1

SIF8072 Distributed Artificial Intelligence

andIntelligent Agents

http://www.idi.ntnu.no/~agent/

6 March 2003

Lecture 8: Mobile Agents

Lecturer: Sobah Abbas Petersen

Email: sap@idi.ntnu.no

2

Lecture Outline

1. What are mobile agents?

2. Remote Procedure Calls vs. mobile agents

3. Security

• Threats, security of host, security of agent

4. Typology of mobile agents

5. Implementation of mobile agents

• Telescript

• TCL/TK

3

References - Curriculum

• Wooldridge: ”Introduction to MAS”,

– Chapter 10, Section 10.4

• Not in curriculum:

– White, J. E., Mobile Agents, in Bradshaw, J. (ed.), Software

Agents, MIT Press, Cambridge, MA, 1997, p. 437-472.

– D. M. Chess, C. G. Harrison, A. Kershenbaum. Mobile Agents: Are

they a good idea? Research Report, IBM Research Division, T. J.

Watson Research Center, 1995, 21 pages.

4

What are Mobile Agents

• Agents that are capable of transmitting themselves – their programs

and their state – across a computer network, and recommencing

execution at a remote site.

• The program chooses when and where to migrate.

• It can suspend its execution at an arbitrary point, transport itself to

another machine and resume execution.

Moving programs while they run!

5

Current Approach - Remote Procedure Calls

ClientPC

ServiceServer

Network

•Enables one computer to call procedures in another.

•The two computers agree in advance upon a protocol:

•The effects of each remotely accessible procedure and the types of its arguments

and results.

•Each interaction entails two acts of communication - request & acknowledge

ongoing interaction requires ongoing communication!e.g.: From a file server, delete all files that are atleast two months old.

RPC: n files => 2(n+1) messages

6

New Approach -Remote Programming

• One computer not only calls procedures on another computer, but also provides the

procedures.

• Each message contains the procedure + its arguments.

• The two computers agree in advance upon a language:

– instructions and the types of data that are allowed.

• A user computer and a server can interact without using the network once the agent

is transported

ongoing interaction does not require ongoing communication!

Server

Client

PC

ServiceNetwork

AgentClient

Local procedure Call

7

Advantages of RP over RPC

• Tactical

– Performance - due to less message passing over the network.

– Less connection time - need network connection to transport the agent.

– Computer delegates a task to the agent.

• Strategic

– Customisation - agents let manufacturers of user s/w extend the functionalities of

the server s/w.

– In a RPC application, the server component needs to be statically installed by the

user. In RP, they are dynamically installed by the application itself - each is an

agent.

– New RPC-based applications - business decisions by the provider. New RP-based

applications - buying decision by the user.

– A public network becomes like a platform.

8

Why Mobile Agents

Mobile agent = procedure + its state.

• Efficient use of network resources.

• Low-bandwidth networks.

9

Basic Mobile Agent Environment

• A mobile agent environment is a software system which

is distributed over a network of heterogeneous computers.

• Its primary task is to provide an environment in which

mobile agents can execute.

• It implements the majority of models which appear in the

mobile agent definition.

10

What is security

”If I take a letter, lock it in a safe, hide the safe somewhere in New

York, then tell you to read the letter, that’s not security. That’s

obscurity. On the other hand, if I take the letter and lock it in a safe

and then give you the safe along with the design specifications of the

safe and a hundred identical safes with their combinations so that

you and the world’s best safecrackers can study the locking

mechanisms – and you still can’t open the safe and read the letter –

that’s security.”

11

Security Model

• General security requirements:

• Secrecy

• requires that the information in a computer system be

accessible for reading by authorised parties only.

• Integrity

• requires that the computer system assets can be modified by

authorised parties only.

• Availability

• requires that the computer system assets be available to

authorised parties.

12

Types of Threats 1

• Interruption: an asset of

the system is destroyed

(threat of availability).

• Interception:

unauthorised party gains

access to an asset (threat

of secrecy)

Informationsource

Informationdestination

Informationsource

Informationdestination

Informationsource

Informationdestination

13

Types of Threats 2

• Modification: unauthorised

party tampers with an asset

(threat of integrity)

• Fabrication: unauthorised

party inserts counterfeit

object into the system (threat

of integrity)

Informationsource

Informationdestination

Informationsource

Informationdestination

14

Assets in a Computer System

Security Aspect

Security violations

Software Availability a key threat, easy to delete software

Integrity computer virus and related attacks

Secrecy unauthorised copying

Data Availability destruction of data files

Integrity files are modified

Secrecy unauthorised reading

Communication lines and networks

Availability

Integrity &

active threats such as message stream modification, denial of service.

