Autonomic Computing Research Issues, Challenges and Opportunities - - PDF document

Autonomic Computing

Research Issues, Challenges and Opportunities

• S. Hariri and M. Parashar

AICCSA’03 Autonomic Computing Tutorial July, 2003

AICCSA'03 Autonomic Computing Tutorial, July 2003 2

Issues, Challenges and Opportunities

• Programming paradigms and development models

– Autonomic component/service definition and construction – Autonomic application development – Policies/constraints definition and representation

• Application construction, execution and management

– Dynamic (policy/rule-based) configuration, execution and

• ptimization

– Fault tolerance

• Autonomic Middleware Services

– Messaging Services – Discovery Services – Security Services – Management Services – …

AICCSA'03 Autonomic Computing Tutorial, July 2003 3

Software Composition Models

Component Model Component Model Composition Technology Composition Technology Component Integration Environment Component Integration Environment

AICCSA'03 Autonomic Computing Tutorial, July 2003 4

Component Model

• A distributed component-oriented model

– An architecture for defining autonomic components and their interactions – A technology for deploying and executing autonomic components – Services for component lifecycle control, (de)activation, security, persistence and events

AICCSA'03 Autonomic Computing Tutorial, July 2003 5

Autonomic Components/Services

• What is an autonomic component
• How to construct an autonomic component
• Runtime environment of autonomic components
• Examples of component based systems

AICCSA'03 Autonomic Computing Tutorial, July 2003 6

Defining an Autonomic Component

• An autonomic component is the fundamental atom of

autonomic applications and systems. It is a modular unit of composition with contractually specified interfaces, explicit context dependencies and mechanisms for self-management, responsible for providing its services, constraints (system resource requirements, performance requirements etc.), managing its own behavior in accordance with context, rules and policies, and interacting with other autonomic components.

AICCSA'03 Autonomic Computing Tutorial, July 2003 7

Autonomic Components

• Component

– Encapsulation – Information hiding – Modularity

• Autonomic Component

– self/context aware – self managing (configuring, adapting, optimizing, protecting, healing)

• autonomic components provides embedded mechanisms for self-

management based on local state and context information to meet behavior and performance requirements

– open

• comply with standards

AICCSA'03 Autonomic Computing Tutorial, July 2003 8

Constructing Autonomic Components

• Autonomic components export information and policies about their

behavior, resource requirements, performance, interactivity and adaptability to system and application dynamics

– functional aspects

• abstracts component functionality, such as order of interpolation (linear,

quadratic, etc.)

• used by the compositional engine to select appropriate components based
• n application requirements

– operational aspects

• abstracts a component's operational behavior, including computational

complexity, resource requirements, and performance (scalability)

• used by the configuration and runtime engines to optimize component

selection, mapping and adaptation

– control aspect

• describes the adaptability of the component and defines sensors/actuators

and policies for management, interaction and control.

AICCSA'03 Autonomic Computing Tutorial, July 2003 9

Constructing Autonomic Components

• Autonomic components encapsulate access policies, rules, a rule

agent, and an access agent

– enables components to consistently and securely configure, manage, adapt and optimize their execution based on rules and access policies. – rules/polices can be dynamically defined (and changed) in terms of the component's interfaces (based on access policies) and system and environmental parameters – rule execution may change the state, context and behavior of a component, and can generate events to trigger other rule agents – rule agent manages rule execution and resolves rule conflicts

AICCSA'03 Autonomic Computing Tutorial, July 2003 10

Self-Management Approaches

• Passive:

– Provide sensors for external accesses to collect component information – Provide actuators for external operations to control component behavior

• Active:

– Collect external (local) status information through self-observation or collective-observation. Collect internal status information through sensors – Corresponding actions are issued based on this information in accordance with defined rules/policies/constraints

• Proactive:

– Automatically adjust behavior in anticipation of future problems, needs or changes, based on history and/or predictive functions.

AICCSA'03 Autonomic Computing Tutorial, July 2003 11

Aspects Description

• Functional Aspect

– WSDL is an XML document that describes web services – SIDL is an IDL that describes the calling interfaces for a scientific library – Others:

• HTML (too generic & simple), Programming language (suitability

to description), Unstructured language (lack of semantics)

• Control Aspect

– similar to functional aspect

• Operational Aspect

– Describe resource and performance requirements - XML – Describe security policies - XACML – Describe rules - RuleML, ERML

AICCSA'03 Autonomic Computing Tutorial, July 2003 12

Autonomic Components - Issues

• Management Issues

– Naming and discovery, life cycle, failure recovery

• Communication/Interaction Issues

– Communication mechanism, messaging model

• Collaboration Issues

– Conflict resolution, load balancing, migration

AICCSA'03 Autonomic Computing Tutorial, July 2003 13

Autonomic Component Management

• Naming and discovery service

– Component registers itself to export its services, interfaces, aspects, sensors & actuators. Component can be discovered through keywords, name, or fuzzy matching.

• Lifecycle service

– During its lifetime, component should be available and

• consistent. Component can be terminated securely.

AICCSA'03 Autonomic Computing Tutorial, July 2003 14

Autonomic Component Communication

• Communication mechanisms

– RMI – Shared spaces – SOAP – RPC – …

• Messaging model

– Push or pull model – Publisher and subscriber model – …

• Synchronous / asynchronous communication

AICCSA'03 Autonomic Computing Tutorial, July 2003 15

Autonomic Component Collaboration

• Load balancing

– Component migration

• Conflict resolution

– Priority – Dynamical lock mechanism

• Failure recovery

– Hot-swapping – Checkpoint/Rollback mechanism

AICCSA'03 Autonomic Computing Tutorial, July 2003 16

Autonomic Components – Key Challenges

• Autonomic components formulation

– Models, formalisms, meta-data specifications,

• Lifecycle of an autonomic component

– Design & implementation, testing & verification, deployment, bootstrapping, setup, operation, updating, termination

• Lifecycle of autonomic component relationship

– Specify & register, locate, negotiate, provision, operate, terminate

AICCSA'03 Autonomic Computing Tutorial, July 2003 17

Examples of component based systems

• CCA (www.ccaforum.org)

– Components interact through provide/use ports – Provide language interoperability through SIDL – Framework provides the means to hold and compose components into applications, and also provides a set of standard services to components – Based on the CCM

• ABLE (IBM)

– Built on JavaBeans model, ABLE has component library of data access, machine learning, machine reasoning, and optimization algorithms packaged as JavaBeans (AbleBeans). – ABLE provides GUI for creating and configuring AbleBeans, and for constructing and testing the agents built from them. – ABLE also provides an agent platform for deploying agents across a distributed computing system.

