Agents Mobiles
Professeur : J-P.Sansonnet
Etudiant : QIAN.Zhiyu
DEA I3 - Université Paris-Sud
Février 25, 2002
2.Framework
of Mobile Agents System
3.Requirements for
Mobile Agents System
5.Applications
with Agents Mobiles
«
Mobile Agents » are programs that can move from host to host to fulfill a
task on behalf a user. To overcome the problem of heterogeneity, mobile agents
are mostly programmed in an interpreted language (typically written in a script
language) for which an interpreter is available for a wide range of computer
systems.
Application
areas for mobile agent technology include tasks as information retrieval, but
are also used in mobile computing, telecommunication applications, electronic
commerce, and other traditional areas of computer science. At present, one
special application area is the World Wide Web, which is still growing at an
exponential rate, and buzzwords like "Web centric computing" or
"Internet" promote traditional Internet technology everywhere. There
we have a widespread, well-accepted architecture, to which more and more
existing traditional data and data processing application (e.g., database,
newspaper, financial portfolio application) are adapted and integrated.
In this paper, we
will mainly introduce the theory of mobile agents and
their applications in the fields -Internet and hardware components.
2.Framework
of Mobile Agents System
2.1 Evolution of
Mobile Agents System
We have known that
Mobile agents are processes (i.e., executing programs) that can migrate from
one machine of a system to another machine (usually in the same system) in
order to satisfy requests made by their clients. They implement a computational
metaphor that is analogous to how most people conduct business in their daily
lives: visit a place, use a service, and then move on.
In fact, the development of mobile agents is in the incremental evolution of mobile
abstraction such as mobile code, mobile objects, mobile processes.
*Mobile Agent --
transfer code + data +
thread + authority of its owner
* Mobile Code -- transfer code
*Mobile Object -- transfer code + data
*Mobile Process -- transfer code + data
+ thread state
SERVER
2.2 Functions of Mobile agents
CLIENT SERVER CLIENT
Figure.1
Work of RPC Figure.2
Work of Mobile Agents
From the point of view of classical client-server
computing, which nowadays is the prevalent architectural model for distributed
systems, mobile agents can be seen as an extension or generalization of the
well-known remote procedure call (RPC) principal. But whereas in the RPC case
merely data is moved from the client to a procedure that already resides on the
server (and the client usually remains idle while the remote procedure is
executed), in an agent-based framework the client dispatches an agent which
travels to the server and performs its task there by interacting locally with
the server’s resources.) are able to emulate remote procedure calls, but more
importantly, they also allow for much more flexible and dynamic structures than
traditional systems based on the client-server paradigm. Compared to lower
level mechanisms such as RPC or simple message passing, the use of mobile
agents for distributed applications has several potential benefits:
– Asynchronous task execution:
While the agent acts on behalf of the client on a remote site, the client may
perform other tasks.
– More dynamics:
It is not necessary to install a specific procedure at a server beforehand and to
anticipate specific service request types; a client or a service provider may
send different types of agents (e.g., realizing new service handlers) to a
server without the need to reconfigure the server.
– Reduced communication
bandwidth: If vast amounts of server data have to be processed
(e.g., weather data) and if only a few relevant pieces of information have to
be filtered out, it is more economical to transfer the computation (i.e., the
agent) to the
data than to ship the data to the computation.
– Improved real time abilities:
Agents acting locally on a remote site may react faster to remote events than
if these events and reactions to them have to be communicated between the
remote machine and a central entity.
– Higher degree of robustness:
A dispatched agent may be instructed how to deal with potential problems such
as unavailable servers (e.g., go to alternate sources or retry at some later
time). Although mobility introduces new failure cases, in general fault
tolerance is promoted because a mobile agent has the potential to react
dynamically to adverse situations.
– Improved support of nomadic
computing and intermittently connected devices: Instead
of being online for a longer period, a mobile user may develop an agent request
while being disconnected, launch the agent during a brief connection session,
and receive back the agent with the result at some later time.
3.Requirements for Mobile Agents System
Mobile agents provide
a fresh, compelling way to organize the use of distributed resources on the
Internet. However, in practice they have seldom been used. Because there are
many technical challenges to implementing mobile agent systems. Most of these
problems are in the structure of the computational medium, the environment the
agents operate in. Servers must be designed; implemented, and deployed that not
only allow mobile agents to run, but allow them to run safely.