Secrecy passive threats such as release of

message contents, traffic analysis.

15

Design Principles for Security

• Least privilege – (need-to-know) only the smallest set of privileges

to complete the job; the access rights should be acquired by explicit

permission only.

• Economy of mechanism- security mechanisms should be as small as

possible; an integral part of the design.

• Acceptability - security mechanisms should not interfere unduly with

the work of the users.

• Complete mediation – every access must be checked against the

access control information.

• Open design – mechanisms can be reviewed by many experts, and

users must have high confidence in them.

16

Main Intruders

• Hackers

• Viruses

• Fraudulent users

• Incompetent users

• Technology by itself cannot solve the security

problem.

• Technology for security must be complemented by an

awareness of security issues and disciplined

application of techniques.

17

What does security do? 1

• Security systems attempt to get you reliable answers to the

following types of questions:

• Who is accessing our information system? (Identification)

• Can I be sure who made the request? (Verification)

• Can I be sure that this message has not been modified since it was

sent? (Integrity)

• Is this user entitled to make use of this resource? (Access control)

18

What does security do? 2

• Will this program cause damage or disruption? (Viruses)

• Can I safely send this message on a public network?

(Privacy)

• Can I be sure that this user will actually pay for the service

s/he is requesting? (Nonrepudiation)

• Can I be sure that this server will do what I want?

(reputation)

19

Security in Using Agents 1

• Some general issues in using agents:

• Delegation: you are delegating to the agent some of

your authority. This means that agents are doing things

that you cannot always see.

• Mobility: they may be doing it on the other side of the

planet. Or, an agent from the other side of the planet

may be doing it on your server.

20

Security in Using Agents 2

• Some general issues in using agents, contd.:

• Viruses: agents share many characteristics with

viruses. In creating an environment for agents, there is

the additional risk that we expose weaknesses that may

enable viruses to breed.

• Trust: humans have classified their co-workers into

those who are reliable and those who are not.

21

Mobile Agents and Viruses

• It’s impossible, in principle, to verify with complete certainty that an

arbitrary program is not a virus.

• In practice, the problem of writing a program that can verify the

correct behaviour of another program is unsolved.

• It’s difficult to define the necessary and sufficient tests that an agent

must pass in order to determine its intentions.

• Some precautions:

• Restriction of access to critical resources.

• Restriction on altering other programs.

22

Delegation

• The purpose of an agent is to perform some tasks that would otherwise

be performed by its user.

• The agent may need many, if not all, of the access rights of the user.

• In a security environment, this can be readily achieved by passing the

copy of the user’s certificate to the agent.

• In this regard, the agent is indistinguishable from any other applications

employed by the user.

• However, the certificates are valid for a finite period, defined by the

security administrators.

23

Security for Hosts 1• Limiting delegation:

• Give the agent and the user separate identities

• Secure co-processors: have a physically separate processor on which the

agent is run, execute the agent in a ”padded cell”

• Allow the agent to interact with the system environment only in a

language with limited expressiveness (e.g. ACL)

• Limiting resource consumption:

• Limit the amount of each resource that an agent is permitted to consume

• Limit the amount of e.g. money and processor time an agent can access

(e.g. Telescript)

24

Security for Hosts 2

• Unix-like access rights on hosts.

• Safe libraries for access to filestore, process space, etc.

• Some agent languages allow security properties of an

agent to be verified on receipt.

• Host must handle crashed programs cleanly – what do you

tell an owner when their agent crashes?

25

Security for Agents 1

• We need to protect mobile agents from malicious hosts

because:

• Agents have a right to privacy!

• We often do not want to send our programs, as to do so might

enable the recepient to determine its purpose, and hence our intent.

• The agent might be modified (sabotaged) in some way, without

the owner’s knowledge or approval.

26

Security for Agents 2

• Some possibilities for protection:

• Data integrity - an agent can be protected in transit by using

conventional encryption techniques, (e.g. PGP).

• In order to ensure that an agent is not tampered with, it is possible

to use digital watermarks.

• Origin authentication – certification.

• Access itenary control – restriction on visiting some

environments.

27

Proposed Advantages of Mobile Agents

• Efficiency – mobile agents consume less network resources

• Asynchronous autonomous interaction

• Interaction with real-time entities

• Support for heterogeneous environment

• Support for electronic commerce

• Convenient development paradigm

28

General Requirements to Mobile Agent Environments

• Expressiveness as a programming language

• Ability to execute remotely or to transport state

• Support for agent communication language

• Security support

• Management support

29

Typology of Mobile Agents 1

• Mobile agents can be divided into atleat 3 types:

1. Autonomous

2. On-demand

3. ”Active-mail” type

30

Typology 2Autonomous Mobile Agents

• Autonomous mobile means that the agents are able to

decide for themselves where to go, when and what to do

when they get there (subject to certain resource constraints,

e.g. how much emoney they can spend).

