This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
CoAX Technology ContributionsCoAX Technology ContributionsTTCP Meeting - Malvern - September 2000TTCP Meeting - Malvern - September 2000
AFRL Rome, AIAI, Boeing, Dartmouth, DERA Malvern, Lockheed AFRL Rome, AIAI, Boeing, Dartmouth, DERA Malvern, Lockheed Martin ATL, Michigan, MIT Sloan, Stanford, USC/ISI, UWF/IHMCMartin ATL, Michigan, MIT Sloan, Stanford, USC/ISI, UWF/IHMC
Support from BBN, GITI, ISX, MITRE, SchaferSupport from BBN, GITI, ISX, MITRE, Schafer
GITI - CoABS Grid InfrastructureGITI - CoABS Grid Infrastructure Boeing and UWF/IHMC- KAoS Domain ManagementBoeing and UWF/IHMC- KAoS Domain Management AIAI Process Panel - Task and Process ManagementAIAI Process Panel - Task and Process Management DERA Master Battle PlanningDERA Master Battle Planning LM ATL EMAA/CAST AODB - Restricted Data Base AccessLM ATL EMAA/CAST AODB - Restricted Data Base Access AFRL/BBN/GITI CAMPS - Air Logistics Support ToolAFRL/BBN/GITI CAMPS - Air Logistics Support Tool USC/ISI Ariadne - Open Information AccessUSC/ISI Ariadne - Open Information Access UWF/IHMC - NOMADS safe and secure mobile agentsUWF/IHMC - NOMADS safe and secure mobile agents Stand alone demonstrations at 9 months:Stand alone demonstrations at 9 months:
The CoABS/Infrastructure code provides a framework for integrating diverse agent-based systems, and provides additional common services.
The Grid allows agents to find services and other agents so that agent teams can be dynamically formed to solve context-based tasks.
The Grid is built using JiniTM technology. Direct agent communication is provided using message queues built on JAVA RMI. Grid Logging Markup Language based on XML.
An agent domain consists of one or more agents registered with a common Domain Manager which provides for
common administration and enforcement of domain-wide, platform-specific, and agent-specific policies.
CoAX /Tech Briefing - 7
Agent Domain Agent Domain Management in CoAXManagement in CoAX
Broadens typical distributed security concerns to include:Broadens typical distributed security concerns to include: Communication and access management: Who can Communication and access management: Who can
communicate with whom for what services?communicate with whom for what services? Registration management: Who can join the domain Registration management: Who can join the domain
under what circumstances?under what circumstances? Resource management: Who can have which kind and Resource management: Who can have which kind and
how much of a given computing resource?how much of a given computing resource? Mobility management: Who can move where under what Mobility management: Who can move where under what
circumstances?circumstances? Conversation management: What constraints govern Conversation management: What constraints govern
interaction between conversing agents? interaction between conversing agents? Obligation management: Who is not meeting Obligation management: Who is not meeting
commitments?commitments?Initial capability shown in six-month demoInitial capability slated for nine-month demoInitial capability slated for 2001-2002 demos
CoAX /Tech Briefing - 8
NativeMech
NativeMech
OtherOther
GuardGuard
Policy Management Framework
Policy Management Framework
PolicyAdminTool
PolicyAdminTool
Java VMJava VM
Guard
Aroma VMAroma VM
GuardGuard
ServletServletRMI KAoS
DomainManager
KAoSDomainManager
HTTP
Agent
Policy DirectoryPolicy Directory
Agent
Agent
Agent
AgentAgent
RMIJNDI
Guard is responsible for:1. Interpreting policy2. Enforcing with appropriate native mechanism
1. Ensures policy consistency at all levels2. Stores policy changes3. Notifies guards
Authorized user makes changes over the Web
Event-driven policy changes
CoAX /Tech Briefing - 9
KAoS Policy Admin Tool
CoAX /Tech Briefing - 10
AIAI I-X Process PanelAIAI I-X Process Panel Initially maintains an overview of the current status the Initially maintains an overview of the current status the
coalition C2 processes in accessible shared military coalition C2 processes in accessible shared military terms.terms.
Later adds the ability to monitor, plan and control the Later adds the ability to monitor, plan and control the coalition C2 processes.coalition C2 processes.
