Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 An abstract model for run-time monitoring and enforcement of contracts. Carlos Molina-Jimenez TAPAS.

Published byNigel Williams Modified over 9 years ago

Similar presentations

Presentation on theme: "1 An abstract model for run-time monitoring and enforcement of contracts. Carlos Molina-Jimenez TAPAS."— Presentation transcript:

1 1 An abstract model for run-time monitoring and enforcement of contracts. Carlos Molina-Jimenez (Carlos.Molina@ncl.ac.uk)Carlos.Molina@ncl.ac.uk TAPAS meeting, Dortmund 10-11 th Feb 2003

2 2 The problem EnEn E1E1 O1O1 E2E2 OnOn O1O1 OnOn O1O1 OnOn O1O1 OnOn O1O1 OnOn O1O1 OnOn P P P S S S How to create this soft (middleware) biz interaction O-object P-private S-shared

3 3 The solution We will spend the next 45 min discussing a possible solution.

4 4 Outline Definition of contracts.  rights, obligations.  relationship between contracts and SLAs. Description of contracts by means of FSMs.  monitoring  enforcement Contracts as interceptors of operations.  virtual objects and interfaces.  is this operation legal or illegal?  is the invoker entitled to? Questions and discussion. Conclusions.

5 5 Biz interaction regulated by a contract A contract is a set of SLAs. SLA i is a set of R (rights) and O (obligations) to be honoured by Alice and Bob about an specific service. Signatures Manager E1 Manager E2 AGREEMENT SLA 1 ={R 1,O 1,…R m1,O m1 }, SLA 2 ={R 1,O 1,…R m2,O m2 }, SLA 3 ={R 1,O 1,…R m3,O m3 }, … … … Contract

6 6 Executable-contracts (x-contracts) Interested in contracts that stipulate rights and obligations and …  monitor and enforce them at run-time.  collect non-repudiable evidences as well. This means … we’re interested in contracts that can be executed.  executable contracts are called x-contracts What do they look like?

7 7 Conversion of contracts into x-contracts XML-like files executable (java files) text docs (word, ascii, etc). graphics, etc. English text contract Contract for the purchase and supply of remote disk storage Between: Alice (purchaser) and Bob (supplier) 1-Term: six month from 11 Feb 2003. 2-The supplier shall provide 100GB of disk for cache on Mon. 3-The purchaser shall pay for the service the Fri before the Mon…. English contract to x-contract x-contract converter

8 8 What kind of e-contracts, SLAs, rights and obligations? Our model of x-contract makes no assumptions about …  nature of service application service: purchase-supply of (e)goods. network service: provision of net connection.  nature of R(ights) and O(bligations). O: the net provider shall provide 100 Mb/s on Mon. R: the seller may send offers to buy to the buyer.

9 9 X-contract monitoring An x-contract monitors and enforces Rs&Os.  What do you mean by that? x-contract monitoring:  passive observation and recording of  records about the execution of Rs&Os stipulated in the contract.  information about the states (current for ex.) of the contract.

10 10 X-contract enforcement x-contract dictates what must be done.  what operations and in what order  it does not dictate HOW. prevention from intentionally or accidentally breaching the contract.  no intention to prevent or enforce operations executed outside the scope of the contract.  when a contract breach signal is sent it is up to the person (enterprise) in contract breach to remedy the situation.  no intention to manipulate and tune the service provision in order to honour the x-contract. no intention to enforce adaptation from within the x-contract.

11 11 What does the contract do? Intercepts operations invoked on virtual objects.  depending on the Rs and Os stipulated in the contract, the operation is considered: legal  execution permitted illegal  execution NOT permitted.  This is call enforcement of Rs and Os.  criteria for disapproving operations operation not stipulated in the contract clauses. operation invoked by a person without privileges. Invokes the operation on the actual object on behalf of the original invoker.

12 12 Enforcement of operations Rights, obligations and contract state can be mapped into a FSM and enforced. If the full payment is received the supplier shall ship the e-goods, if 1/2payment is received … state 1 state q state 2 state m e 1 /o 1 e 2 /o 2 e m /o m … shipping item waiting for payment booking item complaining FullPay 1/2pay NoPay e i -event, o i -operation on an object On what object?

