Presentation Transcript

1. Policy-Guided Interactions in Ubiquitous Computing Systems

   Course : Graduate Seminar Instructor : Dr.RUIZHONG WEI By : Vamsi Krishna Email-id vtatikon@lakeheadu.ca 2nd December, 2013
2. Outline Ubiquitous Computing and Advantages Policy Guided Interactions UbiComp Interoperation Problems in Interoperation Policy Based Management Policy Languages and scenario's Interaction Through Negotiation model and Protocol
3. Definitions : Ubiquitous computing is the method of enhancing computer use by making many computers available throughout the physical environment, but making them effectively invisible to the user Computing services everywhere and at any time – Mark Weiser
4. Major Trends in Computing
5. Ubicomp Goals and Characteristics PHYSICAL INTEGRATION Coffee Shop Personal Network Grocery Time ! Location (GPS) Characteristics Decentralized control Heterogeneity Ad hoc interactions Home Network No Milk ! Internet SPONTANEOUS INTEROPERATION Video
6. Advantages : Scalability Reliability Interoperability Resource Discovery Automated capture and access Toward continuous interaction
7. Policy-Guided Interactions Policy is essentially an abstraction, or a set of rules that constrain how a system can behave and how it ought to behave. Policy is a set of factual and behavioral specifications that are binding on every computing element and resource within a domain. All devices and domains have established local policies that constrains the way they can use and export their services.
8. Conti.. Policy must specify entities (as represented by computing devices) and their attributes, security and privacy constraints, trust relationships, security credentials, network types, resources and protocols, cryptography-based objects and protocols, data and content types, and contextual parameters like time and space
9. ALICE BOB Internet Device  Network Device  Device Ubicomp Interoperation Coffee Shop Personal Network Location? Where is Bob? Connectivity? Grocery Time ! GPS Nature and Purpose Discovery of external services Resource usage and access Intertwined processes of discovery and access control No Milk ! Tell Alice. Display Device? Video Home Network
10. Barriers to Interoperation Concerns Security and privacy Dynamism and context changes Roadblocks Middleware and security frameworks do not scale Cannot force particular architectures or security preferences as standards Cannot guarantee pre-established security relationships
11. Problems and Challenges Hard problems Match service demands to local resources within policy constraints and context Reach flexible agreements in an automated fashion Challenges in a ubicomp environment Heterogeneous devices and communication features Diversity in resources possessed and exported Diversity in capabilities, desires and security policies Huge number of contexts and context-sensitive constraints that cannot be anticipated in advance
12. Drawbacks in Existing Approaches Based on rigid and static policies Cannot resolve all conflicts Falls short of autonomic computing Inadequate security and access control models Scalability and flexibility issues Lack of support for non-identity based trust relationships
13. New Approach for Interoperation Problem Safe spontaneous interoperation in ubiquitous computing without pre-established trust relationships or rigid protocols Solution A generic and flexible negotiation protocol guided by local policy
14. Solution : Service or application layer agreements Based on policy Through a process of negotiation
15. Why Policy? Minimum necessary for interaction and agreement Why not specialized applications? Difficult to make changes and to control Cannot anticipate all requirements and contexts Inter-modular dependencies difficult to handle
16. Policy-Based Management Policy describes state and desired behavior Governs all actions within bounded domains Wide expressive power Guides following system aspects Resource management Security and access control Context awareness Interactions between domains Discovery and access are the constants Policy is the only domain dependent variable
17. Messaging Interface (To other system components, remote computers) FRONT END Protocol State Machine Message Multiplexer/De-multiplexer Event Listener CONTROLLER Semantic Interpretation of Messages Heuristics/Metrics Security/Trust Model POLICY ENGINE Knowledge engineering Mechanisms (Forward Chaining, Backward Chaining, Conflict Resolution, etc.) Policy Database Policy Manager - Functional View