Can take on and address “issues” in the C2 process.Can take on and address “issues” in the C2 process. Links to and assists with domain management, Links to and assists with domain management,
authority, exception management and other Grid authority, exception management and other Grid management services.management services.
To be packaged as generic task and process To be packaged as generic task and process management facilities that can be made available to management facilities that can be made available to other Grid applications.other Grid applications.
Visual planning tool for air operations.Visual planning tool for air operations. Map-based graphical user interface - operator builds Map-based graphical user interface - operator builds
scenario and air missions using simple dialogs and “point scenario and air missions using simple dialogs and “point and click” techniques.and click” techniques.
Obtains data on targets and assets from other agents.Obtains data on targets and assets from other agents. Integrates air missions (e.g. air transport) and weather Integrates air missions (e.g. air transport) and weather
forecasts from other agents into the air visualisation.forecasts from other agents into the air visualisation. Informs AIAI’s Process Panel of current planning status.Informs AIAI’s Process Panel of current planning status.
Develops schedules for aircraft to pick up and deliver cargo within specified time windows.
Takes into account a large number of constraints (aircraft & port capabilities, crew availability, work schedule rules)
Can be tasked by other agents.Can be tasked by other agents. Domain-aware agent obtains scheduled air Domain-aware agent obtains scheduled air
transport flights and forwards them to Master transport flights and forwards them to Master Battle Planner for integration into the air Battle Planner for integration into the air visualisation.visualisation.
Provides access to AODB via XML formatted Grid Provides access to AODB via XML formatted Grid messages.messages.
Supports different kinds of queries: one shot, Supports different kinds of queries: one shot, update, and persistent.update, and persistent.
Will be evolving EMAA/CAST technology to create Will be evolving EMAA/CAST technology to create a deliverable generic Grid-aware core agent a deliverable generic Grid-aware core agent engine to other end users. This technology will be engine to other end users. This technology will be configurable and is intended to easily allow configurable and is intended to easily allow access to alternative sources.access to alternative sources.
1. Client sends the Query via a Grid Data Message.2. Agent Engine receives the Query on it’s Message Queue.3. Agent Engine processes the Query.4. Agent Engine creates a Controller Agent.5. Controller Agent spawns other agents to retrieve data from each of the JDBC sources.6. Controller Agent generates response message and sends it via the Grid to the Client.7. Client receives response for processing.
USC/ISI Open USC/ISI Open Information AccessInformation Access
Provide real-time access to Web data sourcesProvide real-time access to Web data sources Tools for learning wrappers to extract data for Tools for learning wrappers to extract data for
semi-structured sourcessemi-structured sources Agents learn the structure of data to support:Agents learn the structure of data to support:
Source verificationSource verificationautomatically detect when the source no longer automatically detect when the source no longer
provides correct data (possibly because the provides correct data (possibly because the source has changed)source has changed)
Source reinductionSource reinductionautomatically revise wrapper when site changeautomatically revise wrapper when site change
CoAX /Tech Briefing - 22
CoAX /Tech Briefing - 23
Resource Control and Resource Control and Security in NOMADSSecurity in NOMADS
Dynamic and fine-grained resource controlDynamic and fine-grained resource control NOMADS enforces security policies specified by the NOMADS enforces security policies specified by the
KAoS domain managerKAoS domain manager Security policies include limits on CPU, disk, and Security policies include limits on CPU, disk, and
NOMADS Guard constantly monitors the resource NOMADS Guard constantly monitors the resource consumption of the GAO agentconsumption of the GAO agent
When the guard detects a potential denial of service, When the guard detects a potential denial of service, the guard reduces the resource limits available to the the guard reduces the resource limits available to the GAO agentGAO agent
CoAX /Tech Briefing - 24
Resource Control and Resource Control and Security in NOMADSSecurity in NOMADS
Aroma VM
GAO
Java VM
DAO
Observers Domain
G
KPATDomainManager
CoAX /Tech Briefing - 25
Field Observations (Dartmouth)
• Team of soldiers
• PDA’s
• Ad-hoc wireless networking
• Soldiers make observations.
• Ground traffic
• Air traffic
• Personnel and equipment
• Buildings and other structures
• Observations are fed into battle-planning systems (e.g., MBP) through the CoABS Grid.
• In the demo, a team of CoAX soldiers will make observations to correct Gao mis-information.
CoAX /Tech Briefing - 26
Observations
Field Observations (Dartmouth)
ObservationAgent
D’Agents API
GridAPI
I see a tank!