13 13 Operations are invoked on virtual objs and intercepted by the x-contract E1E1 E2E2 O 1.E 1 O n.E 1 O1O1 OmOm private objects shared objects shared objects O 1.E 2 O n.E 2 O1O1 OmOm private objects O 1.E 1 O n.E 1 O 1.E 2 O n.E 2 virtual objects: references to actual objects + VE x-contract (1) (2)

14 14 Interception of operation requires well- defined interfaces. shared objects I 1 : R, W, Del O 1.E 1 I 2 : R, W I n : R O 1.E 2 I 2 : Send, Rcv I n : Update I 1 : Send E1E1 E2E2 VE I 1 : R, W, Del O 1.E 1 I 2 : R, W I n : R O 1.E 2 I 2 : Send, Rcv I n : Update I 1 : Send Each object has n interfaces Each interface has m operations x-contract

15 15 An x-contract intercepting operations shared obj. I 1 : send item.E 1 I 2 : receive In:In: payment.E 2 I 2 : collect I n : refund I 1 : pay E1E1 E2E2 VE I 1 : send, item.E 1 I 2 : receive In:In: payment.E 2 I 2 : collect I n : refund I 1 : pay shared obj. Waiting for payment Shipping item PaymentRcvd/collect supplier Waiting for item Editing payment Pay/pay purchaser (1) (2) (3) (4) (5) (6) x-contract virtual objs. ItemReady/send (7) (8)

16 16 Who collects non-repudiable evidences? We are planning to use a B2Bobj  Distributed Object Middleware … Nick Cook and Santosh Shrivastava, 2002

17 17 Where is the contract file stored? The contract file must be stored in a  secure tamper-resistant storage. protection against  accidental and  malicious changes. Alice.E i can’t change it without Bob.E j knowing about it. Eve (an outsider) can’t change it without Alice.E i and Bob.E j knowing about it.  accessible to all the contracting parties E 1,E 2,…E n.

18 18 Physical location of contract files Within E i ? In a Trusted Third Party? Does it matter at design stage?--NO

19 19 Actual physical location of contract files Irrelevant at design stage.  Leave it for implementation and deployment stage. A good VE should be designed with contract distribution in mind.  A contract might consist of several files.  Distribute them strategically.

20 20 Access control to objects shared obj. I 1 : send item.E 1 I 2 : receive In:In: payment.E 2 I 2 : collect I n : refund I 1 : pay E1E1 E2E2 VE I 1 : send, item.E 1 I 2 : receive In:In: payment.E 2 I 2 : collect I n : refund I 1 : pay shared obj. Waiting for item Editing payment Pay/pay purchaser (1) (2) (3)  Who is Bob?  Is he entitled to place a payment?  What objs. is he entitled to access?  What operations? Bob Alice

21 21 Privileges for accessing interfaces are given to role players. privilege for accessing interface i means privilege for executing all the operations of the interface i. O 1.E 2 I 2 : Send, Rcv I n : Update I 1 : Send shared objects I 1 : R, W, Del O 1.E 1 I 2 : R, W I n : R shared objects E1E1 E2E2 VE I 1 : R, W, Del O 1.E 1 I 2 : R, W I n : R O 1.E 2 I 2 : Send, Rcv I n : Update I 1 : Send E 1 managerE 2 managerE 2 secretary Contract stipulates who can access what John Warne will you more about roles and role players.

22 22 Conclusions, questions and answers virtual objects + x-contract = run-time monitored and enforced business interactions. Any question?

23 23 References Carlos Molina et. al. Contract Representation for Run-time Monitoring and Enforcement. Carlos Molina-Jimenez, et. al., Draft, Uni. of Newcastle, Dec. 2002. John Warne. Toward an e-contract management architecture for inter-organizational interaction in TAPAS …, Presentation at Uni. of Newcastle, 2002 N. Cook et. al. Distributed Object Middleware to Support Dependable Information Sharing between Organisations, Proc. IEEE Int. Conf. on Dependable Syst. and Networks (DSN-2002), Bethesda USA, Jun. 2002.

