Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dynamic Exchange of Capabilities Between Mobile Agents

Published byJuliana Lawson Modified over 5 years ago

Similar presentations

Presentation on theme: "Dynamic Exchange of Capabilities Between Mobile Agents"— Presentation transcript:

1 Dynamic Exchange of Capabilities Between Mobile Agents
Jim Miani CIS 642

2 Outline Supporting Concepts Paper Abstract Protocol Objectives
- Relevant Java properties - Process-level security - Terminology Paper Abstract Protocol Objectives Project Requirements Implementation Details Related Work Criticism/Discussion Friday, May 03, 2019 Jim Miani

3 Relevant Java Features
Polymorphism Inheritance Interfaces Type Safety (no arbitrary memory references) Platform-independence Object serialization Friday, May 03, 2019 Jim Miani

4 Process-level security
Pre-network era, security typically handled by OS (UNIX or mainframe). PC operating systems typically give super-user privileges by default Thus security must be enforceable at process/language level. Friday, May 03, 2019 Jim Miani

5 Terminology An agent is a mobile process with it’s own context (code and data). Access rights are the set of capabilities one agent grants another. A capability is a token that identifies an object and contains access rights. Friday, May 03, 2019 Jim Miani

6 Abstract Define a protocol for a secure exchange of software capabilities between processes Sample implementation in Java Use Interface Definition Language (IDL) to separate protection policy of agent from agent’s application code Friday, May 03, 2019 Jim Miani

7 Why Use Agents? An agent is an independent process which may travel to several sites in order to complete its task. Pros Cons Peer-to-peer model Security Ideal for distributed computing Security Security Efficient use of network resources The point is that this is something we would like to do if and only if we can ensure secure operation. Flexibility Decentralization Friday, May 03, 2019 Jim Miani

8 Protocol Objectives Evolution: Dynamically exchange capabilities
Decentralization: Agent-level administration of capabilities Mutual suspicion: All agents suspicious of other. No imposed hierarchy. Modularity: Protection scheme separate from application logic. Portability: Language-independent. Friday, May 03, 2019 Jim Miani

9 Language features Again, NOT Java-specific No direct memory addressing
Type-safety Dynamic class loading Dynamic binding Polymorphism (interface definitions) Object serialization Name server Friday, May 03, 2019 Jim Miani

10 Project Requirements Isolation - Agent confined to granted access privileges Access Control - Definition of grant policy Authentication - Correctly identify an agent or agent’s source. Friday, May 03, 2019 Jim Miani

11 The Protection Model To invoke an object method, agent must have reference to object and capability (i.e. access rights) to use it Creator of object typically granted full access to object at instantiation Capabilities along with object reference can be passed to other agents by creator Friday, May 03, 2019 Jim Miani

12 Exchanging Capabilities
Need to dynamically exchange capabilities Need method to control exchange Language extensions are poor solution Use interfaces (Interface Definition Language) Very similar to typical OO inheritance protection schemes, but greater granularity Friday, May 03, 2019 Jim Miani

13 Mobile Agents Part II Jim Miani CIS 642

14 Polymorphism† Inclusion Polymorphism allows the same identifier to reference objects of different types provided they have a common ancestor class. Operation Polymorphism (a.k.a. overloading) determining the method invocation by signature of arguments. Parametric Polymorphism uses types as parameters in generic class declarations. This is a feature of ML. † As defined in Wilkie ‘93 and Pohl ‘94 Friday, May 03, 2019 Jim Miani

15 Recap Objective - Define a protocol for mobile agents to exchange capabilities in a secure and dynamic fashion. Disengage definition of agent grant policy from agent application logic. Definition of grant policy should be independent of implementation language. Decentralize grant and delivery of capabilities Use Interface Definition Language to achieve these goals. Friday, May 03, 2019 Jim Miani