3.1 Portability
Mobile agent code
itself must be portable; when an agent arrives at a server the server needs to
be able to execute that agent. Commonly used computer languages such as C and
C++ are not very portable. Compiled C code only works on the machine it was
compiled for and the source form is notoriously unportable. Portability can be
achieved by running computer programs inside virtual machines interpreters, but
overhead has limited the use of interpreted languages. Most mobile agent
systems under development now rely at least in part on virtual machines to
standardize the execution environment.
3.2 Ubiquity
In order for mobile
agents to be successful they need access to many different computer resources.
Servers for agents must be commonplace; there needs to be a widely accepted
framework for executing mobile agents deployed on many machines across the Internet.
In practice the requirement of ubiquity means that the execution environment
needs to have market acceptability, be freely available, and be unencumbered by
restrictive intellectual property requirements.
3.3 Network
Communication
Mobile agents that live
in the network need to be written in a language that makes network access
simple. It must be easy to transfer objects across the network and to invoke
methods of remote objects. Traditional computer languages treat networking
structures as an afterthought, usually providing only a minimal socket library.
Languages better support network access that have typically not been widely
used. This situation is improving with the current development of
language-neutral distributed object frameworks such as CORBA and OLE.
3.4 Server Security
A major concern
specific to mobile agents is the protection of the servers running the agents.
Running arbitrary programs on a machine is dangerous: a hostile program could
destroy the hard drive, steal data, or do all sorts of other undesirable
things. This risk must be thoroughly addressed if mobile agent environments are
to succeed. Two types of security are possible to protect servers from
malfunctioning and hostile agents: physical and social.
Physical security
refers to building servers for agents in such a way that the agents cannot harm
the server. The ``laws of physics'' of the server execution environment can be
designed to make dangerous operations difficult or impossible. Common
approaches involve creating a ``sandbox'' for visiting agents, restricting
access to resources (preventing disk writes, for instance) and ensuring the
agent cannot escape those restrictions. This approach to security is
attractive; when it works, it is entirely effective. But the viability of
physical security in the face of design complexity and server implementation
bugs is unclear. In addition, physical security is typically focused on
protecting some underlying aspect of the server from the sandbox the agent is
trapped in. But if multiple agents are put in the same sandbox how can the
server guarantee that one agent cannot harm another? As we put more trust in
the computations that take place inside sandboxes, the security of those
sandboxes themselves becomes important.
A second approach to
server security is using social enforcement mechanisms to punish the creators
of harmful agents. If a server administrator can find out who is responsible
for a malicious agent, then that person can be held accountable via social
mechanisms (such as lawsuits). Digital signature technology makes identifying
the authors of agents possible. But there are limitations to a purely social
approach to security. It may not be clear which agent is responsible for
damage, nor will it be easy to determine ahead of time which agent authors are
trustable. In practice some combination of social and physical enforcement of
server security will be useful.
3.5 Agent Security
The complement of
server security is agent security: whether the agent can trust the server on which
it is executing. A mobile agent might contain secret information such as
proprietary data and algorithms. Worse, servers might have an incentive to
subvert the computation of a visiting agent. In the Internet-based DES cracking
effort currently under design a major concern is protecting the computation
from sites that pretend to do pieces of the problem but return false answers.
Physical security answers to this problem are difficult. Secure, trusted
hardware on the server could guarantee agent safety but is unlikely to be
widely deployed. Agent programmers can protect their agents by obfuscating
their code and verifying the results of the remotely performed computation but
the general applicability of these techniques are unknown. Social solutions may
be possible in the form of reputation systems for servers. This area of
security has largely been unexamined.
3.6 Resource
Accounting
If economic control
and incentive are going to be factors in net-wide resource use some mechanism
to account for the resources that an agent uses and a way for receiving payment
for those resources is necessary. In theory these requirements are not
difficult to meet. Servers can keep track of the resource usage of agents,
explicitly accounting CPU, memory, bandwidth and disk usage. Digital cash
systems can be used to pay for services. In practice, these technologies are
not widely deployed and the overhead they impose presents an engineering
challenge.
So, Mobile agents are
a viable paradigm for thinking about access to computational resources but in
order for mobile agents to succeed many technologies need to be put into place.
The shape of most of these pieces is fairly clear; however, the engineering and
social barriers to their deployment are formidable. With the growth of the
Internet there has been much interest in developing the necessary pieces.
