learn the rules so you know how to break them...
TRANSCRIPT
-
WOA 2011
Learn the rules so you know how to break themproperly
M. Baldoni, C. Baroglio, E. Marengo, V. Patti, and F. Capuzzimati
Dipartimento di Informatica — Università degli Studi di Torino
Università della Calabria, July 5, 2011
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 1 / 20
-
Overview
1 Grafting regulations into business protocols
2 Which specification?
3 Commitments-based protocols including temporal regulations
4 Analysis of risks of violation
5 The MiFID case study
6 Conclusions and Future Work
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 2 / 20
-
Business interactions and regulations
Business interactions involve autonomous partners withheterogeneous software designs and implementations.
The interaction of autonomous and heterogeneous business partnersis often specified by business protocols
Particularly challenging is the case when such protocols must embedregulations, that change along time.
This is, for instance, the case of banking and of trading services, andof personal data flow management.
The single organization needs to actively determine its processes on apermanent basis, to understand how regulations impact on theinternal organization, to reason about possible risks of violation, andto ensure compliance to directives and laws.
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 3 / 20
-
Requirements
Business protocols must enable a flexible enactment.
I Flexibility is important to allow the business partners to profit ofopportunities or to make the most efficient use of their time that ispossible.
Business protocols are usually cross-business.
I Capturing contractual relationships among the partners matters[Telang and Singh, 2010].
Business protocols are modular .
I Business protocols must be modular in a way that simplifies keepingthem compliant to regulations, which often change along time.
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 4 / 20
-
Requirements
Business protocols must enable a flexible enactment.
I Flexibility is important to allow the business partners to profit ofopportunities or to make the most efficient use of their time that ispossible.
Business protocols are usually cross-business.
I Capturing contractual relationships among the partners matters[Telang and Singh, 2010].
Business protocols are modular .
I Business protocols must be modular in a way that simplifies keepingthem compliant to regulations, which often change along time.
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 4 / 20
-
Requirements
Business protocols must enable a flexible enactment.
I Flexibility is important to allow the business partners to profit ofopportunities or to make the most efficient use of their time that ispossible.
Business protocols are usually cross-business.
I Capturing contractual relationships among the partners matters[Telang and Singh, 2010].
Business protocols are modular .
I Business protocols must be modular in a way that simplifies keepingthem compliant to regulations, which often change along time.
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 4 / 20
-
Requirements
Business protocols must enable a flexible enactment.
I Flexibility is important to allow the business partners to profit ofopportunities or to make the most efficient use of their time that ispossible.
Business protocols are usually cross-business.
I Capturing contractual relationships among the partners matters[Telang and Singh, 2010].
Business protocols are modular .
I Business protocols must be modular in a way that simplifies keepingthem compliant to regulations, which often change along time.
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 4 / 20
-
Requirements
Business protocols must enable a flexible enactment.
I Flexibility is important to allow the business partners to profit ofopportunities or to make the most efficient use of their time that ispossible.
Business protocols are usually cross-business.
I Capturing contractual relationships among the partners matters[Telang and Singh, 2010].
Business protocols are modular .
I Business protocols must be modular in a way that simplifies keepingthem compliant to regulations, which often change along time.
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 4 / 20
-
Requirements
Business protocols must enable a flexible enactment.
I Flexibility is important to allow the business partners to profit ofopportunities or to make the most efficient use of their time that ispossible.
Business protocols are usually cross-business.
I Capturing contractual relationships among the partners matters[Telang and Singh, 2010].
Business protocols are modular .
I Business protocols must be modular in a way that simplifies keepingthem compliant to regulations, which often change along time.
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 4 / 20
-
Current approaches: limits
Existing approaches to protocol specification (e.g. BPEL, WS-CDL)rely on the specification of control and business flows.
This procedural view makes protocols not suitable to easily take innew regulationsI impose unnecessary orderingsI does not allow the interleaving of new activities
Grafting of new regulations into aprotocol
When a new regulation must beembedded, these standards by andlarge require to rewrite the protocolsfrom scratch.