AICCSA'03 Autonomic Computing Tutorial, July 2003 18

AICCSA'03 Autonomic Computing Tutorial, July 2003 19

Autonomic Applications

AICCSA'03 Autonomic Computing Tutorial, July 2003 20

Developing Autonomic Application - Issues

• Specification of the autonomic application

– Representing/specifying the abstract application

• Components discovery, selection, and composition

– Automatically search for and select appropriate components

• Application execution

– Adopting suitable execution model for composed application – Component communication, interaction and reconfiguration

• dynamic, opportunistic, ephemeral, p2p/hierarchical/c-s, …
• Application monitoring, control, behavior prediction

– Context information collection and analysis – Proactive system configuration

• Reliability, fault tolerance, availability

AICCSA'03 Autonomic Computing Tutorial, July 2003 21

Composition Technology

• Composition model

– Static composition: compositions defined at design time – Dynamic composition: compositions defined at runtime

• Composition description

– Petri nets – Workflow language

• WSFL, GSFL, GridFlow, etc.

Workflow Script

application Component Component

AICCSA'03 Autonomic Computing Tutorial, July 2003 22

Existing support

• Web Services Domain

– WSFL and WSDL (IBM): XML language for the description of Web Services compositions – BPML and WSCI: complementary XML languages designed to allow for complete definition of a business process mode – XLANG (Microsoft): provides an extension service element to WSDL that describes how the process will work as part of a business flow. – JSFL: XML based notation for describing composite jobs made up of interacting services – ebXML: essentially has a specification to handle every aspect

• f the electronic-business transaction, from describing simple

service endpoint definition, to describing the entire Business Process Workflow for the transaction – BPMN: provides a graphical notation for expressing business processes in a Business Process Diagram (BPD)

AICCSA'03 Autonomic Computing Tutorial, July 2003 23

Existing support, contd.

• Grid Services Domain

– GSFL and GSDL: XML-based language that allows the specification of workflow descriptions for Grid services in the OGSA framework. – XCAT Application Factories: address workflow issues for Grid-based components within the CCA framework, allowing components to be connected to each other dynamically

AICCSA'03 Autonomic Computing Tutorial, July 2003 24

Existing support, contd.

• WSCL

– A conversation language framework under development by the Hewlett- Packard Company, for modeling the sequencing of the interactions or

• perations of one interface
• DAGMan

– meta-scheduler for Condor that manages dependencies between jobs

• Chimera Virtual Data System (GriPhyN)

– it considers compositions as graphs of services.

• Associative broadcast based Coordination model

– Integrated the coordination with composition – Associative broadcast is used to target messages to processes in specific states, which are in turn used to form composition.

AICCSA'03 Autonomic Computing Tutorial, July 2003 25

Existing support, contd.

• DySCo

– enables dynamic service composition and is based on the idea of functional incompleteness and multi-party orchestration

• SWORD

– uses a rule-based expert system to find composition plans and each service is represented as a logical rule that expresses the inputs and

• utputs associated with it.
• Symphony

– Java based composition and manipulation framework based on the Sun JavaBeans component architecture

AICCSA'03 Autonomic Computing Tutorial, July 2003 26

Autonomic Application Composition

• Dynamically and opportunistically composed from

autonomic components

– ad hoc, negotiated, …

• Composition based on policies/rules/constraints

defined by system and/or application

• Composition will be aware of available resources,

components and their current states and capability

AICCSA'03 Autonomic Computing Tutorial, July 2003 27

Dynamic Rule-based Composition

• Motivation:

– Autonomic applications dynamically change based on the state of the system – Runtime access to and modifications of components and application – Composition described by scripts or programs limit the level of flexibility – Rules defined by system/user enable automatically adaptive composition

Workflow Script

application Component Component Rules

AICCSA'03 Autonomic Computing Tutorial, July 2003 28

Dynamic Rule-based Composition

• Challenges:

– How to specify the changes in the objective to create dynamic composition – How to guarantee consistency of environment after submitting change

• Deadlock detection/ prevention
• Serious errors tolerance,such as no termination

– How to define and deploy the rules to satisfy the application requirement and optimize performance

AICCSA'03 Autonomic Computing Tutorial, July 2003 29

Component Integration Environment

• Component selection
• Component communication
• Runtime rule/policy/constraint

definition and deployment

• Adaptive rule/policy/constraint

modification and execution

• Firing of rules causes

components/application to adapt,

• ptimize, interact and compose
• Proactive system management

based on automatically generated rules and constraints

Components

Rules

Application AICCSA'03 Autonomic Computing Tutorial, July 2003 30

Fault Tolerance and Autonomic Computing

AICCSA'03 Autonomic Computing Tutorial, July 2003 31

Fault Tolerance in Autonomic Computing

• Autonomic Fault Detection

– Automatic determine that a fault occurred

• Autonomic Fault Diagnosis

– Automatic analysis the cause of fault

• Autonomic Fault Containment

– Prevent the propagation of fault

• Autonomic Fault Masking

– Ignore the service from failed component

• Autonomic Fault Compensation

– Compensate the service provided by the failed component

• Autonomic Fault Repair

– Remove the fault from system

AICCSA'03 Autonomic Computing Tutorial, July 2003 32

Fault Classes

• Locality

– Atomic Component Faults – Composite Component Faults – System Level Faults – External Faults

• Effects

– Value Faults – Timing Faults

• Immediate Cause

– Resource depletion faults – Logic faults – Physical faults

• Ultimate Cause

– Specification fault

AICCSA'03 Autonomic Computing Tutorial, July 2003 33

Fault Tolerance: Challenge

• Heterogeneous network

– Every computing domain is autonomic

• Huge amount of information

– Boundary-less information system

• Computing units are highly distributed

– Non Centralized management

• Detection/notification of abnormity is hard

– Dynamic change in network topology

• Need for reliable fault tolerance communication facility

AICCSA'03 Autonomic Computing Tutorial, July 2003 34

Example Approach: Consensus Among Neighbors

• Form a group with at least three providers
• Within a group, healthy members recognize crazy one

