Embed Size (px)
Citation preview
TNO TPD
Pipe Inspection
Electronic Intelligence (Police)
Multimedia RetrievalWash Disc
Railinspection
ASML Level Sensor
Smart Card Evaluation
Reference Model
• Open systems• Gatekeepers• Communities• Institutions• Ontologies• Norms
good
norms
bad
good
gate
gate
agent
agentagent
institutionMAS
MAS
institution
bad
goodbad
goodbad
good
good
bad
SCC
Open Systems
• Agents can move among distributed MAS
• Controlled access via gatekeepers– Negotiation about norms and reputation
• Mobile Agents– Malicious agents– Malicious hosts
• Trust• Reputation
Communities
• Trust as a result of reputation over time
• Peer2peer model (eBay)
• Problem: mafia communities
Institutions
• Trusted agents in a MAS society• Keep record of positive and
negative reports• Control communication (SCC)• May apply sanctions to malicious
agents• Is this legal?
Norms
• Restrict autonomy• On social and individual level
– Institutions– Deliberation, Communities
• Norms vs. Ontologies– prescriptive– descriptive
Privacy Protection in MAS
• Privacy principles (EU directive)• Agent taxonomy• Privacy ontology• Transfer rules• Interaction protocols
– Agent Practices Statement (APS, cf. P3P)
• www.pet-pisa.nl
Privacy PrinciplesV 1. Intention and Notification - The processing of personal data must be reported in
advance to the Data Protection Authority or a personal data protection official, unless processing has been exempted from notification.
V 2. Transparency - The person involved must be able to see who is processing his personal data and for what purpose.
V 3. Finality - Personal data may only be collected for specific, explicit and legitimate purposes and not further processed in a way incompatible with those purposes.
V 4. Legitimate ground for Processing - The processing of personal data must be based on a foundation referred to in national legislation, such as permission, agreement, legal obligation, justified interest and such like. For special data, such as health, stricter limits prevail.
V 5. Quality - The personal data must be as correct and as accurate as possible, sufficient, to the point and not excessive.
V 6. Data subject’s rights - The data subjects involved have the right to take cognisance of and to improve their data as well as the right to raise objections.
V 7. Security - Providing appropriate security for personal data held within IT-systems is one of the cornerstones of the DPD. Measures of technical and organisational nature suitable and proportional to the sensitivity of the personal data and the nature of possible risks have to be taken potential harm should the PII be misused or disclosed in an unauthorised matter.
V 8. Processing by a processor - If processing is outsourced to a processor, it must be ensured that he will observe the instructions of the person responsible.
V 9. Transfer of personal data outside the EU - In principle, the traffic of personal data to a country outside the EU is permitted only if that country offers adequate protection.
HTTPS / S
OA
P
SSL3
Sig
ned
XM
L o
ver Java RM
I
Signed XM L over J ava RMI
HTTPS / SOAP
FIPA Agent Platform
WebBrowser
WebBrowser
WebBrowser
WebBrowser
Ap
plic
atio
n S
erv
er
We
b S
erv
ice
sCertification Authority
(PK I)
Data Mining
RegistrationAuthority
Agent
PersonalAgents
TaskAgents
AdvisorAgents
MonitorAgent
Data Subject
Processor
Auditor
Controller
BusinessLogic
ServiceAgents
LogAgents
OnionRouting
1.6 2.5
1.3 1.42.3
2.3
2.3
2.3
2.1
2.1
2.1
2.1
1.1
1.2
2.22.4
2.5
1.5
PresentationLogic
LDAP public
directory
1 agent / platform
1 agent / user
multiple agents
PISA Architecture
Signed XM Lover J ava RM I
HTTP / HTTPS
PII
Privacy Ontology
Privacy-normative Behaviour
Agent
(from AgentTypes)
<<FIPA>>Agent
(from core)
<<JADE>>Behaviour
(from behaviours)
<<JADE>>
NonPrivacyAwareAgent
(from AgentTypes)
Ontology
(from onto)
AuthenticateBehaviour
RequestAPSBehaviour
(from PISABehaviours)
Privacy Ontology
PisaAgent
implementsuses
uses
uses
uses
uses
End.
