移动Agent系统的服务动态部署研究

通过使用移动Agent,分布式应用可以像一组可移动的松耦合的组件那样执行它们的功能。因此可以做出模块化并且可扩展的设计。但是,目前的大多数移动Agent平台的扩展性并不好,平台配置之后往往就很难再改变。为此,在动态配置的支持下为移动Agent设计了一个基于组件的框架,使得组件可以在运行时被增加、移动和改动,为构建一个高适应性的移动Agent平台提供了可能。     

Mobile agent-enabled framework for structuring and building distributed systems on the internet

Mobile agent has shown its promise as a powerful means to complement and enhance existing technology in various application areas. In particular, existing work has demonstrated that MA can simplify the development and improve the performance of certain classes of distributed applications, especially for those running on a wide-area, heterogeneous, and dynamic networking environment like the Internet. In our previous work, we extended the application of MA to the design of distributed control functions, which require the maintenance of logical relationship among and/or coordination of proc- essing entities in a distributed system. A novel framework is presented for structuring and building distributed systems, which use cooperating mobile agents as an aid to carry out coordination and cooperation tasks in distributed systems. The framework has been used for designing various distributed control functions such as load balancing and mutual ex- clusion in our previous work. In this paper, we use the framework to propose a novel ap- proach to detecting deadlocks in distributed system by using mobile agents, which dem- onstrates the advantage of being adaptive and flexible of mobile agents. We first describe the MAEDD (Mobile Agent Enabled Deadlock Detection) scheme, in which mobile agents are dispatched to collect and analyze deadlock information distributed across the network sites and, based on the analysis, to detect and resolve deadlocks. Then the design of an adaptive hybrid algorithm derived from the framework is presented. The algorithm can dynamically adapt itself to the changes in system state by using different deadlock detec- tion strategies. The performance of the proposed algorithm has been evaluated using simulations. The results show that the algorithm can outperform existing algorithms that use a fixed deadlock detection strategy.     

Promoting the development of secure mobile agent applications

In this paper, we present a software architecture and a development environment for the implementation of applications based on secure mobile agents. Recent breakthroughs in mobile agent security have unblocked this technology, but there is still one important issue to overcome: the complexity of programming applications using these security solutions. Our proposal aims to facilitate and speed up the process of implementing cryptographic protocols, and to allow the reuse of these protocols for the development of secure mobile agents. As a result, the proposed architecture and development environment promote the use of mobile agent technology for the implementation of secure distributed applications.     

基于移动Agent的电子商务模型研究

在分析电子商务中应用移动代理技术的原因和优势的基础上,设计并实现了一个基于移动代理的电子商务系统模型。描述了一种用以设计和开发电子商务系统的移动Agent技术的概要性实现框架。在电子商务中采用Agent技术的目的主要是为了解决用户在使用电子商务中遇到的相关问题,并且以较低的代价增强商家为用户提供商品和服务。移动代理技术的引入将进一步增强电子商务的吸引力及其服务的能力,有效地解决目前电子商务发展中出现的诸多问题,如资源发现、交易协商,以及交易自动化等。     

Application Security Models for Mobile Agent Systems

Mobile agents are a distributed computing paradigm based on mobile autonomous programs. Mobile applications must balance security requirements with available security mechanisms in order to meet application level security goals. We introduce a trust framework to reason about application security requirements, trust expression, and agent protection mechanisms. We develop application security models that capture initial trust relationships and consider their use for mobile agent security.     

Reactive Mobility by Failure: When Fail Means Move

Mobile agent development is mainly supported by Java-based platforms and tools. However, the weak mobility model they use, the lack of adequate support for developing inference and reasoning mechanisms, added to the inherent complexity of building location-aware software, impose strong limitations for developing mobile intelligent agent systems. In this article we present MoviLog, a platform for building Prolog-based mobile agents with a strong mobility model. MoviLog is an extension of JavaLog, an integration of Java and Prolog, that allows us to take advantage of the best features of the programming paradigms they represent. MoviLog agents, called Brainlets, are able to migrate among different Web sites, either proactively or reactively, to use the available knowledge in order to find a solution. The major contribution of MoviLog is its Reactive Mobility by Failure (RMF) mechanism. RMF is a mechanism that acts when an agent needs a resource or service that is not available at the current executing site. RMF uses a distributed multi-agent system to transparently transport the executing agent to the site where the resource/service is available, thus reducing the development effort with respect to the traditional mobile agent approach, while maintaining its advantages.     

Mobile agents in wireless devices

The networks that connect handheld wireless devices such as cell phones and PDAs suffer from low bandwidth and a high incidence of network errors. By employing mobile agents, such devices could provide a reliable technology for message transport over wireless links. Mobile agents are inherently distributed software entities that reduce the load on the network when they move. Mobile agents can be employed in wireless handheld devices in two ways: An agent platform could be installed on the device, enabling mobile agents to run directly on it, or devices could access and use remote mobile agents running on wired networks. Each approach is viable and has its own advantages and domain-specific applications. Some high-end devices would benefit from running a mobile agent platform that lets agents run locally, but this would not be beneficial to others because of processing power and memory constraints or for security reasons.     