Download ppt "1 An abstract model for run-time monitoring and enforcement of contracts. Carlos Molina-Jimenez TAPAS."

Similar presentations

ISTISNA AS MODE OF FINANCE

ISTISNA AS MODE OF FINANCE
Chapter 8: Insurance Contracts

Chapter 8: Insurance Contracts
Contracts, Service Level Agreements and Virtual Enterprises in Composite Services Carlos Molina-Jimenez (

Contracts, Service Level Agreements and Virtual Enterprises in Composite Services Carlos Molina-Jimenez (
Sales Contracts.  Sale – Contract in which ownership of goods transfers immediately from the seller to the buyer  Ownership – Collection of rights that.

Sales Contracts.  Sale – Contract in which ownership of goods transfers immediately from the seller to the buyer  Ownership – Collection of rights that.
The Sale of Goods and Supply of Services Act 1980

The Sale of Goods and Supply of Services Act 1980
TAPASDelivMarch04 1 TAPAS Deliverables for March 04 (Trusted and QoS-Aware Provision of Application Services) Santosh Shrivastava Newcastle University.

TAPASDelivMarch04 1 TAPAS Deliverables for March 04 (Trusted and QoS-Aware Provision of Application Services) Santosh Shrivastava Newcastle University.
Sustainable Energy Systems Overview of contractual obligations, procedures and practical matters KICK-OFF MEETING.

Sustainable Energy Systems Overview of contractual obligations, procedures and practical matters KICK-OFF MEETING.
SPECIFYING AND MONITORING GUARANTEES IN COMMERCIAL GRIDS THROUGH SLA Sven Graupner Vijay MachirajuAad van Moorsel IEEE/ACM International Symposium on Clustering.

SPECIFYING AND MONITORING GUARANTEES IN COMMERCIAL GRIDS THROUGH SLA Sven Graupner Vijay MachirajuAad van Moorsel IEEE/ACM International Symposium on Clustering.
2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)

2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)
OASIS Reference Model for Service Oriented Architecture 1.0

OASIS Reference Model for Service Oriented Architecture 1.0
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
CSE331: Introduction to Networks and Security Lecture 28 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 28 Fall 2002.
Chapter Two Information Technologies: Concepts and Management.

Chapter Two Information Technologies: Concepts and Management.
Figure 1.1 Interaction between applications and the operating system.

Figure 1.1 Interaction between applications and the operating system.
GLOMAR  Aims - Provides adaptive consistency control for mobile enabled file systems  Abstracting consistency control into a component architecture 

GLOMAR  Aims - Provides adaptive consistency control for mobile enabled file systems  Abstracting consistency control into a component architecture 
Trusted Coordination ADAPT Workshop, 11-12 December 03 1 Building Blocks for Trusted Coordination (a status report from the TAPAS project) Santosh Shrivastava.

Trusted Coordination ADAPT Workshop, December 03 1 Building Blocks for Trusted Coordination (a status report from the TAPAS project) Santosh Shrivastava.
TRANSACTION AND INDUSTRY REVIEW CONFERENCE NIGERIAN POWER SECTOR REFORM: AN OVERVIEW OF TCN AGREEMENTS.

TRANSACTION AND INDUSTRY REVIEW CONFERENCE NIGERIAN POWER SECTOR REFORM: AN OVERVIEW OF TCN AGREEMENTS.
RISK MANAGEMENT FOR ENTERPRISES AND INDIVIDUALS Chapter 9 Fundamental Doctrines Affecting Insurance Contracts.

RISK MANAGEMENT FOR ENTERPRISES AND INDIVIDUALS Chapter 9 Fundamental Doctrines Affecting Insurance Contracts.
Pay As You Go – Associating Costs with Jini Leases By: Peer Hasselmeyer and Markus Schumacher Presented By: Nathan Balon.

Pay As You Go – Associating Costs with Jini Leases By: Peer Hasselmeyer and Markus Schumacher Presented By: Nathan Balon.
Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.

Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.

Similar presentations

Ads by Google