CoBrACoBrA: a broker centric agent : a broker centric agent architecture for supporting pervasive architecture for supporting pervasive context-aware systemscontext-aware systems Using SW ontologies for context Using SW ontologies for context

modeling and reasoning about devices, modeling and reasoning about devices, space, time, people, preferences, space, time, people, preferences, meetings, etc.meetings, etc.

Using logical inference to interpret Using logical inference to interpret context and to detect and resolve context and to detect and resolve inconsistent knowledgeinconsistent knowledge

Allowing users to define policies Allowing users to define policies controlling how information about them controlling how information about them is used and sharedis used and shared



A Bird’s Eye View of CoBrAA Bird’s Eye View of CoBrA



Security in P2P SystemsSecurity in P2P Systems

Peer-to-peer systems are manifest at multiple Peer-to-peer systems are manifest at multiple levels, such as ad hoc networking, file-sharing levels, such as ad hoc networking, file-sharing applications, and multiagent systems, applications, and multiagent systems,

Recognizing “bad actors” in P2P systems is Recognizing “bad actors” in P2P systems is hardhardBad actors might be having trouble, incompetent, Bad actors might be having trouble, incompetent, uncooperative, or maliciousuncooperative, or malicious

Ad Hoc networks can be subverted by the Ad Hoc networks can be subverted by the introduction of malicious nodesintroduction of malicious nodesE.g.: blackhole routers that do not forward packetsE.g.: blackhole routers that do not forward packets

MANETS offer additional challengesMANETS offer additional challenges



Neighborhood WatchNeighborhood Watchin ad hoc networksin ad hoc networks

Node A sends packet Node A sends packet destined for E, destined for E, through B & D.through B & D.

When B When B D, B and C D, B and C make snoop entry make snoop entry (A,E,Ck,B,D,(A,E,Ck,B,D,EE).).

B and C check if D B and C check if D forwarded the packet forwarded the packet or dropped, altered, or dropped, altered, or misrouted it.or misrouted it.

A

B

C

D

E



T.T.T: things take timeT.T.T: things take time Prior to the 1890’s, papers Prior to the 1890’s, papers

were held together with were held together with straight pens.straight pens.

The development of The development of “spring steel” allowed the “spring steel” allowed the invention of the paper clip invention of the paper clip in 1899.in 1899.

It took about It took about 25 years (!)25 years (!) for the evolution of the for the evolution of the modern “gem paperclip”, modern “gem paperclip”, considered to be optimal considered to be optimal for general use.for general use.



http://ebiquity.umbc.edu/http://ebiquity.umbc.edu/

Annotatedin OWL

For more For more informationinformation

1 security and services in mobiquitous computing tim finin university of maryland, baltimore county...

Documents

maryland services

usefulumbcan honors

biquitous requirements2

biquitous requirements1

biquitous requirements5

dynamic environment

user models

motionthe context