|
|
|
|
For convenience, here is a local copy of the tutorial; for the most up-to-date information, please refer to the current version at Sun.
Abstract: We introduce a calculus for mobile agents and give its chemical semantics, with a precise definition for migration, failure, and failure detection. Various examples written in our calculus illustrate how to express remote executions, dynamic loading of remote resources and protocols with mobile agents. We give the encoding of our distributed calculus into the join-calculus.
Abstract: By adding reflexion to the chemical machine of Berry and Boudol, we obtain a formal model of concurrency that is consistent with mobility and distribution. Our model provides the foundations of a programming language with functional and object-oriented features. It can also be seen as a process calculus, the join-calculus, which we prove equivalent to the pi-calculus of Milner, Parrow and Walker.
Also see a set of slides on Abstractions for Mobile Computation and another on A Calculus of Mobile Ambients.
An implementation of the ambient calculus is described in Cardelli's technical note on Mobile Ambient Synchronization.
Abstract: Computation over planet-wide structures is hindered by administrative, architectural, and physical constraints. These problems are surmountable, but must be addressed by developing new models of programming and of computation.
Also see a set of slides presented at the WWW5 workshop.
Abstract: We describe how our experience with classic operating system level process migration mechanisms influenced the design of MOA, a mobile agents project. A case is presented for implementing mobile agents using language environments and overcoming the limitations of those environments by employing mechanisms adapted from classic process migration implementations.
Abstract: Many Web browsers now offer some form of active objects, written in a variety of languages, and the number and types of active objects are growing daily in interesting and innovative ways. This report describes our work on Oblets, active objects that are distributed over multiple machines. Oblets are written in Obliq, an object-oriented scripting language for distributed computation. The high-level support provided by Oblets makes it easy to write collaborative and distributed applications.
Abstract: [...] We consider the advantages offered by mobile agents and assess them against alternate methods of achieving the same function. We conclude that, while the individual advantages of agents do not represent an overwhelming motivation for their adoption, the creation of a pervasive agent framework facilities a very large number of network services and applications.
Abstract The opportunities offered by the Internet are encouraging research aimed at the creation of a computational infrastructure that exploits the wide spread communication infrastructure. The mobile computation paradigm is a proposal to build a computational infrastructure that goes beyond the well-known client-server paradigm and increases dynamicity and flexibility. Despite the promising first steps, there is still confusion on the role of paradigms and technology in the development on applications based on the mobile computation paradigm. We present a case study in which we develop several versions of an application us ing different paradigms and different technologies in order to show when these concepts come into play and which are their relationships.
Abstract: Obliq is a lexically-scoped, untyped, interpreted language that supports distributed object-oriented computation. Obliq objects have states and are local to a site. Obliq computations can roam over the network, while maintaining network connections. Distributed lexical scoping is the key mechanism for managing distributed computations.
Abstract: This paper explores the concept of a public network designed as a platform for application developers. It introduces a new communication paradigm, the mobile agent, which provides the organizing principle for such a network, and a new communication software technology, General Magic's Telescript(TM) technology, which implements the concept in a commercial setting. The paper also presents and explores the vision of an electronic marketplace that allows automated access by agents, as well as conventional, interactive access by people. The paper has three sections. The first, "Enabling mobile agents," discusses the concept of a mobile agent, explains how Telescript technology implements the concept, and describes an electronic marketplace based on the technology. The second section, "Programming mobile agents," explains by example how a communicating application works. The example serves as an introduction to the Telescript language in which mobile agents are programmed. The third section, "Using mobile agents," explores the variety of applications that mobile agents make possible, using scenes from the electronic marketplace of the future.
PLAN is a strict functional language providing a limited set of primitives and datatypes. PLAN defines primitives for remotely executing PLAN programs on other nodes, and these primitives are used to provide basic data transport in the network. Because remote execution makes debugging difficult, PLAN provides strong static guarantees to the programmer, such as type safety. A more novel property aimed at protecting network availability is a guarantee that PLAN programs use a bounded amount of space and time on active routers and bandwidth in the network.
[For more information on the context in which PLAN works, see the SWITCHWARE white paper.]
General introduction to mobile agents and outline of Dartmouth's Agent TCL language.
Abstract: Mobile agents are programs that can move through a network under their own control, migrating from host to host and interacting with other agents and resources on each. We argue that these mobile, autonomous agents have the potential to provide a convenient, efficient and robust programming paradigm for distributed applications, particularly when partially connected computers are involved. Partially connected computers include mobile computers such as laptops and personal digital assistants as well as modem-connected home computers, all of which are often disconnected from the network. In this paper, we describe the design and implementation of our mobile-agent system, Agent Tcl, and the specific features that support mobile computers and disconnected operation. These features include network-sensing tools and a docking system that allows an agent to transparently move between mobile computers, regardless of when the computers connect to the network.