– e.g. by consensus

• Healthy members make up a new group

– excluding faulty member and invite a healthy provider

• No need of inquiry or notification
• Can take the advantage of design diversity
• Heavy communication overhead

Yoshihiro TOHMA, Tokyo Denki University

AICCSA'03 Autonomic Computing Tutorial, July 2003 35

Example Approach :Consensus among Neighbors

×

Neighbor Neighbor User User New neighbor

Yoshihiro TOHMA, Tokyo Denki University

AICCSA'03 Autonomic Computing Tutorial, July 2003 36

Autonomic Middleware Services

• Messaging
• Discovery
• Security
• …

AICCSA'03 Autonomic Computing Tutorial, July 2003 37

Messaging for Autonomic Computing

• The Messaging is responsible for

– Transporting messages to/from endpoints, with or without guarantees – Defining the format of messages – Filtering and/or aggregating

• Messaging architectures are of two types

– Publisher/Subscriber systems

• e.g. SIENA, GRYPHON, LeSubscribe

– Point to Point systems

• e.g. Email, RPC
• Existing Messaging Frameworks include

– ICENI, Xevents/Xmessages, Pawn, NaradaBrokering, Java Message Service, IBM MQSeries

AICCSA'03 Autonomic Computing Tutorial, July 2003 38

Messaging Semantics

• PUSH

– Information is “pushed” to an interested node as soon as it is available

• PULL

– Interested nodes query an information provider for the presence of data

• REQUEST/RESPONSE

– Nodes query an information provider and wait for a response

• TRANSACTION

– A Request/Response with certain associated guarantees

• FILTERED MULTICAST

– Data is sent through filters to a group of interested nodes

AICCSA'03 Autonomic Computing Tutorial, July 2003 39

Message Distribution

• How to distribute messages to interested nodes ?

– Multicast – Flooding/Broadcast – Overlay Network Routing

• CHORD, CAN, TAPESTRY, SQUID

– Filtered Propagation

• How to guarantee that all subscribers to an information

source have received a message ?

– No guarantees (Datagram Packets, UDP) – Per message acknowledgement – Aggregate acknowledgement (every x messages)

AICCSA'03 Autonomic Computing Tutorial, July 2003 40

Messaging: SIENA

• Publisher/subscriber

system

• Uses notification and

subscription models to distribute information

• Uses filters and

aggregating access points to provide scalability

• Content-based

networking

Source http://www.cs.colorado.edu/serl/siena/ AICCSA'03 Autonomic Computing Tutorial, July 2003 41

Messaging: Gryphon

• Publish/subscribe middleware aimed at

distributing large volumes of data in real time.

• Features

– topic based and content based publish/subscribe – publish/subscribe system deployed on a public network cannot depend on homogenous router technology.

• Use of tcp/ip or http.

– Scale support to application growth. – Provide security and privacy features to a degree not mandated over private secured networks.

• Client authentication, access controls and

encryption/integrity of messages

• Implementation

– Java Message Services (JMS) API. – Patented Matching Engine provides high speed content filtering.

Topic based publish/subscribe system does not scale with application growth. Content based publish/subscribe system scales with application growth.

AICCSA'03 Autonomic Computing Tutorial, July 2003 42

Messaging: Gryphon

• Scalability

– Brokers may be added into the network to provide support for additional clients.

• Availability:

– Responds to the failure of one broker in a network by rerouting traffic around the failed

• broker. Reconfiguration is

automatic and requires no intervention by an administrator.

• Security:

– Supports access controls for limiting who may publish and subscribe to portions of the information space. – Supports SSL

Source http://www.research.ibm.com/gryphon /Gryphon/Gryphon-Overview.pdf

AICCSA'03 Autonomic Computing Tutorial, July 2003 43

Messaging: Le Subscribe

• A flexible LDAP-like publication model
• Subscriptions are conjunctions of predicates

– Supports usual predicates plus is-kind-of and contains predicates

• Scalable and efficient matching supporting high rate of

events with a large number of subscriptions

• Fast reactiveness

– Updates of the publication schema or current subscription set are immediately taken into account by the system.

Source: http://www-caravel.inria.fr/LeSubscribe/ AICCSA'03 Autonomic Computing Tutorial, July 2003 44

Messaging Frameworks: ICENI

• A component framework that separates the concerns of

component interface, behavior and implementation into well defined XML schemas while enabling visualization and computational steering

• A federating Grid middleware built from Java and Jini that

enables an organization resources to be exposed as services with well-defined usage and access control polices

• e-Science portals that utilize the component meta-data and

services within ICENI to simplify access to Grid resources and applications

• Interoperability of the services and meta-data within ICENI to
• ther service oriented architectures - such as the Open Grid

Services Architecture (OGSA)

• The development of higher-level services, such as application

mappers and resource brokers

AICCSA'03 Autonomic Computing Tutorial, July 2003 45

Messaging Frameworks: ICENI

AICCSA'03 Autonomic Computing Tutorial, July 2003 46

Messaging Frameworks: NaradaBrokering

• Event brokering system designed to run on a large

network of cooperating broker nodes

• Based on the distributed publish/subscribe paradigm

and also supports the flexibility of centralized interactions as well as peer-to-peer (P2P) interactions

• ver the edge
• JMS and JXTA compliant
• Support for raw RTP clients

AICCSA'03 Autonomic Computing Tutorial, July 2003 47

Messaging: PAWN

• Publisher/Subscriber system supporting content-based

networking

• Builds on Project JXTA
• Extends JXTA to provide distributed object controls

– Serialization of Computational Object to XML – Remote Method Invocations (PawnRPC)

• Provides high-level messaging semantics for P2P

applications on the Grid

AICCSA'03 Autonomic Computing Tutorial, July 2003 48

Messaging: SOAP

• Simple Object Access Protocol Version 1.2

– Lightweight protocol intended for exchanging structured information in a decentralized, distributed environment – Uses XML technologies to define an extensible messaging framework providing a message construct that can be exchanged

• ver a variety of underlying protocols

– The framework has been designed to be independent of any particular programming model and other implementation specific semantics – simple and extensible

• However, it does not provide

– "reliability", "security", "correlation", "routing", and "Message Exchange Patterns"

AICCSA'03 Autonomic Computing Tutorial, July 2003 49

Issues: Messaging: Elections

• Several peers may offer a similar service

– Which one should be elected ?

