mobile agents by olga gelbart [email protected]. what is an agent? a program (software agent),...
TRANSCRIPT
![Page 2: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/2.jpg)
http://agent.cs.dartmouth.edu/
What is an agent?• A program (“software agent”), e.g.,
• Personal assistant (mail filter, scheduling)
• Information agent (tactical picture agent)
• E-commerce agent (stock trader, bidder)
• Recommendation agent (Firefly, Amazon.com)
• A program that can– interact with users, applications, and agents– collaborate with the user
• Software agents help with repetitive tasks
![Page 3: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/3.jpg)
http://agent.cs.dartmouth.edu/
Is everything an “agent”?
• Not all programs are agents
• Agents are– customized– persistent– autonomous– adaptive
![Page 4: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/4.jpg)
http://agent.cs.dartmouth.edu/
What is a mobile agent?
Machine A Machine B
Searchengine
Mobile agent: Agent that• migrates from machine to machine• in a heterogeneous network• at times of its own choosing
![Page 5: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/5.jpg)
Definition
In a broad sense, an agent is any program that acts on behalf of a (human) user. A mobile agent then is a program which represents a user in a computer network, and is capable of migrating autonomously from node to node, to performs some computation on behalf of the user.
![Page 6: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/6.jpg)
How it works?
Agent
Host A
Host B
Host C
Agent
Agent
Network
![Page 7: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/7.jpg)
Mobile Agent Attributes
• Code • State
– Execution state– Object state
• Name– Identifier– Authority– Agent system type
• Location
![Page 8: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/8.jpg)
Evolution of the “mobile agent” paradigm
![Page 9: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/9.jpg)
Assumptions about computer systems violated by mobile agents
• Whenever a program attempts some action, we can easily identify a person to whom that action can be attributed, and it is safe to assume that that person intends the action to be taken.
• Only persons that are know to the system can execute programs on the system.
• There is one security domain corresponding to each user; all actions within that domain can be treated the same way.
• Single-user systems require no security.
• Essentially all programs are obtained from easily identifiable and generally trusted sources
• The users of a given piece of software are restrained by law and custom from various actions against the manufacturer’s interests
![Page 10: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/10.jpg)
Assumptions violated by mobile agents (cont’d)
• Significant security threats come from attackers running programs with the intent of accomplishing unauthorized results.
• Programs cross administrative boundaries only rarely, and only when people intentionally transmit them.
• A given instance of a program runs entirely on one machine; processes do not cross administrative boundaries at all.
• A given program runs on only one particular operating system.
• Computer security is provided by the operating system
![Page 11: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/11.jpg)
Benefits of mobile agents
• Bandwidth conservation
• Reduction of latency
• Reduction of completion time
• Asynchronous (disconnected) communications
• Load balancing
• Dynamic deployment
![Page 12: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/12.jpg)
http://agent.cs.dartmouth.edu/
Reason 1: Bandwidth conservation
Server
Dataset
Text documents,numerical data, etc.
Client/Proxy
Client/ProxyServer
Dataset
![Page 13: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/13.jpg)
http://agent.cs.dartmouth.edu/
Reason 2: Reduce latencySumatra chat server
(a “reflector”)
1. Observe high average
latency to clients
2. Move to better location
![Page 14: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/14.jpg)
http://agent.cs.dartmouth.edu/
Reason 3: Reduce Completion Time
Efficiency
Mobile users
1. Send code with unique query
2. Perform multi-stepqueries on large, remote,heterogeneous databases
3. Return requested data
Low bandwidth channel
![Page 15: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/15.jpg)
http://agent.cs.dartmouth.edu/
Reason 4: Disconnected communication and operation
X
X
X
X
Before
After
![Page 16: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/16.jpg)
http://agent.cs.dartmouth.edu/
Reason 5: Load balancing
Jobs/Load
Jobs/Load migrate in a heterogeneous network of machines
![Page 17: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/17.jpg)
http://agent.cs.dartmouth.edu/
Unique needs: maps, weather, tactical updates....