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 5 / 20
-
Business protocols should be based on commitmentsThe specification of how the business interaction should be carried out,based on commitments [Singh, 1999, Telang and Singh, 2010]
C (debtor , creditor , antecedent, consequence)
debtor is socially bound to creditor to bring about theconsequent condition if the antecedent condition holds
The business partners share a social state that contains commitmentsand other literals that are relevant to their interaction
Every partner can affect the social state by executing actions, whosedefinition is given in terms of operations onto the social state
The partners’ behavior is affected by commitments, which have aregulative nature, in that debtors should act in accordance with thecommitments they have taken
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 6 / 20
-
Business protocols should be based on commitmentsThe specification of how the business interaction should be carried out,based on commitments [Singh, 1999, Telang and Singh, 2010]
C (debtor , creditor , antecedent, consequence)
debtor is socially bound to creditor to bring about theconsequent condition if the antecedent condition holds
The business partners share a social state that contains commitmentsand other literals that are relevant to their interaction
Every partner can affect the social state by executing actions, whosedefinition is given in terms of operations onto the social state
The partners’ behavior is affected by commitments, which have aregulative nature, in that debtors should act in accordance with thecommitments they have taken
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 6 / 20
-
Business protocols should be based on commitments
A shared meaning of the shared actions
Declarative specification of the protocol rather than proceduralspecification
Observational semantics rather than mentalistic semantics
The specifications does not contain over-constrain
The specifications have a normative natureAgents are liable for the violation of the commitments they have takenbut they can always decide to break a commitment if an opportunity ,it can take advantage of, arises (of course, at its own risk!)
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 7 / 20
-
Business protocols should be based on commitments
A shared meaning of the shared actions
Declarative specification of the protocol rather than proceduralspecification
Observational semantics rather than mentalistic semantics
The specifications does not contain over-constrain
The specifications have a normative natureAgents are liable for the violation of the commitments they have takenbut they can always decide to break a commitment if an opportunity ,it can take advantage of, arises (of course, at its own risk!)
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 7 / 20
-
Business protocols should be based on commitments
A shared meaning of the shared actions
Declarative specification of the protocol rather than proceduralspecification
Observational semantics rather than mentalistic semantics
The specifications does not contain over-constrain
The specifications have a normative natureAgents are liable for the violation of the commitments they have takenbut they can always decide to break a commitment if an opportunity ,it can take advantage of, arises (of course, at its own risk!)
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 7 / 20
-
Business protocols should be based on commitments
A shared meaning of the shared actions
Declarative specification of the protocol rather than proceduralspecification
Observational semantics rather than mentalistic semantics
The specifications does not contain over-constrain
The specifications have a normative natureAgents are liable for the violation of the commitments they have takenbut they can always decide to break a commitment if an opportunity ,it can take advantage of, arises (of course, at its own risk!)
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 7 / 20
-
Business protocols should be based on commitments
A shared meaning of the shared actions
Declarative specification of the protocol rather than proceduralspecification
Observational semantics rather than mentalistic semantics
The specifications does not contain over-constrain
The specifications have a normative natureAgents are liable for the violation of the commitments they have takenbut they can always decide to break a commitment if an opportunity ,it can take advantage of, arises (of course, at its own risk!)
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 7 / 20
-
2CL: Constraints amongs Commitment
In order to meet the requirement of modularity and to allow the graftingof regulations onto business protocols, we adopt the enhanced formalframework in [Baldoni et al., 2011]
Constitutive and regulative rules
Declarative commitment-based specifications of protocols separate aconstitutive and a enhanced regulative part ( Searle’s view[Searle, 1995]) and explicitly include temporal regulations
Constitutive specification defines the activities
Regulative specification constrains the previously constituted activitiesby means of temporal constraints among commitments, whichregulate the evolution of the social state independently from theexecuted actions
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 8 / 20
-
2CL: Constraints amongs Commitment
In order to meet the requirement of modularity and to allow the graftingof regulations onto business protocols, we adopt the enhanced formalframework in [Baldoni et al., 2011]
Constitutive and regulative rules
Declarative commitment-based specifications of protocols separate aconstitutive and a enhanced regulative part ( Searle’s view[Searle, 1995]) and explicitly include temporal regulations
Constitutive specification defines the activities
Regulative specification constrains the previously constituted activitiesby means of temporal constraints among commitments, whichregulate the evolution of the social state independently from theexecuted actions
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 8 / 20
-
2CL: Constraints amongs Commitment
In order to meet the requirement of modularity and to allow the graftingof regulations onto business protocols, we adopt the enhanced formalframework in [Baldoni et al., 2011]
Constitutive and regulative rules
Declarative commitment-based specifications of protocols separate aconstitutive and a enhanced regulative part ( Searle’s view[Searle, 1995]) and explicitly include temporal regulations
Constitutive specification defines the activities
Regulative specification constrains the previously constituted activitiesby means of temporal constraints among commitments, whichregulate the evolution of the social state independently from theexecuted actions
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 8 / 20
-
Respecting and violating a protocol
Legal paths
The interaction of a set of parties will be compliant to a business protocolwhen all the commitments they have towards the others, and that areobjectively inferrable from their observable behavior, are satisfied (as usualin the social approach), and the overall execution respects all theconstraints
A Commitment Machine for our Business Protocols
We implemented an extension of the commitment machine in[Winikoff et al., 2004] by introducing an automated verification of 2CLconstraints.Our commitment machine allows exploring all the possible executions of abusiness protocol, and highlights the violations: those states in whichsome constraint is violated and those states that contain unsatisfiedcommitments.