Concordia has been implemented in the Java language to ensure platform independence among agent applications. The design goals of Concordia have focused on providing complete coverage of flexible agent mobility, support for agent collaboration, agent persistence, reliable agent transmission, and agent security.
Concordia offers a flexible scheme for dynamic invocation of arbitrary method entry points within a common agent application and extends the notion of simple agent interaction with support for agent collaboration, which allows agents to interact, modify external states (e.g., a database), as well as internal agent states. Concordia provides support for agent persistence and recovery and guarantees the transmission of agents across a network. Concordia has also been designed to provide for fairly complete security coverage from the outset. An alpha release of Concordia is available.
[Also see a white paper on Concordia.]
Abstract: We describe a platform for the portable and secure execution of mobile agents written in various interpreted languages on top of a common run-time core. Agents may migrate at any point in their execution, fully preserving their state, and may exchange messages with other agents. One system may contain many virtual places, each establishing a domain of logically related services under a common security policy governing all agents at this place. Agents are equipped with allowances limiting their resource accesses, both globally per agent lifetime and locally per place. We discuss aspects of this architecture and report about ongoing work. [Also see An Introduction to Mobile Agent Programming and the Ara System by Holger Peine.]
Abstract: The mobile computing environment presents application designers with a unique set of communication and data integrity constraints that are absent in traditional distributed computing settings. These constraints make it difficult to use existing, mobile-transparent applications and complicates the development of new mobile aware applications - applications that take advantage of information about the mobile environment to offer users better interactive performance and better utilization of network bandwidth. The difficulty arises mainly because an incremental port is usually not possible, due to the need to completely shift all of the application's data storage from one model (a file system) to a model that is better suited for disconnected operation (an object repository or database). To make the porting process easier for application designers, we are adding a file system proxy, the Rover File System (RFS), to the Rover toolkit's object-based model. This will allow the Rover toolkit to support both a file model and an object model for mobile applications.
Also see a set of slides for a talk at Bell Labs.
A slightly different version of the same paper is available in postscript format.
[A longer version of this paper (also covering material from the following paper) is also available, also titled A Calculus for Cryptographic Protocols: The Spi Calculus.]
[A longer version of this paper is also available, titled A Calculus for Cryptographic Protocols: The Spi Calculus.]
[An exposition of the principles formalized here appears in an earlier paper by Abadi and Needham.]
In this paper, we consider how this philosophy could be applied to the Web. We introduce the fundamental principles, principals, and policies of Trust Management, as well as Web-specific pragmatic issues. In so doing, we develop a taxonomy for how trust assertions can be specified, justified, and validated. We demonstrate the value of this framework by considering the trust questions faced by the designers of applications for secure document distribution, content filtering, electronic commerce, and downloadable-code systems. We conclude by sketching the limits to automatable Trust Management, demonstrating how trust on the Web will adapt to the trust rules of human communities and vice versa.
Abstract We identify the trust management problem as a distinct and important component of security in network services. Aspects of the trust management problem include formulating security policies and security credentials, determining whether particular sets of credentials satisfy the relevant policies, and deferring trust to third parties. Existing systems that support security in networked applications, including X.501 and PGP, address only narrow subsets of the overall trust management problem and often do so in a manner that is appropriate to only one application. This paper presents a comprehensive approach to trust management, based on a simple language for specifying trusted actions and trust relationships. It also describes a prototype implementation of a new trust management system, called PolicyMaker, that will facilitate the development of security features in a wide range of network services.
Abstract We propose a new distributed security infrastructure, called SDSI (pronounced "Sudsy). SDSI combines a simple public-key infrastructure design with a means of defining groups and issuing group-membership certificates. SDSI's groups provides simple, clear terminology for defining access-control lists and security policies SDSI's design emphasizes linked local name spaces rather than a hierarchical global name space.
Abstract QCM is a special-purpose programming language for authenticated data distribution on the Internet. QCM programs maintain a database distributed among the nodes of a loosely-coupled network and interact by exchanging digitally-signed database queries and responses. The database primitives of QCM naturally support essential security functions such as the definition, distribution, and use of access control lists and public key directories. QCM has a formal semantics based on structural operational semantics and I/O automata which may be used to prove correctness properties of QCM programs.
Abstract: The World-Wide Web is rich in content and services, but access to these resources must be obtained mostly through manual browsers. We would like to be able to write programs that reproduce human browsing behavior, including reactions to slow transmission-rates and failures on many simultaneous links. We thus introduce a concurrent model that directly incorporates the notions of failure and rate of communication, and then describe programming constructs based on this model.
Abstract: Electric Communities has developed a set of extensions to Java, called E, to help developers write distributed applications. E combines Sun's Java programming language with some powerful enhancements: communications extensions for the development of distributed applications; optimistic computation, a powerful method for reducing the effect of communications latency in distributed systems; and an improved security model based on capability semantics and public-key cryptography, permitting fine-grained control over access to system resources without sacrificing security. E is intended for programmers writing network applications, including databases, groupware, publishing systems, and multimedia.