Command post
Tactical updates
Map, terrain databases
Weather
Reason 6: Dynamic Deployment
![Page 18: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/18.jpg)
Threats posed by mobile agents• Destruction of
– data, hardware, current environment
• Denial of service– block execution
– take up memory
– prevention of access to resources/network
• Breach of privacy / theft of resources– obtain/transmit privileged information
– use of covert channels
• Harassment– Display of annoying/offensive information
– screen flicker
• Repudiation– ability to deny an event / action ever happened
![Page 19: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/19.jpg)
Protection methods against malicious mobile agents
• Authenticating credentials– certificates and digital signatures
• Access Control and Authorization– Reference monitor– security domains– policies
• Software-based Fault Isolation– Java’s “sandbox”
• Monitoring – auditing of agent’s activities– setting limits
• Proxy-based approach to host protection• Code Verification - proof-carrying code
![Page 20: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/20.jpg)
Threats to mobile agents
– Denial of service– Unauthorized use or access of code/data– Unauthorized modification or corruption
code/data– Unauthorized access, modification, corruption,
or repeat of agent external communication
![Page 21: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/21.jpg)
Possible attacks on mobile agents
• Denial of service • Impersonation
– Host– Agent
• Replay• Eavesdropping
– Communication– Code & data
• Tamper attack– Communication– Code & data
![Page 22: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/22.jpg)
Protection of mobile agents
• Encryption– code– payload
• Code obfuscation
• Time-limited black-box security
![Page 23: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/23.jpg)
http://agent.cs.dartmouth.edu/
Application: Technical reports
Dynamically selectedproxy site
1. Send agent
3. Return merged and filtered results
GUI onhome
machine
Machine n
Machine 1
...
2. Send child agents / collect partial results
![Page 24: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/24.jpg)
http://agent.cs.dartmouth.edu/
Application: MilitaryApplication: Military
WirelessNetworkTechnical
specs
Orders and memos
Trooppositions
Wired network
![Page 25: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/25.jpg)
http://agent.cs.dartmouth.edu/
Application: e-commerce
BankArbiter VendorA
Yellow pages
VendorB
AgentAgent
![Page 26: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/26.jpg)
Mobile agent systemsMobile Agent System Author Language Secure Communication Server Resource Agent ProtectionTelescript General Magic Created their own Agent transfer is authenticated Capability-based Not supported
OO, type-safe using RSA and encrypted resource access. Quotas
language using RC4 can be imposed.
Authorization based on
agent's identity
Tacoma Cornell University Tcl, but is created Not supported Not supported Not supported
University of Tromso, to be written in other
Norway scripting languages
D'Agents Dartmouth College Tcl interpreter, mo- Uses PGP for authentication Uses safe-Tcl as its Not supported
dified to execute and encryption secure execution envireon
scripts and capture ment. No support for
state of execution at owner-based authorization
thread level
Aglets IBM Java. IBM developed Not supported Statically specified access Not supported
a separate class rights, based on only two
library to create security categories:
mobile agents trusted and untrustedVoyager ObjectSpace Java. Unique feature Not supported Programmer must extend Not supported
is a utility which Security Manager. Onlytakes any Java class two security categories:and creates a remo- native and foreign.tely-accessible ver-sion of it.
Concordia Mitsubishi Electric Java. Has Itinerary Agent transfer is encrypted and SecurityManager screen Agents protected fromobject, which keeps authenticated using SSL acceses using a statically other agents via thetrack of an agent's configured ACL based on resource accessmigration path agent owner identity mechanism
Ajanta University of Java Transfer is encrypted using Capability-based resource Mechanisms to detectMinnesota DES and authenticated using access. Authorization tampering of agent's
ElGamal protocol based on agent's owner state and code
![Page 27: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/27.jpg)
More examples and “bots”
• Tryllian mobile agent system
• Bots– mysimon.com– amazon.com - customer preferences
![Page 28: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/28.jpg)
Current trends lead to mobile agents
Informationoverload
Diversifiedpopulation
Bandwidthgap
Mobile usersand devices
“Customization”
Proxy-based
Server-side
Avoid largetransfers
DisconnectedOperation
Mobile codeto client
Mobile codeto server or proxy
MobileAgents
High latency
Increased needfor personalization
Too many unique,dispersed clients to handle
Multiple sites to visit
Avoid “star”
itinerary
![Page 29: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/29.jpg)
Migrating to migrating code
Applets
Proxies thataccept servlets
Services thataccept
servlets
Proxies providedby existingISP’s
MobileAgents
Intranet
Internet
![Page 30: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/30.jpg)
Conclusion: Cons• Security is too big a concern
• Overhead for moving code is too high
• Not backward compatible with Fortran, C ….
• Networks will be so fast, performance not an issue
![Page 31: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/31.jpg)
Conclusion: Pros• A unifying framework for making many applications
more efficient
• Treats data and code symmetrically
• Multiple-language support possible
• Supports disconnected networks in a way that other
technologies cannot
• Cleaner programming model
![Page 32: Mobile Agents By Olga Gelbart rosa@seas.gwu.edu. What is an agent? A program (software agent), e.g., Personal assistant](https://reader036.vdocuments.us/reader036/viewer/2022062318/5519d6695503468b0c8b49b9/html5/thumbnails/32.jpg)
For more information...
• Mysimon.com
• D’Agents: http://agent.cs.dartmouth.edu/
• Tryllian: http://www.tryllian.com
• Aglets: http://www.trl.ibm.co.jp/aglets