Distribute peer profiles to peers offering services for comparison and election of relevant algorithm Coordinate messages Distributed election algorithm Compare states between different service providers locally and come to a common decision for the definite elected peer Middleware System Application AICCSA'03 Autonomic Computing Tutorial, July 2003 50

Issues: Messaging: Consensus

• Several peers may have a result for a similar

computation

– Which result should be considered final ? – How to eliminate the potential differences between the results ?

Route messages to services computing similar results Receive output from other applications Establish differences between results Middleware System Application AICCSA'03 Autonomic Computing Tutorial, July 2003 51

Issues: Messaging: Mutual Exclusion

• When several peers require access to a resource

– How to guarantee that the resource does not get accessed by several peers concurrently ?

Distribute resource information to interested peers Notify peers that request access that the resource is currently locked and notify resource that other peers request access Lock access to critical resource or critical region Middleware System Application

AICCSA'03 Autonomic Computing Tutorial, July 2003 52

Other Issues

• Selection

– Several peers may offer a similar service - Which one should be elected ?

• Consensus

– Several peers may have a result for a similar computation - Which result should be considered final ? – How to eliminate the potential differences between the results ?

• Mutual Exclusion

– When several peers require access to a resource – How to guarantee that the resource does not get accessed by several peers concurrently ?

AICCSA'03 Autonomic Computing Tutorial, July 2003 53

Opportunistic Interactions

• Interactions based on local goals and objectives

– local goals and objectives are defined as constraints to be satisfied – constraints can updated and new constraints can defined at any time

• Dynamic and ad-hoc

– interactions use “semantic messaging” based on proximity, privileges, capabilities, context, interests, offerings, etc.

• Opportunistic

– constraints are long-term and satisfied opportunistically (may not be satisfied)

• Probabilistic guarantees and soft state

– no explicit synchronization – interaction semantics are achieved using feedback and consensus building

AICCSA'03 Autonomic Computing Tutorial, July 2003 54

Opportunistic Interactions

1 2 3 n

4

Constraint Engine

Sensor State Constraints Received Profiles Publish Profiles Context Environment factors

Network Communication Semantic Messaging Ontology & Taxonomy Semantic P2P Middleware

AICCSA'03 Autonomic Computing Tutorial, July 2003 55

Discovery Mechanisms

• Centralized: based on client-server model

– Centralized directories, they may synchronize periodically – Example: Universal Description, Discovery and Integration of Web Services (UDDI)

• Peer-to-Peer Systems

– Unstructured (Gnutella-like):

• Unstructured overlay network, use flooding
• Pro: overlay easy to maintain, supports complex queries
• Cons: no search or cost guarantees

AICCSA'03 Autonomic Computing Tutorial, July 2003 56

Discovery Mechanisms (contd.)

• Peer-to-Peer Systems

– Hybrid (Napster):

• Unstructured overlay network, use centralized directories for search
• Pro: can support complex queries
• Cons: not scalable

– Data-lookup (CAN, Chord, Pastry, etc)

• Structured overlay, Internet-scale DHT
• Pro: efficient lookup with guarantees
• Cons: complex queries not supported

– Structured keyword search:

• Structured overlay, extend data-lookup protocols
• Examples:

– Distributed Inverted Indexes – Space Filling Curves

AICCSA'03 Autonomic Computing Tutorial, July 2003 57

Discovery: Data Lookup Systems

• CHORD

– Uses consistent hashing to map data onto an identifier ring

• Content-Addressable Network (CAN)

– Maps data on a d-dimensional Cartesian space

• PASTRY

– Uses Plaxton’s algorithm to perform classless routing in the overlay network

• SQUID

– Maps documents in a d-dimensional space – Uses Space Filling Curves to store values onto available nodes

• Locality preserving
• Causality preserving

AICCSA'03 Autonomic Computing Tutorial, July 2003 58

Distributed Indexing

• Properties

– Parameter – Logical Path Length – Neighbor-state – Routing Overhead (RDP) – Messages to insert – Mutability – Load-balancing

Tapestry Chord CAN Pastry LogbN Log2N O(d*N1/d) O(d) Base b bLogbN O(1) O(1) O(1) ? O(1)? App-dep. App-dep Immut. ??? Good LogbN Log2N None Dimen d Base b bLogbN+O(b) O(Log2

2N) O(d*N1/d)

Good Good Good O(Logb

2N)

O(LogbN) Designed as P2P Indices

AICCSA'03 Autonomic Computing Tutorial, July 2003 59

Security Issues in Autonomic Computing

• Security Objectives

– Confidentiality: Prevention of unauthorized disclosure of information – Integrity: Prevention of unauthorized modification of information – Availability: Prevention of unauthorized withholding of information or resources

• Security Issues

– Authentication – Authorization, Access Control – Intrusion Detection – Security Policy Definition and Reasoning – Resistant to Fraud and Persuasion – Privacy – Misc. Digital Signature, Non-repudiation

• Crucial for e-commerce applications

AICCSA'03 Autonomic Computing Tutorial, July 2003 60

Authentication

• Authenticate an entity (service/component/user) in the

system

– Password, Private Key (Kerberos)

• Trust between autonomic entities

– PGP, X.509 PKI

• Key management

– Key distribution, Key negotiation protocol

• Delegation

– One entity delegate privilege to another entity.

