Abstract for Ted Goddard
|
|
|
Abstract for Ted Goddard
|
Transportable agents ultimately provide one of the most flexible software models, yet the instantiation of such systems is stalled by a vicious circle: administrators are reluctant to offer their machines as agent hosts due to security concerns and a lack of agent applications, while developers are reluctant to produce applications due to a lack of agent hosts. To break this circle, we must provide demonstrably secure agent host software together with an appealing development environment.
Our agent system, WebVector, is an attempt to address these concerns. Let us first consider security. Security must be provided on a number of fronts including host security, network security, and agent security. Host security is a familiar problem and is best handled by the operating system; in this way we provide each agent with read and write access to its own hierarchical filesystem. Now, if we consider that a remote agent is in many ways indistinguishable from any other process running on a remote machine and that agent migration is actually an act of communication, we see that agent security and network security can be met with the same mechanism. Our mechanism is to combine security with agent lookup, thereby bringing a degree of mutual consent to agent communication. This is accomplished by having each agent publish its communication interfaces as hyperlinks in files called "services.html". An agent must "look up" a remote interface before it can open a connection; thus, agents and processes can protect themselves from other agents simply by protecting their services.html files. We introduce simple prototype web protocols so that WebVector agents can freely use TCP and UDP sockets as long as that use conforms to the above security constraints. Other communication primitives (such as messages with forwarding) are built on top of TCP/UDP as before, possibly using special-purpose agents as intermediaries. We feel that this approach minimizes the developer's transitional stage and provides the greatest opportunity for performance-driven applications.
Future development with WebVector is aimed at security and applications. While communication based on mutual consent would seem to be a sufficient restriction, there is still the possibility of "denial of service" attacks against non-consenting parties by repeatedly asking them to consent to communication. When this is combined with agent migration and replication, such attacks become all the more serious. We wish to explore topology based security constraints to hopefully remove such threats while preserving the communication capabilities of legitimate applications.
The true benefit of an agent system is revealed only by "third-party" applications, but the developer of the system itself must still lead the way in order to justify the system's deployment. We are especially interested in building real-time applications, such as a conferencing tool that uses agents to mix and multicast audio and data streams in such a way that network and computational resources are used most effectively, or a network of agents that maintains and distributes the "state" of a collaborative virtual environment. As well, we will also experiment with more "traditional" agent applications, such as the use of agents in remote database queries and update notification.
For a copy of the paper presented at WETICE97, please see "WebVector: Agents with URLs" by T. Goddard and V.S. Sunderam http://vorlon.mathcs.emory.edu/goddard/webvector.ps