基于移动Agent和Web服务的分布式地理信息查找研究

提出并实现了一种基于移动Agent和Web服务进行分布式地理信息查找的系统框架。根据系统的查找策略移动Agent可以对分布于网络中的地理信息进行自主搜索,利用移动Agent和Web服务之间的交互可以允许多种类型的应用程序透明访问查找服务。     

Securing dynamic itineraries for mobile agent applications

In this paper we present a novel mechanism for the protection of dynamic itineraries for mobile agent applications. Itineraries that are decided as the agent goes are essential in complex applications based on mobile agents, but no approach has been presented until now to protect them. We have conceived a cryptographic scheme for shielding dynamic itineraries from tampering, impersonation and disclosure. By using trust strategically, our scheme provides a balanced trade-off between flexibility and security. Our protection scheme has been thought always bearing in mind a feasible implementation, and thus facilitates the development of applications that make use of it. An example application based on a real healthcare scenario is also presented to show its operation.     

移动环境下基于移动代理的应用框架设计

随着网络技术的发展和移动设备的普及，用户希望能随时随地对资源进行访问。但是，由于移动网络连接带宽低且移动单元本身资源贫乏，移动环境为分布应用开发提出了新的挑战。移动代理技术以其节省带宽、异步性等特征，为移动计算提供了良好的解决方案。本文首先讨论了移动代理系统的设计，然后提出一个基于移动代理的移动应用框架
架，最后给出了相应的应用实例。     

A Dynamic Shadow Approach to Fault-Tolerant Mobile Agents in an Autonomic Environment

Large-scale distributed applications such as online information retrieval and collaboration over computational elements demand an approach to self-managed computing systems with a minimum of human interference. However, large scales and full distribution often lead to poor system dependability and security, and increase the difficulty in managing and controlling redundancy for fault tolerance. In particular, fault tolerance schemes for mobile agents to survive agent server crash failures in an autonomie environment are complex since developers normally have no control over remote agent servers. Some solutions inject a replica into stable storage upon its arrival at an agent server. But in the event of an agent server crash the replica is unavailable until the agent server recovers. In this paper we present a failure model and an exception handling framework for mobile agent systems. An exception handling scheme is developed for mobile agents to survive agent server crash failures. A replica mobile agent operates at the agent server visited prior to its master's current location. If a master crashes its replica is available as a replacement. The proposed scheme is examined in comparison with a simple time-out scheme. Experimental evaluation is performed, and performance results show that the scheme leads to some overhead in the round trip time when fault tolerance measures are exercised. However the scheme offers the advantage that fault tolerance is provided during the mobile agent trip, i.e. in the event of an agent server crash all agent servers are not revisited.     

Mobile Agent-Based Performance Management for the Virtual Home Environment

Virtual Home Environment (VHE) encompasses the deployment and management of adaptable services that retain any personalized service aspects, irrespective of terminal, network' and geographic location. We assert that the dynamic nature of the VHE requires management capabilities that can be suitably provided through the use of mobile agent technology. We examine four different engineering solutions for the realization of a VHE performance management component that allows service adaptation in relation to the available network Quality-of-Service (QoS). The mobile agent approach is compared with competing technologies in order to identify the benefits of this novel application of mobile agents, discuss its drawbacks' and finally focus on the lessons learned from our prototype system. Although mobile agents are typically associated with increased performance costs, it is through agent migration that we were able to address the VHE requirements of universality, dynamic programmability, and network technology independence.     

Integrity protection for Code-on-Demand mobile agents in e-commerce

The mobile agent paradigm has been proposed as a promising solution to facilitate distributed computing over open and heterogeneous networks. Mobility, autonomy, and intelligence are identified as key features of mobile agent systems and enabling characteristics for the next-generation smart electronic commerce on the Internet. However, security-related issues, especially integrity protection in mobile agent technology, still hinder the widespread use of software agents: from the agent's perspective, mobile agent integrity should be protected against attacks from malicious hosts and other agents. In this paper, we present Code-on-Demand (CoD) mobile agents and a corresponding agent integrity protection scheme. Compared to the traditional assumption that mobile agents consist of invariant code parts, we propose the use of dynamically upgradeable agent code, in which new agent function modules can be added and redundant ones can be deleted at runtime. This approach will reduce the weight of agent programs, equip mobile agents with more flexibility, enhance code privacy and help the recoverability of agents after attack. In order to meet the security challenges for agent integrity protection, we propose agent code change authorization protocols and a double integrity verification scheme. Finally, we discuss the Java implementation of CoD mobile agents and integrity protection.     