AICCSA'03 Autonomic Computing Tutorial, July 2003 61

Authorization, Access Control

• Environment is heterogeneous and dynamic
• Large numbers of distributed entities

– Centralized authorization is not sufficient

• Global name space has constraints.
• Access control should be context aware

– DAC, MAC, RBAC

• Fine grained access control mechanism

– Dynamic Role Based Access Control

AICCSA'03 Autonomic Computing Tutorial, July 2003 62

DRBAC Model

AICCSA'03 Autonomic Computing Tutorial, July 2003 63

Access Control Engine Architecture

AICCSA'03 Autonomic Computing Tutorial, July 2003 64

Intrusion Detection

• Autonomic detection, without human intervention
• Proactively notify the vulnerability of the system
• Restore the compromised component automatically
• Provide security analysis service at the entity to make

distributed intrusion detection feasible

• Will be a challenge without help of human
• IBM’s approach - BlueBox: Policy-driven, Host-Based

Intrusion Detection System

– Policy driven technique is similar with the Java sandboxing

AICCSA'03 Autonomic Computing Tutorial, July 2003 65

Security Policy Definition and Reasoning

• Self protecting based on security policy
• Policy will be different across domain

– Standard Policy Language will be crucial

• Policy composition

– Based on predict logic, hard issue

• Policy conflict resolution

– Without violating security policy of involved entities

• Policy negotiation between component

– Standard protocol

AICCSA'03 Autonomic Computing Tutorial, July 2003 66

Resistant to Fraud and Persuasion

• Attacker will harness the ability of an entity to subvert

the system

– Entity will ensure the execution of compromised policy with every resource at its disposal

• Security policy of component should be prevented

from compromise

– High level subversion has catastrophic damage to system security

• Properly secured, the security policies would improve

the resistance of component to attack

– Advantage from autonomic computing

AICCSA'03 Autonomic Computing Tutorial, July 2003 67

• Component private information should be protected

– Definition of the private information is different

• Processing personal data without violating the privacy

policy automatically

– Reliable, secure, without human involvement

• Take complex political and geographical situations into

account

– Not a technique issue only, sociology, law, nationality related.

• Privacy negotiation

– Significant challenge in real system

Privacy

AICCSA'03 Autonomic Computing Tutorial, July 2003 68

Bibliography

• Autonomic computing

– “Autonomic computing and Grid”, Pratap Pattnaik, Kattamuri Ekanadham, and Joefon Jann, Thomas J. Watson Research Center, Yorktown Heights, New York – “Autonomic computing: concepts, opportunities, and challenges” – “Autonomic computing: current research and future challenges”, Jeff Kephart, IBM research – “Autonomic Computing: IBM's Perspective on the State of Information Technology,” P. Horn, IBM Corporation, October 15, 2001 – “Autonomic Computing: The Evolution Continues. Data Management Strategies,” 01-07- 2002 – “Autonomic Personal Computing,” D. F. Bantz, C. Bisdikian, C. Challener, J. P. Karidis, S. Mastrianni, A. Mohindra, D. G. Shea, and M. Vanover, IBM Systems Journal 42, No. 1, 165- 176, 2003 – “Back to the Future: Time to Return to Some Long-Standing Problems in Computer Science,” J. Hennessy, Almaden Institute 2002, IBM Almaden Research Center, San Jose, CA, April 10, 2002 – “IBM-Autonomic Computing”, http://www.research.ibm.com/autonomic AICCSA'03 Autonomic Computing Tutorial, July 2003 69

Bibliography (contd.)

– “Helping Computers Help Themselves,” David Pescovitz, Contributing Editor, Special R&D Report – “NASA Challenges in Autonomic Computing,” D. J. Clancy, Almaden Institute 2002, IBM Almaden Research Center, San Jose, CA, April 10, 2002 – “The dawning of the autonomic computing era”, A. G. Ganek and T. A. Corbi, IBM Systems Journal 42, No. 1, 5-18, 2003 – “The Vision of Autonomic Computing.” Jeffrey O. Kephart, David M. Chess, IEEE Computer 36(1): 41-50 2003

AICCSA'03 Autonomic Computing Tutorial, July 2003 70

Bibliography (contd.)

• Autonomic Computing Projects

– “ABLE: A toolkit for building multiagent autonomic systems”, J. P. Bigus, D. A. Schlosnagle, J. R. Pilgrim, W. N. Mills III, and Y. Diao, Artificial Intelligence Vol. 41, No. 3, 2002, p. 350 – “AutoMate: Enabling Autonomic Grid Applications,” M. Agarwal, V. Bhatt, H. Liu, V. Putty,

• C. Schmidt, G. Zhang, L. Zhen and M. Parashar. CAIP Technical Report # TR-269

– Autonomia: http://www.ece.arizona.edu/~hpdc/projects/AUTONOMIA/ – “Comparing Autonomic and Proactive Computing,” R. Want, T. Pering, and D. Tennenhouse, IBM Systems Journal 42, No. 1, 129-135 2003 – “CATALINA: A Smart Application Control and Management”, Salim Hariri, C.S. Raghavendra, Yonhee Kim, Muhamad Djunaedi, Rinda P. Nellipudi, Ashok Rajagopalan, Prasad Vadlamani, Yeliang Zhang, 2nd NSF Active Middleware Services Workshop, Pittsburgh, August 2000 – “Clockwork: A New Movement in Autonomic Systems,” L. W. Russell, S. P. Morgan, and

• E. G. Chron, IBM Systems Journal 42, No. 1, 77-84, 2003

AICCSA'03 Autonomic Computing Tutorial, July 2003 71

Bibliography (contd.)

– Dynamic Light-Weight Groups Cornell University Technical Report, Katherine Guo and Luis Rodrigues, TR96-1612, October, 1996 – Jini: http://wwws.sun.com/software/jini – “Optimal grid-clustering: Towards breaking the curse of dimensionality,” A. Hinneburg and D. Keim, VLDB Conference, 1999 – “SCAN: A Dynamic, Scalable, and Efficient Content Distribution Network,” Yan Chen, Randy H. Katz, and John D. Kubiatowicz, Proceedings of the International Conference

• n Pervasive Computing, August 2002

– “SRIRAM: A Scalable Resilient Autonomic Mesh,” D. C. Verma, S. Sahu, S. Calo, A. Shaikh, I. Chang, and A. Acharya, IBM Systems Journal 42, No. 1, 19-28, 2003 – “To Err is Human,” Brown, A. and D. A. Patterson, Proceedings of the First Workshop on Evaluating and Architecting System dependability (EASY '01), Göteborg, Sweden, July 2001 – Web Services Toolkit, http://www.alphaworks.ibm.com/tech/webservices toolkit, AlphaWorks, IBM Corporation, July 26, 2000 AICCSA'03 Autonomic Computing Tutorial, July 2003 72

Bibliography (contd.)

