Presentation is loading. Please wait.

Presentation is loading. Please wait.

Naftaly Minsky Rutgers University Imposing Order Over Irregular & Open Systems.

Published byKristian Branden Ellis Modified over 8 years ago

Similar presentations

Presentation on theme: "Naftaly Minsky Rutgers University Imposing Order Over Irregular & Open Systems."— Presentation transcript:

1 Naftaly Minsky Rutgers University Imposing Order Over Irregular & Open Systems

2 2 N. Minsky, PUC-Rio-11/21/05 The Problem  irregular systems cannot be understood.  Thus, they cannot be built, and if built they cannot be managed, maintained or evolved.  Open systems, whose component are unknown, are not predictable.  This is strictly the case for many distributed systems—and it is effectively the case for almost all systems, if they are large enough  So, how does one deal with such systems?

3 3 N. Minsky, PUC-Rio-11/21/05 Two Inspiring Analogies  With Physics —the reason that the physical world is so comprehensible, and so predictable.  “the great success of physics is due to a restriction of its objectives: it only endeavors to explain the regularities in the behavior of objects---called the laws of nature. …[this] may have been the greatest discovery of physics so far.” Eugene P. Wigner, in Symmetries and Reflection  With Social governance— how societies function.  “Law is order---good law is good order.” Aristotle, in Politics Book 7.

4 4 N. Minsky, PUC-Rio-11/21/05 The “Law-Governed Systems” Approach  In the absence of natural laws of software, we can formulate artificial laws, like we do for societies.  But we will enforce these laws strictly, by preventing their violations, so they can be as dependable as laws of physics.  To be effective, such a mechanism should be simple, powerful, and scalable.

5 5 N. Minsky, PUC-Rio-11/21/05 The Genesis and Scope of this Work  For centralized systems: (LGA)  Minsky, "Law-Governed Systems", in the IEE Software Engineering Journal, 1990.  This work has been dormant, and is now being revived, via aspect-oriented programming (AOP)  For Distributed Systems: (LGI)  Minsky, "The Imposition of Protocols Over Open Distributed Systems", in IEEE Transactions on SE, 1991. The editor advised against the use of “law” in the title.  The combination of LGA+LGI is underway.

6 6 N. Minsky, PUC-Rio-11/21/05 Principles of LGI  Principle 1: The law should treat the actors regulated by it as black boxes, governing only their interaction; but it should be sensitive to the history of their interaction—making the law stateful.  Principle 2: Laws should be enforced, by preventing their violations; not by responding to them.

7 7 N. Minsky, PUC-Rio-11/21/05 Principle 3: LGI laws should be local.  Rationale :  Non-local laws are inherently ill-defined, and ambiguous— unless the entire interaction is serialized, via a central Reference monitor Example: a law that allows only agents of the same level to interact—while the level of agents might change. Question: What does “same level” mean?  Locality facilitate scalability, via decentralization.  Locality facilitates interoperability.  There is no loss of generality:  Universal conformance induces global properties.  Central control can be facilitated by local laws.

8 8 N. Minsky, PUC-Rio-11/21/05 Notable Characteristics of LGI  Expressive Power: domain, sensitivity & mandates  The domain: An LGI law can exercise control over three types of events: (a) events involved in the passage of messages (sent & arrived); (b) exception; and (c) the coming due of an obligation, (providing proactive capability).  The sensitivity: An LGI law can base its ruling regarding a given event, on: (a) the event itself, and (b) the history of interaction (which include roles).  Mandating power: ruling is not limited to permit/deny decisions; it can also mandate: (a) changes to the messages being sent, or its target; (b) the initiation of new messages; and, (c) updates of the state of an agent,

9 9 N. Minsky, PUC-Rio-11/21/05 Characteristics of LGI (2)  Communality: an entire community is governed by a single law.  Locality + Communality  Global properties  Selectively Decentralized Enforcement, which implies scalability.  Interoperability.

10 10 N. Minsky, PUC-Rio-11/21/05 Characteristics of LGI (3)  Supports multiple law-languages.  Two languages for now, based on Prolog and Java  Supports Asynchronous (message passing) and Synchronous (Java RMI) Interactions.  Conformance Hierarchy:  Laws can be organized into a hierarchy, in which every non-root law is guaranteed to conform to its parent.  Hot update of a law.

11 11 N. Minsky, PUC-Rio-11/21/05 The Nature of LGI Laws  Elements:  Regulated Events: e.g., sent, arrived, adopted—and few others.  Control-State: a law-defined function of the history of the interaction of each agent with others.  Primitive Operations, which can be mandated by the law, in its ruling.  The law: a function L : E × S → O ∗  Or, L(e,s)= [o1, ….ok]=ruling  This concept is meaningful, even if there is no enforcement

12 12 N. Minsky, PUC-Rio-11/21/05 Law Enforcement

13 13 N. Minsky, PUC-Rio-11/21/05 Centralized Enforcement of Communal Policies * The problems: potential congestion, and single point of failure m’ x u v y m ==> y m ==> x m Legend: P---Explicit statement of a policy. I---Policy interpreter S---the interaction state of the community P I S Reference monitor * Replication does not help, if S changes rapidly enough

14 14 N. Minsky, PUC-Rio-11/21/05 Decentralized Law-Enforcement under LGI L I S x u v y L I $9 L I SvSv L I $1 L I SuSu Move(2) Moved(2) m m ==> y m $7 $3 actor controller

15 15 N. Minsky, PUC-Rio-11/21/05 Logically decentralized, but physically centralized, Law-Enforcement x u v y L I SvSv L I SuSu L I $9 $7 L I $1 $3 Controller Pool

