Upload
hayfa-brewer
View
36
Download
2
Embed Size (px)
DESCRIPTION
Uniform Resource Name (URN) In Ajanta, A Mobile Object Environment. Plan B Project Report By Tanvir Ahmed Advisor: Prof. Anand Tripathi. NR1. NR3. NR2. Ajanta Programming Environment. Name registry Interaction. Domain C. Domain A. Agent migration. Name-registry. Agent-server. - PowerPoint PPT Presentation
Citation preview
Uniform Resource Name (URN) In Ajanta, A Mobile Object Environment
Plan B Project Report
By Tanvir Ahmed
Advisor: Prof. Anand Tripathi
Ajanta Programming Environment
Name-registry
Agent-server
Agent
Domain B
Agent migration
Domain C
Domain A
NR1
NR3
NR2
Name registry Interaction
MOBILE OBJECT NAMERequirements
– Location independent– Global uniqueness and scope– Persistent– Maps to location (URL) or characteristics of
an object– Name assignment can be delegated– Autonomy of name assignment and name-
resolution
URN Syntax<URN> ::= "urn:" <NID> ":" <NSS>
– NID: Namespace Identifier– NSS: Namespace Specific String
Ajanta URN– urn:ans:umn.edu/tahmed/Resource
• umn.edu = Creation Domain• tahmed = Naming Authority • Resource = A string name in this name-space
Functional RequirementsQuery and Update calls
• lookup(), bind(), rebind()
Fine and coarse grained APIs • Coarse: bind(), lookup()• Fine: getURL(), getVerifyKey()
Object type specific interfaces• Agent: rebindAgentServer()
Client to Name-registry APIs, Name-registry to Name -registry system interfaces
Security RequirementClient/Server Authentication
– Authentication of application level names
Access control on Name Registry entries– Read: all– Write/Update: Specific Principals
Access control on name space– Create-Name: Specific Principals
Name CreationName-Registry Boots, administrator “Admin”
– Admin = urn:ans:umn.edu/Admin– Name Registry = urn:ans:umn.edu
“Admin” adds user “Usr”– urn:ans:umn.edu/Usr
“Usr” registers an agent-server “AS”– urn:ans:umn.edu/Usr/AS
“AS” registers an agent “Ag”– urn:ans:umn.edu/Usr/AS/Ag
Access Control & Delegation(1)
URN ACL Owner Principals withUpdatePermission
Principals withCreate NamePermission
1 umn.edu/Admin umn.edu/Admin umn.edu/Admin umn.edu/Admin
2 umn.edu umn.eduumn.edu/Admin
umn.eduumn.edu/Admin
umn.eduumn.edu/Admin
3 umn.edu/Usr umn.edu/Usrumn.edu/Admin
umn.edu/Usrumn.edu/Admin
umn.edu/Usrumn.edu/Admin
“Update” permission can modify an Entry.
“Create Name” permission can create names under this name-space.
ACL owners can add/delete ACL entries.