• Application Specific Projects

– “Adaptive Control of Distributed Applications,” Ribler, R. L., Vetter, J. S., Smtc, H., and Reed, D. A. Autopilot, Proceedings of the Seventh IEEE Symposium on High- Performance Distributed Computing, Chicago, Illinois, July 1998 – “An Approach to Autonomizing Legacy Systems,” Gail Kaiser, Phil Gross, Gaurav Kc, Janak Parekh and Giuseppe Valetto, workshop on Self-Healing, Adaptive and Self- MANaged Systems, June 2002 – “A parallel CORBA component model for numerical code coupling”, Christian Pérez, Thierry Priol and André Ribes, the 3rd international workshop on Grid computing, number

• f 2536 of LNCS, Baltimore, Maryland, pages 88-99, November 2002

– “Autonomic Optimization of an Oil Reservoir using Decentralized Services,” V. Matossian and M. Parashar, submitted for publication, February 2003

AICCSA'03 Autonomic Computing Tutorial, July 2003 73

Bibliography (contd.)

• Component

– CCA tutorial: http://www.cca-forum.org/tutorials/2003-01-15/index.html – "The Common Component Architecture (CCA) and XCAT". Lawrence Berkeley National Laboratory, March 2003. http://www.extreme.indiana.edu/xcat/

• Economics

– “Advancing E-business into the Future: The Grid,” Wladawsky-Berger, Kennedy Consulting Summit 2001, New York, November 29, 2001 – “Automated strategy searches in an electronic goods market: learning and complex price schedules,” Christopher H. Brooks, Scott Fay, Rajarshi Das, Jeffrey K. MacKie-Mason, Jeffrey O. Kephart, Edmund H. Durfee, ACM Conference on Electronic Commerce 1999: 31-40 AICCSA'03 Autonomic Computing Tutorial, July 2003 74

Bibliography (contd.)

• Programming

– “Aspect-oriented programming,” Gregor Kiczales, John Lamping, Anurag Mendhekar, Chris Maeda, Cristina Videira Lopes, Jean-Marc Loingtier, John Irwin, Proceedings of the European Conference on Object-Oriented Programming (ECOOP), Finland, Springer- Verlag LNCS 1241, June 1997 – “Dynamic Reconfiguration: Basic Building Blocks for Autonomic Computing on IBM pSeries Servers,” J. Jann, L. A. Browning, and R. S. Burugula, IBM Systems Journal 42,

• No. 1, 29-37, 2003

– “Learning to act using real-time dynamic programming,” Barto, A., Bradtke, S., & Singh,

• S. (1995). Artificial Intelligence, 72, 81-138
• Grid

– “The physiology of the Grid – an open Grid services architecture for distributed systems integration” : http://www.gridforum.org/ogsi-wg/drafts/ogsa_draft2.9_2002-06-22.pdf AICCSA'03 Autonomic Computing Tutorial, July 2003 75

Bibliography (contd.)

• Middleware

– “eLiza: Building an Intelligent Infrastructure for E-business-Technology for a Self-Managing Server Environment,” IBM Server Group, G520-9592-00, IBM Corporation, 2001 – “Enabling Autonomic Behavior in Systems Software with Hot Swapping,” J. Appavoo, K. Hui,

• C. A. N. Soules, R. W. Wisniewski, D. M. Da Silva, O. Krieger, M. A. Auslander, D. J.

Edelsohn, B. Gamsa, G. R. Ganger, P. McKenney, M. Ostrowski, B. Rosenburg, M. Stumm, and J. Xenidis, IBM Systems Journal 42, No. 1, 60-76, 2003 – “Maintenance-Free Global Data Storage,” Sean Rhea, Chris Wells, Patrick Eaton, Dennis Geels, Ben Zhao, Hakim Weatherspoon, and John Kubiatowicz. IEEE Internet Computing, Vol 5, No 5, September/October 2001, pp 40-49 – “Reconfigurable context-sensitive middleware for pervasive computing”, Stephen S. Yau, Fariaz Karim, Yu Wang, Bin Wang, and Sandeep K.S. Gupta, Arizona State University – “Towards a Common API for Structured Peer-to-Peer Networks,” Frank Dabek, Ben Zhao, Peter Druschel, John Kubiatowicz, and Ion Stoica, Proceedings of the 2nd International Workshop on Peer-to-Peer Systems (IPTPS '03), February 2003

AICCSA'03 Autonomic Computing Tutorial, July 2003 76

Bibliography (contd.)

• Agent Systems

– “ABLE: A toolkit for building multiagent autonomic systems,” J. P. Bigus, D. A. Schlosnagle, J. R. Pilgrim, W. N. Mills III, and Y. Diao, Artificial Intelligence, Vol. 41, No. 3, 2002, p. 350 – “A Mobile Agent Approach to Lightweight Process Workflow,” Gail Kaiser, Adam Stone and Stephen Dossick. Position paper in International Process Technology Workshop, September 1999 – “A Mobile Agent Approach to Process-Based Dynamic Adaptation of Complex Software Systems,” Giuseppe Valetto, Gail E. Kaiser, Gaurav S. Kc: EWSPT 2001: 102-116 – “Autonomous agents for business process management,” N. Jennings, P. Faratin, T. Norman, P. O'Brien, and B. Odgers, International Journal of Applied Artificial Intelligence – Proceedings of the International Conference on Autonomous Agents, ACM, Montreal, Canada, 2001. http://autonomousagents.org/ – “Shopbot Economics. Autonomous Agents and Multi-Agent Systems,” Jeffrey O. Kephart, Amy R. Greenwald 5(3): 255-287, 2002 AICCSA'03 Autonomic Computing Tutorial, July 2003 77

Bibliography (contd.)

• Workflow

– “A Workflow Automation System for Care Plans,” Wenke Lee, Gail E. Kaiser, Paul D. Clayton, and Eric H. Sherman. OzCare, Journal of the American Medical Informatics Association: 1996 AMIA Annual Fall Symposium, Hanley & Belfus, Inc., Symposium Supplement, October 1996, pp. 577-581 – “Competitive Algorithms for the Dynamic Selection of Component Implementations,” D.