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 9 / 20
-
Respecting and violating a protocol
Legal paths
The interaction of a set of parties will be compliant to a business protocolwhen all the commitments they have towards the others, and that areobjectively inferrable from their observable behavior, are satisfied (as usualin the social approach), and the overall execution respects all theconstraints
A Commitment Machine for our Business Protocols
We implemented an extension of the commitment machine in[Winikoff et al., 2004] by introducing an automated verification of 2CLconstraints.Our commitment machine allows exploring all the possible executions of abusiness protocol, and highlights the violations: those states in whichsome constraint is violated and those states that contain unsatisfiedcommitments.
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 9 / 20
-
Respecting and violating a protocol
Legal paths
The interaction of a set of parties will be compliant to a business protocolwhen all the commitments they have towards the others, and that areobjectively inferrable from their observable behavior, are satisfied (as usualin the social approach), and the overall execution respects all theconstraints
A Commitment Machine for our Business Protocols
We implemented an extension of the commitment machine in[Winikoff et al., 2004] by introducing an automated verification of 2CLconstraints.Our commitment machine allows exploring all the possible executions of abusiness protocol, and highlights the violations: those states in whichsome constraint is violated and those states that contain unsatisfiedcommitments.
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 9 / 20
-
Implementation
The implementation builds upon the source code published byWinikoff et al. and extends the labelling of the states. It is done inProlog.
It exploits the tuProlog interpreter and interprets a 2CL businessprotocol by means of a parser written in Java.
The output of the commitment machine is an annotated and coloredgraph of all the possible interactions (it is a reachability graph). Thegraph includes all the interactions that are possible, considering onlythe constitutive specification of the actions. The annotation,highlighted by graphical conventions, accounts for all the regulativeaspects, concerning both commitments and constraints. So the graphwill include both legal states and violation states.
The code is available at the URLhttp://www.di.unito.it/~alice/2CL
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 10 / 20
http://www.di.unito.it/~alice/2CL
-
Supporting the analysis of risks of violation
A tool for the analysis
The obtained graph is a tool that can support the business analysts
Analysis of possible violations amounts to the identification of therisks the interaction could encounter
The evaluation of such risks will allow the definition of operationalstrategies, that will affect the business interaction, by, alternatively,preventing the occurrence of violations (regimentation) orimplementing alerting mechanisms (enforcement)[Jones and Sergot, 1994]
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 11 / 20
-
A Real-world Case Study: the MiFID
The Markets in Financial Instruments Directive (MiFID), directive number2004/39/EC [9Te, ], issued by the European Commission within theFinancial Services Action Plan, represents a fundamental step in thecreation of an integrated and harmonized financial market within EU.
One of the main concerns of the directive is the protection of theclients of financial service agencies, thereby it introduces newregulations that financial services must follow
We model the regulation that applies to the offer of investmentservices off-site. This is the case when a bank promotes and sellsfinancial products with the help of external collaborators (called “tiedagents” or intermediaries)
Chosen as one of the benchmarks of ICT4Law projecthttp://www.ict4law.org/
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 12 / 20
http://www.ict4law.org/
-
A Real-world Case Study: the MiFID
The Markets in Financial Instruments Directive (MiFID), directive number2004/39/EC [9Te, ], issued by the European Commission within theFinancial Services Action Plan, represents a fundamental step in thecreation of an integrated and harmonized financial market within EU.
