Presentation on theme: "1 Secure Dynamic Reconfiguration of Scalable Systems with Mobile Agents Fabio Kon, Binny Gill, Manish Anand, Roy Campbell, and M. Dennis Mickunas"— Presentation transcript:
1 Secure Dynamic Reconfiguration of Scalable Systems with Mobile Agents Fabio Kon, Binny Gill, Manish Anand, Roy Campbell, and M. Dennis Mickunas Department of Computer Science University of Illinois at Urbana-Champaign
2 Introduction Network-Centric Operating System: l Facilitate management in modern computing environments l Heterogeneity: embedded sys., PDAs, laptops, workstations l Dynamism: rapid software evolution, mobile users & computers l GOAL: l Facilitate management by building a middleware-level operating system on top of this heterogeneous world
3 2K Research l Automatic Configuration l based on component prerequisites l Dynamic Reconfiguration l based on component configurators l QoS-aware Resource Management l Security Service l User Environment Service l Data Management Service l Mobile Reconfiguration Agents
4 Motivation l Scope of Internet services is expanding: l e-commerce, banking, news, distance learning, medical applications, active spaces. l Basic requirements: l Scalability l Availability l Software evolution brings an additional requirement: l Dynamic Reconfiguration
5 Dynamic Reconfiguration l Dynamic Reconfiguration is required for 1. changing system parameters at runtime 2. replacing components at runtime: l fixing bugs l updating functionality l adaptation to changes in the environment l Challenge: integrate 3 conflicting requirements (scalability, availability, and dynamic reconfiguration) l Solution: mobile reconfiguration agents
6 Our Approach l 2K services and applications are built on top of the CORBA standard middleware. l But, traditional CORBA was not very flexible. l We created dynamicTAO, a reflective CORBA ORB that supports: l inspection of dynamic software architecture l dynamic reconfiguration of software architecture
7 dynamicTAO l reflective capabilities can be used to l reconfigure the ORB internals, l reconfigure applications that run on top of the ORB. l Our infrastructure for mobile reconfiguration agents is implemented inside dynamicTAO. l So, it is available to any 2K service and application.
8 The 2K Architecture
9 The dynamicTAO Framework
10 Mobile Agents l A mobile agent visits a collection of ORBs. l In each ORB along its path, it can l install new components on the disk, l dynamically link new components, l inspect the state and configuration of the ORB and the applications on top of it, l reconfigure ORBs and applications.
11 A Flexible Framework l Different NetworkBrokers support different agent flavors. For example: l simple, lightweight, script-based agents (carrying data and DCP commands only). l powerful, heavyweight, Java-based agents (carrying data, bytecode, and dynamic state, taking autonomous decisions). l Simple agents are suitable for PDAs, embedded systems.
12 Reconfiguration with Mobile Agents l SysAdmins use a GUI to build agents for l reconfiguration l inspection l GUI is used to 1. Build distribution graph 2. Select reconfiguration and inspection commands 3. Visualize results.
13 Security l SecureAgentBroker uses the GSS-API and supports Role-Based Access Control. l Agents are signed and transmitted via secure connections, using encryption. l RBAC is used in each ORB to decide which commands each agent is allowed to perform.
14 The SecureAgentBroker
15 Experimental Results l Testbed: l Three Ultra Sparcs, Solaris l Three 333MHz PCs, Linux l Three 300MHz PCs, Linux l 100Mbps Fast Ethernet (intra-domain) l Public Internet (inter-domain)
16 Mobile Agents vs. Conventional Client/Server
17 Point-to-Point vs. Distribution Tree
18 Uploading a New Component to 9 Nodes
19 Related Work l Our work was influenced by previous research on: l mobile agent infrastructures l dynamic reconfiguration of distributed systems l object-oriented frameworks l security l Our main contribution was to show how to combine all these results in an integrated architecture.
20 Future Work l Support for fault-tolerance: l fault-recovery when part of the reconfiguration process fails within a node l fault-recovery when the reconfiguration fails in part of the distributed system l New implementation of Java reconfiguration agents based on one of the existing infrastructures. l Deploying agents for reconfiguration of active spaces.
21 Conclusions l Mobile agents is an effective mechanism for reconfiguration of distributed systems, combining scalability and availability with dynamic reconfiguration. l A framework enabling different agent flavors is important for taking agents to devices with limited resources (e.g.PDAs).