• Such agents are generally programmed in a special

language that provides a go instruction (e.g. Telescript).

31

• The idea here is that a host is only required to execute an agent when it

explicitly demands the agent.

• The best known example of such functionality is that provided by the

JAVA language, as embedded within HTML.

• A user with a JAVA-compatible browser can request HTML pages that

contain applets.

• These applets are downloaded along with all other images, text, forms,

etc. and once downloaded, are executed on the user’s machine.

Typology 3On-demand Mobility

32

Typology 4Active-mail Agents

• The idea here is to ”piggy-back” agent programs onto

mail.

• The best known example of this work is the mime

extension to email.

33

Mobile Agent Implementation

• Java

• Contains no mobile agents. It’s simply an enabling technology for

mobile agents. Most important are Remote Method Invocation and

Object Serialisation.

• e.g. Aglets

• Telescript

• Language-based environment for constructing MAS.

• Tcl/TK and other scripting languages

34

Telescript 1

• Telescript was a language-based environment for constructing mobile

agent systems.

• 2 key concepts: agents and places.

• Telescript Technology is focussed towards an electronic marketplace,

where agents are the providers and consumers of goods in the electronic

market place.

• Agents are mobile – they are able to move from one place to another, in

which case their program and state are encided and transmitted across

the network to another place, where execution recommences.

35

• Implements the concepts places, agents, travel, go,

meeting, connections, authorities and permits.

• The network is a collection of places. The

application consists of agents, each occupying a

place.

• Agents can travel from one place to another to

have a meeting with another agents.

Telescript 2 - Concepts

36

• Places: Shopping centre, with a Directory service, a ticket office and a

florist.

• Agents: Agents reside in Places and can move from one place to another.

e.g. The shopping agent can go to the florist.

• Travel: Lets an agent obtain a service offered remotely and return to its

starting place.

Shoppingagent

PCTickets

Shopping Centre

Network Directory Florist

Telescript 3 - Concepts

37

• Travel is achieved by executing go.

• Go requires a ticket - specifies the agent’s destination and the terms of

the trip.

• Meetings let agents in the same computer call one another’s procedures.

Telescript 4 - Concepts

Shoppingagent

PC

Shopping Centre

Network Directory Florist

meeting

go

Tickets

38

• Connections let two agents on different computers communicate.

• A connection requires a target - specifies the distance agent and the

terms of the connection.

• One agent or place can discern the authority of another.

Telescript 5 - Concepts

Shoppingagent

PC

Shopping Centre

Network Directory Florist

connection

Tickets

39

• Authority is associated with regions - verifies the authority when the

agent travels from one region to another.

• Permits grant capabilities. They let authorities limit what agents and

places can do. 2 kinds:

– Grant the right to execute a certain instruction. e.g. create another agent.

– Grant the right to use a certain resource in a certain amount - allowance.

Telescript 6 - Concepts

Shoppingagent

PCTickets

Shopping Centre

Network Directory Florist

authority

40

Tcl/TK and Scripting Languages 1

• TCL was primarily intended as a standard command language. But

every time a new application is developed, a new command language

must be as well. TCL provides the facilities to easily implement your

own command language.

• It provides facilities for making GUI features such as buttons, labels,

text and graphic windows.

• It provides powerful facilities for interprocess communication, via the

exchange of Tcl scripts.

41

Tcl/TK 2

• TCL is an interpreted language.

• It is extendable: it provides a core set of primitives

implemented in C/C++ and allows the user to build on

these, as required.

• It can be embedded – the interpreter itself is available as C+

+ code, which can be embedded in an application, and can

itself be extended.

42

Tcl/TK 2

• So, where does the idea of an agent come in?

• It’s easy to build operations where Tcl scripts are exchanged across a

network, and executed on remote machines.

• A key issue is safety. You don’t want to provide someone elses script

with the full access rights to your computer that an ordinary scripting

language provides.

• Safe TCL: provides mechanisms for limiting the access provided to a script.

• It was not intended as an agent programming environment.

43

Summary

• Efficient use of bandwidth!

• Main issue is that of security, both for the host and the

mobile agent.

• Mobile agents can be implemented in Java, agent

programming environment (e.g. Telescript) and some

scripting languages (e.g. Tcl/TK).

44

Next Lecture:

Agent Architectures

• Wooldridge: ”Introduction to MAS”,

– Chapters 4 and 5