One of the main concerns of the directive is the protection of theclients of financial service agencies, thereby it introduces newregulations that financial services must follow
We model the regulation that applies to the offer of investmentservices off-site. This is the case when a bank promotes and sellsfinancial products with the help of external collaborators (called “tiedagents” or intermediaries)
Chosen as one of the benchmarks of ICT4Law projecthttp://www.ict4law.org/
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 12 / 20
http://www.ict4law.org/
-
A Real-world Case Study: the MiFID
The Markets in Financial Instruments Directive (MiFID), directive number2004/39/EC [9Te, ], issued by the European Commission within theFinancial Services Action Plan, represents a fundamental step in thecreation of an integrated and harmonized financial market within EU.
One of the main concerns of the directive is the protection of theclients of financial service agencies, thereby it introduces newregulations that financial services must follow
We model the regulation that applies to the offer of investmentservices off-site. This is the case when a bank promotes and sellsfinancial products with the help of external collaborators (called “tiedagents” or intermediaries)
Chosen as one of the benchmarks of ICT4Law projecthttp://www.ict4law.org/
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 12 / 20
http://www.ict4law.org/
-
A Real-world Case Study: the MiFID
The Markets in Financial Instruments Directive (MiFID), directive number2004/39/EC [9Te, ], issued by the European Commission within theFinancial Services Action Plan, represents a fundamental step in thecreation of an integrated and harmonized financial market within EU.
One of the main concerns of the directive is the protection of theclients of financial service agencies, thereby it introduces newregulations that financial services must follow
We model the regulation that applies to the offer of investmentservices off-site. This is the case when a bank promotes and sellsfinancial products with the help of external collaborators (called “tiedagents” or intermediaries)
Chosen as one of the benchmarks of ICT4Law projecthttp://www.ict4law.org/
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 12 / 20
http://www.ict4law.org/
-
A Simple Pre-MiFID Sale Protocol
Constitutive specification(a) propose solution means proposed RiskL if . . . .(b) reject proposal means rejected proposal,
release(C(fp, inv, invested)) if . . .(c) sign order means create(C(inv, bank, contract ended)),
accepted proposal, order signed if . . .(d) countersign contract means contract countersigned,
create(C(bank, inv, executed order)), invested if . . .(e) send contract means contract sent if . . .(f) notify means notified if . . .(g) end means executed order, contract ended if . . .
Regulative specification
(c1) notified −.• contract ended(c2) contract sent •−. notified
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 13 / 20
-
The MiFID specification
Constitutive specification(h) interview means investor identified, document supplied if . . .(i) profile means create(C(fp, inv, evaluation)), investor classified
if ¬investor classified ∧ investor identified ∧ ¬contract ended ∧¬contract abort ∧ ¬rejected proposal ∧ ¬fi discarded.
(j) classify means classified if . . .(k) fi evaluation means create(C(fp, inv, proposed RiskL)), evaluation if . . .(l) fi discard means fi discarded, cancel(C(fp, inv, invested)),
cancel(C(fp, inv, proposed RiskL)) if . . .(m) order verification means order verified,
create(C(bank, inv, executed order)) if . . .(n) withdraw means contract abort, release(C(bank, inv, ex order)),
cancel(C(inv, bank, contract ended)) if . . .
Regulative specification
(c3) C(fp, inv , invested) •−. investor identified∧document supplied
(c4) investor classified −.• C(fp, inv , propose riskL)(c5) evaluation ∧ ¬fi discarded −.• proposed RiskL(c6) order verified −.• contract countersigned
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 14 / 20
-
Grafting of MiFID
Excerpt of the execution pathsSale and MiFID dependency
graph
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 15 / 20
-
Analysis of risks of violations
Business processes are increasingly constrained by the regulative andlegislative framework in which they operate. It is essential to supportbusiness analysts in the evaluation of the risks connected to possibleviolationsI New regulations introduce new commitments new constraints on
business interactions. What is the impact on the business process inuse?
I Are we exposed to risks of violation, when we behave according to thecurrent BP specification?
I How to graft a new regulation into a business process?I Which changes? Modifying a business process can be costly.
Our graphical tool provides some solution:I allows to explore all possible interactions enabled by the new regulation
based on a simple declarative specification of the (new) commitmentgenerating activities and of the (new) temporal constraints.
I allows to perform a cost benefit analysis and to support thedecision-making process about which changes to implement
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 16 / 20
-
Enforcement and regimentation
Norms/regulations are softconstraints: providestandards that can beviolated, even though anyviolation should result insanctions or other normativeeffects.
The designer, by analysingthe graph, can identify thepoints where it could behelpful to intervene to reducethe possible violations, forinstance, by applyingenforcement policies or byregimenting some steps.