• M. Yellin, IBM Systems Journal 42, No. 1, 85-97, 2003

– “Collaborative Work: SWAP: Leveraging the Web To Manage Workflow,” Gregory Alan Bolcer, Gail E. Kaiser, IEEE Internet Computing 3(1): 85-88, 1999 – “Pricing in Agent Economies Using Multi-Agent Q-Learning,” Gerald Tesauro, Jeffrey O. Kephart Autonomous Agents and Multi-Agent Systems 5(3): 289-304 2002 AICCSA'03 Autonomic Computing Tutorial, July 2003 78

Bibliography (contd.)

• Language

– Extensible Rule Markup Language: http://xml.coverpages.org/extensibleRuleML.html – Rule Markup Language: http://www.dfki.uni-kl.de/ruleml/ – SIDL:http://www.llnl.gov/CASC/components/docs/users_guide/node19.html – WSDL specification: http://www.w3.org/TR/wsdl

• Composition

– “An Environment for Dynamic Component Composition for Efficient Co-Design” , Frederic Doucet, Sandeep Shukla, Rajesh Gupta, Center For Embedded Computer Systems, University of California at Irvine, Masato Otsuka, Fujitsu Ltd, Japan – “Composition, Performance Analysis and Simulation of Web Services”, Senthilanand Chandrasekaran, Computer Science Department, The University of Georgia

AICCSA'03 Autonomic Computing Tutorial, July 2003 79

Bibliography (contd.)

• Discovery

– “A Scalable Content-Addressable Network”, S. Ratnasamy, P. Francis, M. Handley, R. Karp and S. Shenker, In Proceedings of ACM SIGCOMM, 2001 – “Chord: A Scalable Peer-To-Peer Lookup Service for Internet Applications”, I. Stoica, R. Morris, D. Karger, F. Kaashoek and H. Balakrishnan, In Proceedings of ACM SIGCOMM, 2001 – “Flexible Information Discovery in Decentralized Distributed Systems”, Cristina Schmidt and Manish Parashar, In Proceedings of IEEE High Performance Distributed Computing, June 2003 – Gnutella webpage: http://gnutella.wego.com/ – Napster webpage: http://napster.com/ – “Universal Description, Discovery and Integration: UDDI”, Technical White paper, September 2000 AICCSA'03 Autonomic Computing Tutorial, July 2003 80

Bibliography (contd.)

• Security

– “A Community Authorization Service for Group Collaboration,” L. Pearlman, V. Welch, I. Foster, C. Kesselman, S. Tuecke, Proceedings of the IEEE 3rd International Workshop

• n Policies for Distributed Systems and Networks, 2002

– “A National-Scale Authentication Infrastructure,” R. Butler, D. Engert, I. Foster, C. Kesselman, S. Tuecke, J. Volmer, V. Welch. IEEE Computer, 33(12):60-66, 2000 – “A Security Architecture for Computational Grids,” I. Foster, C. Kesselman, G. Tsudik, S.

• Tuecke. Proc. 5th ACM Conference on Computer and Communications Security

Conference, pp. 83-92, 1998 – "BlueBox : A Policy-Driven, Host-Based Intrusion Detection System ", Suresh N. Chari, Pau-Chen Cheng, NDSS'02 – “Certificate-Based Access Control For Widely Distributed Resources,” Mary Thompson, M., W. Johnston, S. Mudumbai, G. Hoo, K. Jackson, A. Essiari. Usenix Security Symposium, 1999 – “Decentralized Trust Management,” M. Blaze, J. Feigenbaum and J. Lacy, IEEE Symposium on Security and Privacy, Oakland, CA. May 1996 AICCSA'03 Autonomic Computing Tutorial, July 2003 81

Bibliography (contd.)

– “Generalized Role-Based Access Control for Securing Future Applications,” Michael J. Covington, M.J.M., Mustaque Ahamad, National Information Systems Security Conference (NISSC), 2000 – “Intrusion detection inter-component adaptive negotiation,” R. Feiertag, S. Rho, L. Benzinger,

• S. Wu, T. Redmond, C. Zhang, K. Levitt, D. Peticolas, M. Heckman, S. Staniford, and J.

McAlerney, Computer Networks, 34:605--621, 2000 – "Intrusion detection with mobile agents", Wayne A. Jansen, ELSEVIER, Computer communications, p. 1392-1401 Volume 25, Issue 15, 2002 – “Negotiating Trust on the Web,” Marianne Winslett, Ting Yu, Kent E. Seamons, Adam Hess, Jared Jacobson, Ryan Jarvis, Brian Smith and Lina Yu, IEEE Internet Computing, November-December, 2002 – “Role-Based Access Control Models,” Ravi Sandhu, E.C., Hal Feinstein, Charles Youman, IEEE Computer, 1996 – “Role-Based Access Control With X.509 Attribute Certificates,” David W. Chadwick, Alexander Otenko, Edward Ball, Internet computing, pp.62-69, 2003 – “Role Templates for Content-Based Access Control,” Iglio, L.G.a.P, Proceedings of the Second ACM Workshop on Role Based Access Control , Virginia, USA, 1997

AICCSA'03 Autonomic Computing Tutorial, July 2003 82

Bibliography (contd.)

– “Securing Context-Aware Applications Using Environment Roles,” Michael J. Covington, W.L., Srividhya Srinivasan, Anind Dey, Mustaque Ahamad, and Gregory Abowd. Symposium on Access Control Models and Technologies (SACMAT '01), Chantilly, Virginia, USA 2001 – “Security architecture testing using IDS--a case study”, Theuns Verwoerd and Ray Hunt, ELSEVIER, Computer communications, p. 1402-1412 Volume 25, Issue 15, 2002 – “Security Implications of Typical Grid Computing Usage Scenarios,” Humphrey, Thompson Oct 2000 http://www.gridforum.org/2_SEC/SEC.htm – "Security in an autonomic computing environment", D. M. Chess, C. C. Palmer, and S. R. White, p.107, IBM Systems Journal - Vol. 42, No. 1, 2003 – “The NIST Model for Role-Based Access Control: Towards A Unified Standard,” R. Sandhu, D.Ferraiolo, R. Kuhn, Proceedings of 5th ACM Workshop on Role Based Access Control, Berlin Germany, 2000 – “Trust-Based Security in Pervasive Computing Environments,” Lalana Kagal, T.F., Anupam Joshi, IEEE Computer, 2001. 34(12): p. 154-157 AICCSA'03 Autonomic Computing Tutorial, July 2003 83

Bibliography (contd.)