Access Control & Delegation(2)
URN ACL Owner Principals withUpdatePermission
Principals withCreate NamePermission
a umn.edu/U/AS1/Ag umn.edu/U/AS1/Agumn.edu/U/AS1
umn.edu/U/AS1/Agumn.edu/U/AS1
umn.edu/U/AS1/Agumn.edu/U/AS1
b umn.edu/U/AS1/Ag umn.edu/U/AS1/Agumn.edu/U/AS1
umn.edu/U/AS1/Agumn.edu/U/AS1umn.edu/U/AS2
umn.edu/U/AS1/Agumn.edu/U/AS1umn.edu/U/AS2
c umn.edu/U/AS1/Ag umn.edu/U/AS1/Agumn.edu/U/AS1
umn.edu/U/AS1/Agumn.edu/U/AS1umn.edu/U/AS3
umn.edu/U/AS1/Agumn.edu/U/AS1umn.edu/U/AS3
a. Agent Ag is registered by agent-server AS1
b. Agent Ag migrates to Agent-server AS2
c. Agent Ag migrates to Agent-server AS3
Access Control & Delegation(3)
URN ACL Owner Principals withUpdate Permission
Principals withCreate NamePermission
umn.edu/U/AS1/Ag/C
umn.edu/U/AS1/Ag/Cumn.edu/U/AS1/Agumn.edu/U/AS3
umn.edu/U/AS1/Ag/Cumn.edu/U/AS1/Agumn.edu/U/AS3
umn.edu/U/AS1/Ag/Cumn.edu/U/AS1/Agumn.edu/U/AS3
Agent Ag, residing on agent-server AS3Ag creates a child agent C Agent-Server AS3, binds C
Name Resolution: UpdateName-registry Administrator adds Alice’s URN and Public Keys
3. bind({Alice, SigA(Nnr)}, AS)
2. Tkt={NR, SigNR(Na), Nnr}
1. authenticate(Alice , Na)
Name RegistryAgent Server
Alice
AS
NR
Alice registers Agent-Server AS
Name Resolution: Update(2)Agent Ag is created and registered by AS1
bind
Ag
AS1
NR1NREntry
urn = NR1/AS1/Agserver URN = AS1acl = { Owner =Ag, AS1; Update =Ag, AS1; Create-Name = Ag, AS1;}
Domain A
Domain B
rebindAgentServer
NR1
NR2
NREntry
urn = NR1/AS1/Agserver URN = AS2acl = { Owner =Ag, AS1; Update =Ag, AS1, AS2; Create-Name=Ag,AS1,AS2}
AS2
AS1
Name Resolution: Update(3)
Name-registry
Agent-server
Agent
Agent Ag migrates to AS2
Ag
Name Resolution: Update(4) Agent Ag is migrates to AS3. Ag’s creation domain NR1
NR2
NREntry
urn = NR1/AS1/Agserver URN = AS3acl = { Owner =Ag, AS1; Update =Ag, AS1, AS3; Create-Name=Ag,AS1,AS3}
AS2
Domain B
Domain A
1.rebindAgentServer
NR1
Name-registry
Agent-server
Agent
NR3
Domain C
AS3
2.rebindAgentServer
Ag
Name Resolution: Lookup(1)
Valid entry present
Cached entry present
Entry not present
Agent-server AS1 lookups a valid entry “NR1/X” present in the local name-registry, NR1
BEFORE AFTER
NR1
AS1
NR1
AS1
Name Resolution: Lookup(2)
Valid entry present
Cached entry present
Entry not present
Mobile Agent entries are not cached
BEFORE AFTER
NR2NR1
AS1
2.lookup
1.lookup
3.return
4 .return
NR1
AS1
NR2
AS1 lookups an agent “NR2/X/X/Ag” not present in NR1
Name Resolution: Lookup(3)
Valid entry present
Cached entry present
Entry not present
AS1 lookups an non-agent entry “NR2/X/AS2”, not present in NR1. After lookup the entry is cached.
BEFORE AFTER
NR2NR1
AS1
2.lookup
1.lookup
3.return
4 .return
NR1
AS1
NR2
Name Resolution: Lookup(3)
Valid entry present
Cached entry present
Entry not present
AS1 lookups the cached non-agent entry in NR1. NR1 updated its cache.
BEFORE AFTER
NR2NR1
AS1
3.lookup
1.lookup
4.return
2 .return
NR1
AS1
NR2
ConclusionWhat is done
– Basic Client to Name-Registry APIs – Name-Registry to Name-Registry System
Interfaces– Client/Server Authentication– Access-Control on Name-Registry Entries– Access-Control on Name-Space– Name Space Delegation– Administrative Utility to Add User and to Add
Name-Registry
ConclusionPossible Future Work
– Introduce the concept of “Subscriber”.– Multiple (K > 1) Name-Registries to maintain a
name.– Map the name-resolution task to Agent Paradigm.
Sent an agent to a Name-Server to get service.