16 Interface Definitions
Object references are passed as parameters Problem: method to pass access rights with object reference parameter without embedding this information in application logic. Solution: use interface definition language Interface is described independently of implementation, separating protection definition from application logic. Use IDL to create views which define access control policy for a capability. Friday, May 03, 2019 Jim Miani

17 Views A view describes:
The methods authorized by the access rights associated with the capability. The capabilities that must be transferred between the caller and callee along with the parameters of the methods authorized by the view. Note that views are recursive in nature since a view may pass another view to an invoking agent. Since agents are mutually suspicious, both the invoking agent and the invoked agent will define views. Friday, May 03, 2019 Jim Miani

18 Capability Exchange Policy
View Structure Case Study Agents want to print without giving distrusted print server write permission on file. Print server needs to be able to perform task without giving distrusted agent access to system resources. Object Reference Access Rights View Capability Exchange Policy Friday, May 03, 2019 Jim Miani

19 Sample Java Interfaces
This is the Java interface definition for a printer application. These interfaces will be shared between the caller and the callee. Security issues: Printer doesn’t want client to invoke init method. Client doesn’t want printer to invoke write method. interface Printer_itf{ void init(); Job_itf run(Text text); } interface Text_itf{ String read(); void write(String s); interface Job_itf{ void stop(); Friday, May 03, 2019 Jim Miani

20 IDL Syntax Keyword not indicates method is disallowed for agent receiving object reference When an object reference is passed as a parameter in a view, pass <view> specifies the view to be passed with the reference. Friday, May 03, 2019 Jim Miani

21 Sample View To implement the security restrictions desired, both agents will define views: Requesting Agent view client implements Printer_itf{ void init(); Job_itf run (Text_itf text pass reader); } view reader implements Text_itf{ String read(); void not write (String s); Print Server view server implements Printer_itf{ void not init(); Job_itf run (Text_itf text); } Friday, May 03, 2019 Jim Miani

22 Points to note Agent protection policy is defined independent of any other agent and any centralized server. Policy specification is detached from agent implementation. Each view is an additional layer, or “filter” between agents to maintain proper relationships. Friday, May 03, 2019 Jim Miani

23 Implementation of Filters
Pre-process IDL to create classes which act as buffers between interacting agents Filter class will implement all methods defined within view. Filter class will override methods (to throw an exception) forbidden in interface definition. Invoking agents will be passed a reference to an instance of the filter class. Friday, May 03, 2019 Jim Miani

24 Java code after IDL pre-process
Client public class reader public class client implements Text_itf{ implements Printer_itf{ Text_itf obj; Printer_itf obj; public reader(Text_itf o){ public Printer_stub(Printer_itf o){ obj = o; obj = o; } } public string read(){ public void init(){ return(obj.read); obj.init(); public void write (String s){ public Job_itf run (Text_itf text){ Throw an exception!! reader stub = new reader(text); } return obj.run(stub); } } Friday, May 03, 2019 Jim Miani

25 Java code after IDL pre-process
Print Server public class server implements Printer_itf{ Printer_itf obj; public Printer_stub(Printer_itf o){ obj = o; } public void init(){ Exception!! public Job_itf run(Text_itf text){ return obj.run(text); Friday, May 03, 2019 Jim Miani

26 Illustration Client Agent Filter Object Client Filter Object Reader
Since the client does not want the printer agent to have write permission on the file to be printed, it passes the reader filter set of capabilities to the print server Client Object invokes run method of Printer interface Client Agent Filter Object Client Filter Object Reader Filter Object Server Likewise, the print server disallows invocations of the init method by passing references through the server filter object Print Server Friday, May 03, 2019 Jim Miani

27 Related Work Agent TCL AgletIBM Telescript - not object-oriented
- does not allow data sharing AgletIBM - same downside as TCL Telescript - Does provide shared objects - Provides authentication mechanisms - Access control must be managed within program Friday, May 03, 2019 Jim Miani

28 Criticism/Discussion
Difficult to assess feasibility of implementation Language-independence claim is suspect No authentication of agents (w.i.p.) Friday, May 03, 2019 Jim Miani

Download ppt "Dynamic Exchange of Capabilities Between Mobile Agents"

Similar presentations

Programming Paradigms Introduction. 6/15/2005 Copyright 2005, by the authors of these slides, and Ateneo de Manila University. All rights reserved. L1:

Programming Paradigms Introduction. 6/15/2005 Copyright 2005, by the authors of these slides, and Ateneo de Manila University. All rights reserved. L1:
SOAP.

