1 / 15

The FI problem (1)

The FI problem (1). Mobile and Multimedia Telecommunication Services extend basic services of Telephony , Email , WWW and other media with features. Single and multimedia features reveal FI-Feature Interaction.

penny
Télécharger la présentation

The FI problem (1)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The FI problem (1) • Mobile and Multimedia Telecommunication Services extend basic services of Telephony, Email, WWW and other media with features. • Single and multimedia features reveal FI-Feature Interaction. Feature: functionality unit perceived as having a self-contained functional role (ex: EmailfilterMessage, TelephonyvoiceMail, WWWrefresh) Interaction: undesirable behaviour revealed by features when subscribed together, while alone working fine.

  2. The FI problem (2) &x.!% w$& PK SK Example of a feature interaction forwardMessage decryptMessage

  3. The FI problem (3) &x.!% w$& C) Message is sent forward PK SK A) Ciphered message arrives B) Message is decrypted Suppose one party subscribes to decryptMessage and forwardMessage features. Undesired behaviour : Message sent in clear! Mobility may increase FIs (ex: RemailMessage-anonymous status may be lost, due to lack of service when user moves from one location to another).

  4. The FI problem (4) • 3 major focus on FI research: • Detection: identification of pairs candidate of FI. • Avoidance: intervene at protocol/design stages to prevent FI occur. • Resolution: actions to correct detected FI. • Research on FI detection focus on • schemes to represent features (automaton, petri-nets, process algebra, temporal logics,...), and • methods to check if a given pair of features is likely to interact (model checking, simulation, theorem proving, security analysis,...) • Avoidance unfeasable in Internet/Mobile networks, due to • distributed control • multi-vendor / multi-provider environments.

  5. Proposed resolver: install a FeatureManager in every node The FI problem (5) Application Message Feat. A … Feat. N FORMULAS FM Advice Commands Incoming/Outgoing messages Extra information API • Message to FM contain the list of actions executed by all features candidate for execution. • Advice based on formulas with Interdiction operator over Action featuresRequests  Conditions  Restriction

  6. The FI problem (6) Example of resolutions (over 7 actions) Resolution by simple interdiction Example: CW + CFB – first call waits, all others are forwardForward(_dest)  Wait(_init)  one_hold(_init)  I Forward(_dest)Forward(_dest)  Wait(_init)  one_hold(_init)  I Wait(_dest) Resolution by priority Example: filterMessage priority higher then ReadAccept(_init)  Deny(_init)  I Accept(_init) Resolution may request collaboration between several FMs, e.g. permission Example: for parental control Accept(_init) perm(_init)  I Accept(_init)

  7. The FI problem (7) Formulas are checked and interdicted actions are removed. Cost of FI resolution is linear to the number of formulas. System still works in case of FM breakdown.When FM breaks, or information cannot be transmitted across networks, default values may be established for predicates (ex: negation of a permission).

  8. The FDS problem If all features are marked for removal, then a FDS-”feature denial of services” occurs. Usually, feature denial is unacceptable! Example: filterMessage(bob) and forwardMessage(charles) subscribed, with 3 formulas Accept(_init) perm(_init)  I Accept(_init) # access control Forward(_dest) perm(_init)  I Forward(_dest) # access control Deny(_init)  emergency(_init)  I Deny(_dest) # emergency must pass An emergency call from BOB results in a FDS! However, sometimes feature denial is required! Example: two parties subscribe forwardMessage to each other Forward(_dest)  loop(_init)  I Forward(_dest) FDS stops message looping

  9. The algorithm (1) • We must identify the cases when a non-empty set of interdiction formulas result in a FDS! • Inputs: • A non-empty set of Interdiction formulas, and • A non-empty set of all possible actions. • Generate one DS tree • Each node contains an unique subset of actions. • Link from an upper level to a lower level nodes corresponds to an action removal.

  10. The algorithm (2) DS tree example for F={A,C,D,F} {A,C, D,F} {C,D,F} {A,D,F} {A,C,F} {A,C,D} {D,F} {C,F} {C,D} {A,F} {A,D} {A,C} {F} {D} {C} {A} { } • Nodes represent elements

  11. The algorithm (3) • DS tree contains same nodes as Pascal triangle and partial order (2F). • FDS detection: • Scan all non-empty DS nodes. • Starting from a non-empty DS node • Label branch to a lower level node with the predicates required for the formula satisfaction, only if the conjunction of all predicates upwards does not raise a contradiction!Note: removing A then B is equal to removing B then A. • If reached a non-empty leaf, expand DS tree by removing one of the actions (predicates may not hold, or may be those selected while transversing the path) • FDS occurs when previous step leads to an empty leaf!

  12. The algorithm (4) Example for {D,F} (2) Forward(_dest) perm(_init)  I Forward(_dest) (3) Deny(_init)  emergency(_init)  I Deny(_dest) {D,F} (2),perm(_init) {F} {D} Expand non-empty DS node (3),emergency(_init) { }

  13. The algorithm (5) • Cost of FDS identification: • Cost of DS tree creation: O(2F) • Cost of interdiction formula application: • On average, for each action removal there are P/F interdiction formulas. • In a Pascal triangle, the number of branches between rows N and N+1 is N+1. The sum of a linear series is quadratic.F is small, hence PI and the cost is O(I2). • Total cost for FDS algorithm is O(2FI2)

  14. Conclusions • Mobile systems off a large number of features. • Feature Interaction is inevitable, which may lead to customer displeasure! • FI resolution by interdiction may lead to Feature Denial of Service. • Every FDS must be classified, and actions exercised to correct unacceptable occurrences! Thank you! Questions?

More Related