基于移动代理、关键主机隐藏技术的IDS体系结构

本文介绍了一种安全灵活的入侵检测系统体系结构，通过运用关键主机隐藏技术，使关键主机对于主动探测，被动监听均不可见，提高了系统自身的安全性，同时，通过引入移动代理，限制入侵检测系统各部分之间的通信等机制，增强本体系结构对于拒绝服务攻击的抵抗力，系统通过使用智能移动代理在网络节点上收集处理信息，提高了入侵检检测系统的灵活性，减少了网络负载。     

MAP: Design and implementation of a mobile agents' platform

The recent development of telecommunication networks has contributed to the success of applications such as information retrieval and electronic commerce, as well as all the services that take advantage of communication in distributed systems. In this area, the emerging technology of mobile agents aroused considerable interest. Mobile agents are applications that can move through the network for carrying out a given task on behalf of the user. In this work we present a platform called MAP (Mobile Agents Platform) for the development and the management of mobile agents. The language used both for developing the platform and for carrying out the agents is Java. The platform gives the user all the basic tools needed for creating some applications based on the use of agents. It enables us to create, run, suspend, resume, deactivate, reactivate local agents, to stop their execution, to make them communicate each other and migrate.     

Algorithms for energy-driven agent placement in wireless embedded systems with memory constraints

The agent programming paradigm provides an easy to use framework for coding embedded applications in a pervasive environment. Under this model, applications are structured as mobile agents that can be flexibly installed on the available nodes of the system. Typically, such system nodes have limitations concerning battery and memory resources. The agent placement problem (APP) we consider in this paper, consists of deciding which agents should be placed at which nodes, in order to maximize the lifetime of the first node that runs out of battery. Since wireless communication has been identified in the past as a primary source of energy consumption, APP essentially involves bringing communicating agents close to each other, thus reducing communication costs. Nevertheless, this cannot always be done due to memory constraints. In fact as more and more agents are installed at the nodes finding free space at any node, let alone the desired one communication-wise, becomes hard. In this paper we tackle the problem of placing a newcomer agent in a stepwise fashion. First, enough memory space must be found or created at some node to place the agent. Second, the placement must be altered in order to make it energy efficient. We present algorithms that tackle each of the above steps separately as well as branch and bound methods for achieving both goals simultaneously. Our algorithms are centralized assuming a single entry point through which agents are injected into the system, with adequate knowledge of the system state and enough resources to run the proposed algorithms. The algorithms are evaluated under different simulated scenarios, and useful tradeoffs are identified.     

Mobile Agent在网络管理中应用

探讨了传统的基于SNMP协议的网络管理系统的不足，分析了集中式网络管理方法的局限性和比较了各种分布式网络管理技术优缺点后，提出了采用移动代理技术(Mobile Agent)来实现网络管理并描述了一种用于设计和开发网络管理系统的移动代理技术的概要性实现框架。文章表明在网络管理中采用移动代理技术可以很好地解决目前集中式网络管理中遇到的相关问题，能有效提高网络管理的可靠性和效率。     

A Reliable Communication Protocol for Multiregion Mobile Agent Environments

A mobile agent system is regarded as an attractive technology when developing distributed applications. However, mobility makes it more difficult to trace agents. It is also more complex for agents to communicate with each other in a reliable manner. Therefore, a reliable communication protocol is necessary to control and monitor mobile agents and deliver messages between them. In this paper, a new Reliable Communication Protocol (RCP) is proposed for a multiregion mobile agent computing environment. RCP is implemented on the ODDUGI mobile agent system. Analysis and evaluation show that RCP fulfills the following design goals: reliability, asynchrony, timeliness, location dependency, scalability, and communication cost.     

一个基于Java的Mobile Agent安全体系结构模型

与早期分布式计算的范例比较Mobile Agent变得日益流行,但是阻碍其广泛应用的主要原因是与移动代码相伴而来的安全问题.这就要求Mobile agent系统提供一种机制,来完成对服务器资源的访问控制以及保证通信的安全性,并对Mobile Agent自身的进行保护.文章提出了一个基于Java的安全体系结构模型,该模型通过创建资源代理来实现安全策略,为基于Java的Mobile Agent系统提供了一个统一的安全服务接口.     

Data Privacy in Tuple Space Based Mobile Agent Systems

More recently, distributed variants of tuple spaces have been proposed to exploit the Linda model for programming distributed applications over wide area networks, possibly exploiting code mobility. However, the flexibility of the shared tuple space model opens possible security holes; it basically provides no access protection to the shared data. In this paper we investigate some possible scenarios where mobile agents can benefit from our cryptographic tuple space based framework, CryptoKlava, and sketch how to possibly implement such agents in order to keep the privacy of items collected by the mobile agent during its itinerary. The functionalities of the framework are general enough to be applied to other Java frameworks using multiple distributed tuples spaces possibly dealing with code mobility.