SOAP.
Remote Procedure Call Design issues Implementation RPC programming

Remote Procedure Call Design issues Implementation RPC programming
Tam Vu (tvu@mail.eecis.udel.edu) Remote Procedure Call CISC 879 – Spring 03 Tam Vu (tvu@mail.eecis.udel.edu) March 06, 03.

Tam Vu Remote Procedure Call CISC 879 – Spring 03 Tam Vu March 06, 03.
Copyright © 2001 Qusay H. Mahmoud RMI – Remote Method Invocation Introduction What is RMI? RMI System Architecture How does RMI work? Distributed Garbage.

Copyright © 2001 Qusay H. Mahmoud RMI – Remote Method Invocation Introduction What is RMI? RMI System Architecture How does RMI work? Distributed Garbage.
Company LOGO Remote Method Invocation Georgi Cholakov, Emil Doychev, University of Plovdiv “Paisii.

Company LOGO Remote Method Invocation Georgi Cholakov, Emil Doychev, University of Plovdiv “Paisii.
OOP in Java Nelson Padua-Perez Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.

OOP in Java Nelson Padua-Perez Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.
CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.

CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.
II. Middleware for Distributed Systems

II. Middleware for Distributed Systems
Communication in Distributed Systems –Part 2

Communication in Distributed Systems –Part 2
OOP in Java Fawzi Emad Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.

OOP in Java Fawzi Emad Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.
Inheritance and Polymorphism CS351 – Programming Paradigms.

Inheritance and Polymorphism CS351 – Programming Paradigms.
A Framework for Smart Proxies and Interceptors in RMI Nuno Santos P. Marques, L. Silva CISUC, University of Coimbra, Portugal

A Framework for Smart Proxies and Interceptors in RMI Nuno Santos P. Marques, L. Silva CISUC, University of Coimbra, Portugal
FALL 2005CSI 4118 – UNIVERSITY OF OTTAWA1 Part 4 Web technologies: HTTP, CGI, PHP,Java applets)

FALL 2005CSI 4118 – UNIVERSITY OF OTTAWA1 Part 4 Web technologies: HTTP, CGI, PHP,Java applets)
Programming Languages and Paradigms Object-Oriented Programming.

Programming Languages and Paradigms Object-Oriented Programming.
Common Object Request Broker Architecture (CORBA) CS-328.

Common Object Request Broker Architecture (CORBA) CS-328.
1 Java Programming II Java Network II (Distributed Objects in Java)

1 Java Programming II Java Network II (Distributed Objects in Java)
Understanding the CORBA Model. What is CORBA?  The Common Object Request Broker Architecture (CORBA) allows distributed applications to interoperate.

Understanding the CORBA Model. What is CORBA?  The Common Object Request Broker Architecture (CORBA) allows distributed applications to interoperate.
Chapter 6 Operating System Support. This chapter describes how middleware is supported by the operating system facilities at the nodes of a distributed.

Chapter 6 Operating System Support. This chapter describes how middleware is supported by the operating system facilities at the nodes of a distributed.
CS 390- Unix Programming Environment CS 390 Unix Programming Environment Topics to be covered: Distributed Computing Fundamentals.

CS 390- Unix Programming Environment CS 390 Unix Programming Environment Topics to be covered: Distributed Computing Fundamentals.

Similar presentations

Ads by Google