16 16 N. Minsky, PUC-Rio-11/21/05 Deployment of LGI via a Distributed TCB (DTCB) I I I I IIx y controller server m’ adopt(L, name) L m’’ adopt(L, name) L m ==> y

17 17 N. Minsky, PUC-Rio-11/21/05 On the basis for trust between members of a community  For a pair of interlocutors to trust each other to comply with the same law, one needs to ensure:  that the exchange of messages is mediated by correctly implemented controllers.  that interacting controllers operate under the same law L.  Such assurances are provided, basically, via certification of controllers, and the exchange of the hash of the law. xy L I CS x L I CS y m ==> y m’’ [m’,hash(L)] C x CxCx CyCy

18 18 N. Minsky, PUC-Rio-11/21/05 Conclusion  LGI as a low-level foundation for Governance.  It is simple, general, scalable, and very malleable.  the real work, looking forward, includes. Building higher level construct, such as your scene, or our secretary. Exploring various useful “regulative patterns”. Exploring various application domains. Updating LGI itself.

19 19 N. Minsky, PUC-Rio-11/21/05 Conclusion (cont.)  Some promising research avenues (with concerns for both security an software engineering): Dependability tools like CA-action (Randell and Romanowski). Application to self healing. Application to Web-Services The governance of enterprises, and of coalitions. System testing, monitoring, auditing. Self regulated evolution of laws. Finding proper balances between decentralized and centralized enforcement Providing special purpose law-languages.

20 Questions? Thank you

Download ppt "Naftaly Minsky Rutgers University Imposing Order Over Irregular & Open Systems."

Similar presentations

Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.

Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.
Database Systems: Design, Implementation, and Management Tenth Edition

Database Systems: Design, Implementation, and Management Tenth Edition
Sponsored by the U.S. Department of Defense © 2005 by Carnegie Mellon University 1 Pittsburgh, PA 15213-3890 Dennis Smith, David Carney and Ed Morris DEAS.

Sponsored by the U.S. Department of Defense © 2005 by Carnegie Mellon University 1 Pittsburgh, PA Dennis Smith, David Carney and Ed Morris DEAS.
1 Towards Decentralized and Secure Electronic Marketplace Yingying Chen, Naftaly Minsky, Constantin Serban, and Wenxuan Zhang Dept of Computer Science.

1 Towards Decentralized and Secure Electronic Marketplace Yingying Chen, Naftaly Minsky, Constantin Serban, and Wenxuan Zhang Dept of Computer Science.
Naftaly Minsky Rutgers University Law-Governed Multi-Agent Systems: From Anarchy to Order “Law is order, and good law is good order” Aristotle, Politics.

Naftaly Minsky Rutgers University Law-Governed Multi-Agent Systems: From Anarchy to Order “Law is order, and good law is good order” Aristotle, Politics.
Adding Organizations and Roles as Primitives to the JADE Framework NORMAS’08 Normative Multi Agent Systems, Matteo Baldoni 1, Valerio Genovese 1, Roberto.

Adding Organizations and Roles as Primitives to the JADE Framework NORMAS’08 Normative Multi Agent Systems, Matteo Baldoni 1, Valerio Genovese 1, Roberto.
Flexible Regulation of Virtual Enterprises Naftaly Minsky Rutgers University Joint work with Xuhui Ao.

Flexible Regulation of Virtual Enterprises Naftaly Minsky Rutgers University Joint work with Xuhui Ao.
A Dependable Auction System: Architecture and an Implementation Framework

A Dependable Auction System: Architecture and an Implementation Framework
Overview of Databases and Transaction Processing Chapter 1.

Overview of Databases and Transaction Processing Chapter 1.
Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.

Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.
Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Software Connectors Software Architecture Lecture 7.

Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Software Connectors Software Architecture Lecture 7.
Naftaly Minsky Rutgers University Law-Governed Interaction: a Decentralized Access-Control Mechanism.

Naftaly Minsky Rutgers University Law-Governed Interaction: a Decentralized Access-Control Mechanism.
Naftaly Minsky Rutgers University Preventing Theft By Keeping Good Company.

Naftaly Minsky Rutgers University Preventing Theft By Keeping Good Company.
1 Regulating the Synchronous Interaction of Web-Services Constantin Serban Department of Computer Science Rutgers University.

1 Regulating the Synchronous Interaction of Web-Services Constantin Serban Department of Computer Science Rutgers University.
Ensuring Non-Functional Properties. What Is an NFP?  A software system’s non-functional property (NFP) is a constraint on the manner in which the system.

Ensuring Non-Functional Properties. What Is an NFP?  A software system’s non-functional property (NFP) is a constraint on the manner in which the system.
Transaction Processing IS698 Min Song. 2 What is a Transaction?  When an event in the real world changes the state of the enterprise, a transaction is.

Transaction Processing IS698 Min Song. 2 What is a Transaction?  When an event in the real world changes the state of the enterprise, a transaction is.
EEC-681/781 Distributed Computing Systems Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC-681/781 Distributed Computing Systems Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Web Service Architecture Part I- Overview and Models (based on W3C Working Group Note Frank.

Web Service Architecture Part I- Overview and Models (based on W3C Working Group Note Frank.
1 Introduction Introduction to database systems Database Management Systems (DBMS) Type of Databases Database Design Database Design Considerations.

1 Introduction Introduction to database systems Database Management Systems (DBMS) Type of Databases Database Design Database Design Considerations.

Similar presentations

Ads by Google