From the requirements of systems, we can know the system is very
complex. Then as the best important role in the system—Agent, how can we define
its structure? Here, an
important design consideration is the use of a generic agent structure that
provides the
The
User Information component contains information pertaining to the user
(e.g. name, e-mail address, organizational affiliation, etc.).
flexibility to a diverse range of
client(applications). To facilitate agent portability between different
client(applications), a generic agent structure was developed based on Abstract
Syntax Notation One (ASN.1) principles. Refer to Figure 3 for an overview of
the generic mobile agent structure.
User Information
Agent Information The
Agent Information component contains information that relates specifically
to the software agent, such as the agent’s original departure time (from
the user's site) and the agent's home. address on the network. Document Library The
Document Library contains a collection of documents accumulated as the
agent travels from site
to site. The
Function Library component contains a collection of individual functions that
are referenced by the agent's scripts and may not be supported at the
network site. The
Site Journal component provides a structure for capturing general
information pertaining to the agent's execution status at each site. The
Script component contains the executable script that expresses the agent's
tasks.
Function Library
Site Journal
Script
5.Applications
with Mobile Agents
Compared to
traditional distributed computing schemes, mobile agents promise (at least in
many cases) to cope more efficiently and elegantly with a dynamic,
heterogeneous, and open environment which is characteristic for today’s
Internet. Hence, mobile agents can
be useful in many applications.
Certainly, electronic
commerce is one of the most attractive areas in that respect: a mobile
agent may act (on behalf of a user or owner) as a seller, buyer, or trader of
goods, services, and information. Accordingly, mobile agents may go on a
shopping tour in the Internet: they may locate the best or cheapest offerings
on WWW servers, and when equipped with a negotiation strategy, they may even do
business transactions on behalf of their owners.
Another
general application domain is searching for information in the Internet
or information retrieval in large remote databases when queries cannot be
anticipated: Agents may incorporate an implementation of a specific search
query (i.e., a retrieval procedure)
and thus allow for semantic information compression by
remote filtering of data. In particular, collecting information spread across
many sites and performing some kind of transactions when appropriate
information is encountered, is a useful application for mobile
agents.
Monitoring is
also a typical application domain: Agents can be sent out to wait for certain
events or certain kinds of information to become available and then react
appropriately (e.g., by buying shares on a stock market host). Similarly,
mobile agents may also be used for the automation of many tasks in network
configuration and management (e.g., for remote diagnosis). Agents may
install software on remote machines, or they may personalize remote devices and
services.
Other uses
of agent technology include workflow management systems and groupware
applications: Active documents that contain semantic routines to process
their content may be realized by agents which travel to appropriate places in
an organization. One last example of a potential application area is entertainment:
Mobile agents may enable distributed multi-user games, they may locate persons
with a similar interest, and they may represent a player on a game host.
But, do not
forget the domain of Robot. With the technology of mobile agent, we can
ameliorate the capacity of sense and reaction of “Machine”. Here, w can marry
the software agent to the hardware agent. This is the application in Autonomous
Machine. AgentWare uses neural networks to learn your choices and then
intelligently seek out other Web sites similar to ones that a user has already
visited. The agents that seek out these sites can be either created by users
with AgentWare or customized by the service provider to "push"
content onto the user's desktop. If you want to know more detail, please go to http://www.dlib.com/events/conferences/agents97/aa97.html.
In general,
mobile agents seem to be a promising technology for the emerging open
Internet-based service market. They are well-suited for the personalization of
services, and dynamic code installation by agents is an elegant means to extend
the functionality of existing devices and systems. Agent technology therefore
enables the rapid deployment of new and value-added services.
However, in order to become a widely accepted
technology in practice, some problems remain to be resolved. The most important
aspects are probably security concerns (protecting hosts from malicious agents,
but more crucially also protecting agents and
agent-based applications from malicious hosts) ; but
interoperability with other systems, coordination and communication aspects,
and the management of large societies of mobile agents also pose interesting
challenges.
Here, we will take a look at several academic research
projects explore the mobile agent paradigm, and several commercial systems have been introduced recently. Most of
these systems are based on Java for the programming of agents, but they largely
differ in their migration and security models and most importantly in the
support and services they provide for the agents.
6.1 In France
There are several projects concerning the mobile agents in INRIA. In the
project SIRAC (Systèmes Informatiques Répartis pour Applications
Coopératives). The object of Sirac is providing the services and the tools for the
development and execution of distribute applications. The researchers L.Ismail
and D.Hagimont working on this project want to use mobile agents to specialize
the server in the network. It is on JAVA. There is also another important
project: Construction de services distribués
: une approche à base d'agents mobiles. : It realizes an engineering approach for building distributed systems,
restricted to client-service applications. We propose a model for the
specification of complex distributed services which addresses remote procedure
call, remote evaluation and mobile agent interactions. This formalism permits
to analyze performance, security and dependability properties. These analyses
provide guidelines for using mobile agent technology in the considered
application domain. At same time, they are very interesting in creating a
mobile agent system on JAVA RMI.