• Messaging

– “A scalable content-addressable network”, Sylvia Ratnasamy and Paul Francis and Mark Handley and Richard Karp and Scott Schenker, Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications, 2001, San Diego, California – “Chord: A Scalable Peer-to-peer Lookup Service for Internet Applications”, Ion Stoica and Robert Morris and David Karger and M. Frans Kaashoek and Hari Balakrishnan, Proceedings of the ACM SICOMM'01 Conference, August 2001, San Diego, California – “Design and Evaluation of a Wide-Area Event Notification Service,” A. Carzaniga, D.S. Rosenblum, and A.L. Wolf. ACM Transactions on Computer Systems, 19(3):332-383, Aug 2001 – “Enabling Peer-to-Peer Interactions for Scientific Applications on the Grid,” Vincent Matossian and Manish Parashar, (To appear) Proceedings of EuroPar03, Klagenfurt, Austria,2003 – “Flexible Information Discovery in Decentralized Distributed Systems,” Cristina Schmidt and Manish Parashar, Accepted for publication at HPDC 12, 2003 AICCSA'03 Autonomic Computing Tutorial, July 2003 84

Bibliography (contd.)

– “Gryphon: An Information Flow Based Approach to Message Brokering,” International Symposium

• n Software Reliability Engineering '98 Fast Abstract.

http://www.research.ibm.com/gryphon/Our_Research/Research_Papers/ext-abstract.htm – “ICENI: An Open Grid Service Architecture Implemented with Jini,” Nathalie Furmento and William Lee and Anthony Mayer and Steven Newhouse and John Darlington, SuperComputing (SC2002), Baltimore, MD, USA,2002 – “Narada Brokering: A Middleware Framework and Architecture for Enabling Durable Peer-to-Peer Grids,” Shrideep Pallickara and Geoffrey Fox, (To appear) Proceedings of ACM/IFIP/USENIX International Middleware Conference Middleware-2003 – “Publish/Subscribe on the Web at Extreme Speed,” Françoise Fabret and François Llirbat and João Pereira, Proceedings of 26th VLDB conference, Cairo, Egypt, 2000 – “XEvents/XMessages: Application Events and Messaging Framework for Grid,” Aleksander Slominski and Yogesh L. Simmhan and Albert Louis Rossi and Matt Farrellee and Dennis Gannon, Indiana University, September 2002, http://www.extreme.indiana.edu/xgws/papers/xevents\_xmessages\_tr.pdf

AICCSA'03 Autonomic Computing Tutorial, July 2003 85

Bibliography (contd.)

• Management

– “A System Model for Dynamically Reconfigurable Software,” K. Whisnant, Z. T. Kalbarczyk, and R. K. Iyer, IBM Systems Journal 42, No. 1, 45-59 2003 – “Automated Tutoring in Interactive Environments: A Task-Centered Approach,” Ursula Wolz, Kathleen R. McKeown and Gail E. Kaiser, International Journal of Machine Mediated Learning, Taylor & Francis, 3(1):53-79, 1989 – “Embracing Failure: A Case for Recovery-Oriented Computing (ROC),” Brown, A. and D.

• A. Patterson, 2001 High Performance Transaction Processing Symposium, Asilomar,

CA, October 2001 – “FIG: A Prototype Tool for Online Verification of Recovery Mechanisms,” Broadwell, P.,

• N. Sastry and J. Traupman, (To appear)Workshop on Self-Healing, Adaptive and self-

MANaged Systems (SHAMAN), New York, NY, June 2002 – “IBM Data Management Tools: New Opportunities for Cost-Effective Administration,” Profile Report, Aberdeen Group, Inc., Boston, April 2002, p. 3 AICCSA'03 Autonomic Computing Tutorial, July 2003 86

Bibliography (contd.)

– “LEO: An Autonomic Query Optimizer for DB2,” V. Markl, G. M. Lohman, and V. Raman, IBM Systems Journal 42, No. 1, 98-106 2003 – “Toward a New Landscape of Systems Management in an Autonomic Computing Environment,” G. Lanfranchi, P. Della Peruta, A. Perrone, and D. Calvanese, IBM Systems Journal 42, No. 1, 119-128, 2003 – “Self-Repairing Computers,” Armando Fox and David Patterson, Scientific American, May 12, 2003 – “Using Process Technology to Control and Coordinate Software Adaptation,” Giuseppe Valetto and Gail Kaiser, International Conference on Software Engineering, May 2003 AICCSA'03 Autonomic Computing Tutorial, July 2003 87

Bibliography (contd.)

• Rule-based Systems

– “A Rule Engine for Query Transformation in Starburst and IBM DB2 C/S DBMS,” Pirahesh, Hamid, Leung, T.Y.Cliff, Hasan Waqar, Data Engineering Proceedings 13th International Conference 1997 – ILOG JRules: http://www.ilog.com/products/rules/engines/jrules – Jess: http://herzberg.ca.sandia.gov/jess

AICCSA'03 Autonomic Computing Tutorial, July 2003 88

Bibliography (contd.)

• Miscellaneous

– “Federating Process-Centered Environments: The Oz Experience,” Israel Ben-Shaul, Gail E. Kaiser, Automated Software Engineering 5(1): 97-132, 1998 – “No Silver Bullet: Essence and Accidents of Software Engineering,” F. P. Brooks, Jr., The Mythical Man-Month: Essays on Software Engineering, Twentieth Anniversary Edition, Addison- Wesley Publishing Co., Reading, MA(1995), p. 226. See also, F. P. Brooks, Jr., Computer 20, No. 4, 10-19 1987 – “Affect and Machine Design: Lessons for the Development of Autonomous Machines,” D.

• A. Norman, A. Ortony, and D. M. Russell, IBM Systems Journal 42, No. 1, 38-44 2003

– “Anatomy of a Commercial-Grade Immune System,” S. R. White, M. Swimmer, E. Pring,

• W. Arnold, D. Chess, and J. F. Morar, Proceedings of the Ninth International Virus

Bulletin Conference, 1999 – “Architecture for an Artificial Immune System,” S. Hofmeyr and S. Forrest, Evolutionary Computation 7, No. 1, 1289-1296 2000