18. Policy Languages Rei policy language Specially targeted towards pervasive computing and the semantic web Defined cross-application semantics Incorporates deontic concepts like obligations and permissions Trust negotiation languages Portfolio and Service Protection Language (PSPL) KeyNote Languages for access control on the web (XML-based) Limited in expressiveness and support for negotiation Examples: XACML, IBM’s TPL Ontology for the semantic web DAML+OIL, OWL, SOUPA
19. Platform APPLICATIONS Semantic Web NEGOTIATION SEMANTIC WEB Internet / World Wide Web TCP/IP (RDF/XML) MAC TCP/IP TCP/IP PHYSICAL MAC MAC PHYSICAL PHYSICAL
20. Scenario – Web Service I have NO TIME to read this list of policies, and I don’t know what they mean! Why do I need to give up all this info? Come to think of it, I don’t really need all this stuff he is promising! Membership Request Your Name, Date of Birth, School, Email? My Privacy Policy: Blah…blah…blah…. Here’s all my info Selected info Web Client News Service Access GRANTED Access REFUSED
21. Internet Scenario – Conference Room Allow display access to display only to attendees. Allow access to printer only to journal subscribers. No sound during presentations! Advertise journal! COMMITTEE MEMBER PRIVILEGED ACCESS Require: Web access, Projector display, Printer. Ring during emergency! PDA – CELL PHONE
22. Internet Scenario – Car on Freeway GPS High bandwidth connection for streaming video Provide Internet Connection service. Monitor traffic for the city. Identity info, credit card WiMAX BASE STATION
23. Interaction through Negotiation Bidirectional stateful protocol Strategic messaging Constant re-evaluation of goals Meta-policies and heuristics designed to reach an agreement or compromise A decentralized process of policy resolution and conflict management
24. Negotiation Model Initial state Each entity has a set of resources, policies and initial requirements Communication protocol Exchange of messages that results in a maximal satisfaction of requirements as constrained by the policies Messages include requests, offers, policy rules Bi-directional protocol (after initial message) Statefulprotocol(server remembers what a client has done before)
25. Q1 R2 Q2 R1 Negotiation model D1 D2 R1 R2 P1 P2 S1 S2 Resources Applications Policies
26. Join network, need ‘x’ bandwidth Offer ‘y’ < ‘x’, OR ask for private info (email) Bob’s PDA Certificates?, Privacy Policy? Certificates, Privacy Policy, Preferred Member incentive Private info Join permission (network configuration info), proxy info, Preferred Member voucher Scenario
27. Internet Scenario – Conference Room Allow display access to display only to attendees. Allow access to printer only to journal subscribers. No sound during presentations! Advertise journal! I have ACM membership, as a LAKEHEAD student REQUEST: Display; Web Access; Printer Sorry! I am just a Student Attendee OK COMMITTEE MEMBER PRIVILEGED ACCESS PROOF: Committee Member PERMISSION: Projector display, web access OFFER: Journal membership for privileged access POLICY: No sounds permitted! OFFER: Privileged access Require: Web access, Projector display, Printer. Ring during emergency! PDA – CELL PHONE
28. Negotiation Protocol State Machine START Trigger/Event to Start Negotiation INITIATE Receive REQUEST(S) Receive OFFERS(S) / POLICIES SERVICE PROCESS Receive REQUEST(S) Send REQUEST(S) Send REQUEST(S) / OFFERS(S) / POLICIES Send REQUEST(S) / OFFERS(S) / POLICIES EXPECT Send TERMINATE Signal Send TERMINATE Signal Receive TERMINATE Signal / TIMEOUT STOP Receive OFFERS(S) / POLICIES
29. Negotiation Protocols Automated trust negotiation Goal: client-server transactions on the web Builds up proof of access through progressive exchange of credentials Conflicts result in failure Examples: TrustBuilder [BYU,UIUC], PeerTrust Service negotiation in grid computing A decentralized framework for dynamic resource allocation Typically neglects security concerns Example: SNAP [ISI]
30. Negotiation Protocal working example
31. Conclusion Existing means of interoperation are too rigid and unsuitable for ubicomp Identify flexible policy as the minimum requirement Negotiation can be automated using logic-based policy, trust and utility models Applications can rely on the underlying system to discover and access external resources with minimal risk and adjusting with context Promote a security-oriented approach towards the design of intelligent spaces
32. References Dr. Peter Reiher, Department of Computer Science, UCLA Mark Weiser,(Father of UbiComputing ) Schilit, B., Adams, N., and Want, R. (1994). Context-Aware Computing Applications. http://research.microsoft.com/en-us/um/people/jckrumm/UbiquitousComputingFundamentals/Slides/SystemsSupportForUbiquitousComputing.pdf http://www.ubiq.com/hypertext/weiser/SciAmDraft3.html “Ubiquitous Computing”
33. Questions ? Thank you.