ObservationViewer
MBP
(9-month demo - standalone)
(18-month demo - integrated)
Query/Response
Registration/Update Stream
CoAX /Tech Briefing - 27
MIT Robustness MIT Robustness ServiceService
The ChallengeThe Challenge Open systems (like coalitions) include unreliable Open systems (like coalitions) include unreliable
agents (bugs, malice) and infrastructuresagents (bugs, malice) and infrastructures The MIT Robustness ServiceThe MIT Robustness Service
Monitors agent ‘health’ via pollingMonitors agent ‘health’ via polling Tracks inter-agent commitmentsTracks inter-agent commitments Controls task cancellation, result caching & task re-Controls task cancellation, result caching & task re-
announcementannouncement Maintains reliability information (failure avoidance)Maintains reliability information (failure avoidance) Informs registry of hung agentsInforms registry of hung agents
Analyses the alternative plan spaces of coalition functional Analyses the alternative plan spaces of coalition functional teams that plan independently and act asynchronouslyteams that plan independently and act asynchronously
Works top-down with plans chosen by teams to predict Works top-down with plans chosen by teams to predict unintended interactions (resource contentions; friendly fire).unintended interactions (resource contentions; friendly fire).
Identifies candidate resolutions (timing or action Identifies candidate resolutions (timing or action constraints).constraints).
Notifies process panel of possible plan conflicts and Notifies process panel of possible plan conflicts and computed workarounds.computed workarounds.
Operationalizes/enforces coordination decisions selected.Operationalizes/enforces coordination decisions selected. Given more time, isolates and resolves conflicts more Given more time, isolates and resolves conflicts more
precisely and efficiently.precisely and efficiently. Allows planning and coordination decisions to be postponed Allows planning and coordination decisions to be postponed
until runtime conditions become better known.until runtime conditions become better known. Packaged as a Grid-aware component that can be Packaged as a Grid-aware component that can be
proactively executing and utilized by the AIAI Process Panel.proactively executing and utilized by the AIAI Process Panel.
Old versions and spare slidesOld versions and spare slides
CoAX /Tech Briefing - 32
Policy EnforcementProblems and Solutions
Problem: Enforcing policies on unmodified, potentially malicious agents Solution: Platform-based enforcement (e.g., Java 2 security) Problem: Permissions granted statically according to code source (can’t have different permissions for two agent instances from same code base)
Solution: Hack JAAS (Java Authentication and Authorization Service) to allow dynamic permissions and instance-level authentication and authorization
Problem: High-level agent security requirements do not always map to low-level built-in Java security mechanisms
Solution: Lock down permissions of untrusted (agent) code and force agent to use a trusted privileged-code wrapper under control of the guard (eventually to be packaged as domain-aware “grid helper”) to perform selected actions
Problem: Fine-grained resource allocation and control and revocation of permissions in the face of denial-of-service attacks
Solution: Run agent under Java-compatible Aroma VM allowing dynamic fine-grained resource rate and quantity control
Problem: “Obligation policies” cannot be enforced by preventing actions in advance but only by monitoring and after-the-fact sanctions
Solution: Sentinel-based policy enforcement (relevant work in this area by MIT)
CoAX /Tech Briefing - 33
Field Observations (Dartmouth)Field Observations (Dartmouth)
Coalitions formed in response to emergent needsCoalitions formed in response to emergent needs
Functional teams (firestorm, logistics, etc.) formed with Functional teams (firestorm, logistics, etc.) formed with participants from contributing partnersparticipants from contributing partners
Without prior history, functional teams can possibly act Without prior history, functional teams can possibly act redundantly, counterproductively, or even harmfully redundantly, counterproductively, or even harmfully (e.g., friendly fire)(e.g., friendly fire)
Problem: Supporting (through automation) the Problem: Supporting (through automation) the identification of potential interferences between identification of potential interferences between functional teams at appropriate level(s) of detail, and functional teams at appropriate level(s) of detail, and proposing mitigation strategiesproposing mitigation strategies
CoAX /Tech Briefing - 35
Coordination Decisions:• Logistics stays on ground• Combat waits for Logistics to use Epsilon before destroying
Michigan Coalition Michigan Coalition Coordination ExampleCoordination Example
Logistics: Deliver experimental weapon from Alpha to Foxtrot