MiFID with a regimented action
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 17 / 20
-
Conclusions and Future Work
The protocols that we tackle are typical of contexts, like MAS, wherenorms are seen as soft constraints, i.e. as standards that can beviolated [Jones and Sergot, 1994, Governatori, 2010] – as the DalaiLama sentence in the title suggests.Learn the rules so you know how to break them properly .
At http://www.di.unito.it/~alice/2CL: complete examples andall figures related to the examples in the paper.
We are currently working at the formalization of a “grafting” operatorand of an “extends” operator which, similarly to “extension” in objectorientation, allows a more sophisticate composition of protocols.
New case study: OECD Guidelines on the Protection of Privacy andTransborder Flows of Personal Data[Organisation for Economic Co-operation and Development, 1980],which regulates the management of personal data, by imposing newactivities aimed at protecting the data owners.
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 18 / 20
http://www.di.unito.it/~alice/2CL
-
Relation Type Positive LTL meaning Negative LTL meaning
Correlationbase A •− B ♦A ⊃ ♦B A 6•− B ♦A ⊃ ¬♦B
persistence A •−−− B �(A ⊃ (A ∧ B)) A 6•−−− B �(A ⊃ ¬(A ∧ B))
Co-existencebase A •−• B A •− B ∧ B •− A A 6•−• B A 6•− B ∧ B 6•− A
persistence A •−−−• B A •−−− B ∧ B •−−− A A 6•−−−• B A 6•−−− B ∧ B 6•−−− A
Responsebase A •−. B �(A ⊃ ♦B) A 6•−. B �(A ⊃ ¬♦B)
persistence A •−−−. B �(A ⊃ (♦B ∧ (A ∪ B))) A 6•−−−. B �(A ⊃ ¬(A ∧ B))
Beforebase A −.• B ¬B ∪ A A 6−.• B �(♦B ⊃ ¬A)
persistence A −−−.• B ¬B ∪ (A ∪ B) A 6−−−.• B �(♦B ⊃ ¬A)
Causebase A •−.• B A •−. B ∧ A −.• B A 6•−.• B A 6•−. B ∧ A 6−.• B
persistence A •−−−.• B A −−−.• B ∧ A •−−−. B A 6•−−−.• B A 6−−−.• B ∧ A 6•−−−. B
Premise base A ..− B �(©B ⊃ A) A 6..− B �(©B ⊃ ¬A)
Immediate after base A −.. B �(A ⊃ ©B) A 6−.. B �(A ⊃ ©¬B)
Table: 2CL constraint relations and their semantics in LTL.
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 19 / 20
-
Directive 2004/39/EC of the European Parliament and of the Councilof 21 April 2004 on markets in financial instruments.Official Journal of the European Union, L145:1–44.
Baldoni, M., Baroglio, C., Marengo, E., and Patti, V. . (2011).Constitutive and Regulative Specifications of Commitment Protocols:a Decoupled Approach.ACM Trans. on Int. Sys. and Tech., Spec. Iss. on AgentCommunication.To appear.
Governatori, G. (2010).Law, Logic and Business Processes.In Proc. of Requirements Engineering and Law, RELAW 2010, pages1–10. IEEE.
Jones, A. J. I. and Sergot, M. (1994).On the characterization of law and computer systems: the normativesystems perspective, pages 275–307.John Wiley & Sons, Inc.
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 19 / 20
-
Organisation for Economic Co-operation and Development (1980).OECD Guidelines on the Protection of Privacy and Transborder Flowsof Personal Data.Available on-line.http://www.oecd.org/.
Searle, J. (1995).The Construction of Social Reality.Free Press, New York.
Singh, M. P. (1999).An ontology for commitments in multiagent systems.Artif. Intell. Law, 7(1):97–113.
Telang, P. R. and Singh, M. P. (2010).Abstracting Business Modeling Patterns from RosettaNet.In Service-Oriented Computing: Agents, Semantics, and Engineering.
Winikoff, M., Liu, W., and Harland, J. (2004).Enhancing commitment machines.In Proc. of DALT, volume 3476 of LNCS, pages 198–220.
M. Baldoni and V. Patti (UNITO) WOA 2011 Rende, July 4-6, 2011 19 / 20
Grafting regulations into business protocolsWhich specification?Commitments-based protocols including temporal regulationsAnalysis of risks of violationThe MiFID case studyConclusions and Future Work