It is
worth saying that the company ALCATEL has a business product for Internet Agent
Construction -- LiveAgent.
It is based on JAVA.
6.2 In
the world
Today, there many projects for research and
business products in the world. IBM
Alget, Telescript/Odyssey
(General Magic Inc.), Concordia(Mitsubishi),
Voyager(Object Space), MOA(OSF/OPENGROUP),
AgentTcl (Dartmouth College), Ara(University
de Kaiserslautern) , Tacoma(
University of Tromson and Cornell) , Mole(University of Stuttgart)….etc. In this section, we will survey
several famous agent systems. If you want to know more projects or products… Go!
* IBM
Alget:
It is a toolkit for develop the mobile agent system on JAVA
and developed by IBM Tokyo Research Laboratory.
In fact, it is an applet-like programming model for mobile agents (
Aglet=Agent+Applet).Aglets are Java objects
that can move from one host on the Internet to another. That is, an aglet that
executes on one host can suddenly halt execution, dispatch to a remote host,
and resume execution there. When the aglet moves, it brings along its program
code as well as its state (data). A build-in security mechanism makes it safe
to host untrusted aglets. I think that is the best toolkit on JAVA. But his
problems are in the weak portability and the
common issues in JAVA : (1)
inadequate support for resource control (2) no protected references-need for a
proxy object to shield access to public methods (3) No support for preservation
and resumption of execution.
*Telescript/Odyssey
(General Magic Inc.)
One language (Java is another language) designed and
implemented specifically for agent programming is General Magic’s Telescript. Telescript
contains many language constructs for creating, transmitting, and manipulating
agents. An executing agent can choose to
move itself to a new location with the go primitive,
and once there can access local resources. In turn, the recipient of an agent
can call procedures inside the agent. Telescriptis strongly object oriented,
and the entry points into an agent are its public methods. To provide security,
Telescript uses capabilities (called permits) and authentication.
Telescript code is executed within a virtual machine that checks for illegal
instructions and other violations. Within agents themselves, exception handling
allows recovery from various errors. Telescript also provides persistent
storage for agents, protecting them against loss in the event of a machine
crash. Telescript appears to fulfill all of the agent language requirements as
well as the desirable properties (however, we should note that remote resource
access in Telescript is not statically typed). Unfortunately, the
language is proprietary and no free implementations exist. These restrictions
have severely limited its use.
Concordia is a full-featured framework developed at Mitsubishi Electric
Information Technology Center America's (MEITCA)
Horizon Systems Laboratory. It
provides for the development and management of network-efficient mobile agent applications for
accessing information anytime, anywhere, and on both wire-based and wireless
device supporting Java. At the highest level, a Concordia system
consists of a Java Virtual Machine (JVM), a Concordia Server running on a machine
in a network, and a mobile agent
running in the system. A unique feature of Concordia's mobility
mechanism is that it also provides for the transmission of state information detailing
where the agent has been and what is has accomplished
as well as where it is going and what it still has to do.
Agent communication is either through asynchronous distributed
events or collaboration. Concordia's security model provides support for
two types of protection: protection of agents from being tampered with, and protection of server resources
from unauthorized access. The problems are: (1)lacks synchronous
communication and execution constraints (2) Only support JAVA (3) does not
support strong migration (4)coding is not easy.
*Mole(University of Stuttgart)
Mole is the first Mobile Agent
System that has been developed in the Java language. The first version
has been finished in 1995, and since then Mole has been
constantly improved. Mole provides a stable environment for the
development and usage of mobile agents in the area of
distributed applications. In Mole system, agent
model based on Agents and places. Each Agent's identifier is created at the
creating of each agent, which uniquely
identifies that agent globally. There are several
different types of communication among agents of Mole. There is service to agent interaction, which is very much
like a RPC type client/server communication. Second, mole has mobile agent communication among
them, which use a concept called session. Mole supports asynchronous
communication by an even driven model. Mole uses a `Sendbox' security model. In
this model, service agents are agents with access to system re-source, providing
controlled, secure abstractions of these resources inside the agent system. So Mole has a good security and allows
good communication among agents with the concept sessions. But its shortcomings
are similar like Concordia.
Agent TCL (later
renamed to D'Agents) is a mobile agent system created at Dartmouth College to address the weaknesses of existing mobile agent systems,
such as insufficient security mechanisms, support for only specific and complex
languages, difficult or nonexistent communication between agents, and
inadequate migration facilities. The architecture of Agent
TCL is based on the server model of Telescript and supports a modified version
of the Tool Command Language (TCL) as its high-level scripting language
implementation (support for Java and Scheme is being added in D'Agents
). Worthy of saying that security in Agent TCL
is provided in various capacities. To protect migrating agents and to provide
authentication, Agent TCL uses Pretty Good Privacy
(PGP) for its digital signatures and encryption . To protect resources,
a resource manager assigns each agent a set of access
permissions. So, when an agent tries to access
a resource, the request is sent to the resource manager that checks the agent's
access permissions with the resource. If the agent
does not have the proper permission, it is denied access to the resource. To prevent
agents from performing malicious acts, each interpreter is extended to include
a security module that prevents such acts. Agent
TCL has been used in both information-management and information retrieval
applications. The problems of TCL are: (1) lacks execution constraints (2) TCL
is inefficient 10000x slower than optimized C, not object-oriented, provides
no code modularization so difficult to write and debug large scripts, no
facilities for capturing the internal state of an
executing script.
*Ara(University
de Kaiserslautern)
Ara is a platform for the portable and secures execution of mobile agents in heterogeneous networks. Mobile agents in this
sense are programs with the ability to change their host machine during
execution while preserving their internal state. This enables them to handle interactions locally which
otherwise had to be performed remotely. Ara's specific aim in comparison
to similar platforms is to provide full mobile agent functionality while retaining as much as possible of established
programming models and languages. ARA can
run agents concurrently using a fast thread package. It can clone
themselves, duplicating their internal state. Its migration can be
routed over a wireless link .The core offers "service points"
for agent interaction. Agents can
checkpoint their internal state to disk for later restoration.
The problems are: (1)Lacks sufficient security mechanisms (e.g.
authentication, access permissions) (2) Need better error
handling for agents failing remotely (3) Only "CPU
time" and "memory" resources covered by allowances (4)
Mobile agents transmitted using TCP only.
Above all,
we know that creating an effective mobile agent system is not easy. The
requirements of system are very strict and miscellaneous. The systems concerned
in this paper are far away the perfect level. Almost all
the systems in this paper focused mainly on the environment provided by the system for agents, the mechanisms
for agent mobility, agent
communication, and language support. The use of mobile
agents appears to offer certain advantages for client-server computing
but as we've noted in the above systems, it also
raises some difficult issues
with respect to efficiency, flexibility and security. These issues have an
effect on an agent's ability of mobility.
Many important
issues such as how agents determine the available resources/services on a
machine it transferred to (i.e., resource discovery), mobile agent system-to-OS
interaction, the use of persistent storage (if any), and support for failure
(i.e., fault-tolerance) were either briefly discussed or missing completely. Mobile agents need more applications that
take advantage of the characteristics of mobile
agents since there is no single alternative to all of the functionality
supported by a mobile agent
framework. A potential application for mobile agents
would involve the use of the Internet and the many uses of the Internet.
Solutions to the security and virus
[1] Davide Chess, Colin Harrison, Aaron Kershenbaum “Mobil Agents: Are
they a good idea ” IBM Research Report 1995
[2] L.Ismail, D.Hagimont “Spécialisation de
serveurs par des agents mobiles” Project SIRAC
[3] D.Hagimont « Systèmes à agents mobiles » 1999
[4] B. Ford, A. Karmouch “An Architectural Model For Mobile
Agent-Based Multi-Media Applications” 1997
[5] Syed Adnan, John Datuin, Pavana Yalamanchili “A Survey of Mobile
Agent Systems” 2000
[6] Ichiro Satoch « A Mobile Agent-Based framework for Active
networks » 1999
[7] Stefan Funfrocken « How to Integrate Mobile Agents into Web
Servrs » 1998
[8] Marcelo G.Rubinstein, Otto Carlos M.B.Duarte
“Evaluating Tradeoffs of Mobile Agents in Network Management” 1999
[9] Frederick Knabe “An Overview
of Mobile Agent Programming”
[10] Stefan F¨unfrocken,
FriedemannMattern “Mobile Agents as an Architectural
Concept for Internet-based Distributed Applications”
[11] http://www.multiagent.com/
[13] http://www.cis.upenn.edu/~bcpierce/courses/629/papers.html#TOC