computational mechanisms for norm enforcement in service-oriented architectures
TRANSCRIPT
Computational mechanisms for norm enforcement in service-oriented architecturesAlumne: Sergio Álvarez Napagao
Profesor: Javier Vázquez Salceda
1
Thursday, March 19, 2009
Contents
Introduction
Behaviour Monitoring in SOA
Behaviour Enforcement in SOA
A proposal for a Norm Enforcement Mechanism in SOA
Conclusions and Working Plan
2
Thursday, March 19, 2009
Introduction
Computation as Interaction
Computation as a result of the action of a network
Service-orientation
Service-Oriented Architectures (SOA)
Resources are distributed and accessed as services
3
Challenges
Semantic verification of behaviour
Higher-level behavioural control mechanisms
QoS metrics -> Behavioural metrics
Opportunity: apply more than 15 years of research from MAS to SOA
This thesis proposal can be located in the field of computation as interaction. A paradigm that evolves from monolithic computation to see computation as the result of a distributed process. SOA is the most common reflection of the success of this paradigm: distributed resources, accessible as services.
From the AI point of view, there is a clear opportunity: to apply concepts, algorithms, methodologies from AI research to the service-orientation environments.
Among many other challenges, we focus here on two of them: the need for semantic verification of the behaviour of the services, and the need for mechanisms that allow for a high-level control. For example, the most used control is based on QoS metrics, which are low level.
Thursday, March 19, 2009
SOA Governance
Governance
conducting, influencing, regulating
actions, affairs
of a state, a organization, a group of people
according to rules born inside this group
SOA Governance: emergent concept in SOA community
Business environment concerned with SOA adoption
4
This need for a higher-level control has not only been studied from the AI perspective, but also from the industry, using the concept of Governance.
Governance is defined as the procedure of regulating the behaviour of the members of a society, by the use of rules promoted or motivated by the nature of this society.
Corporate governance, IT governance, are examples of the application of this theoretical concept. SOA governance arised from the business industry, motivated by the need for a more fine-grained control over the process of SOA adoption.
Thursday, March 19, 2009
SOA GovernanceMethodologies and tools needed to maintain order in SOA
Issues to solve:
Fragile and delicate SOA implementations
Services that cannot easily be reused
Lack of trust and confidence in services as assets
Security breaches
Unpredictable performance
Electronic Norms and Institutions can be applied
5SOA governance is, more concretely, a set of methodologies and tools that supervise a SOA system, from its conception, to its design, implementation and maintenance.
The motivation is that adapting monolithic applications to service-orientation is too often very costly for the companies. Common problems are implementations that result to be not robust, with a low performance, and/or with compromise of security. The main problem in the end is that services are not seen with confidence as a good solution. SOA governance intends to tackle all this.
As we have seen earlier, governance is based on the application of rules. The concepts of norms and institutions could fit in here.
Thursday, March 19, 2009
Norms
A rule or standard of behaviour
shared by members of a social group
by which something is judged and approved or disapproved
Institutional Theory approach
Norms are rules supported by social institutions
Institutional constraints reduce the cost of human interactions
6A norm is a rule or standard of behaviour that applies to the members of a society. The main objective of a norm is to allow these members to be able to reason about something being acceptable or not, that is, to set a standard.
One of the approaches about norms found in the previous century has been Institutional Theory, leaded by North and Scott. In this approach, norms are rules that are enforced by a social institution. The purpose of having an institution setting constraints is to reduce the risk, or at least the perception of the possible risk, of human interactions.
How are norms represented?
Thursday, March 19, 2009
Norms
Roman Law
Normatives: WHAT can be done by WHO and WHEN
Regulations: HOW a normative can be applied
Human language -> Logic formalization
Deontic Logic (KD), based on propositional calculus
O(bligation), P(ermission), F(orbidden) operators
Electronic implementations tend to adapt Deontic Logic
7
Most European countries follow the model set by the Roman Law. In Roman Law, there are two kinds of norms: normatives, which define WHAT can be done by WHO, and the regulations: HOW a normative can be applied.
Laws, in the human context, are obviously represented using natural language. However, some attempts have been done to use human language in a computational context successfully. Among the logic formalisms used to represent norms, the most common is Deontic Logic, which is a modal logic based on propositional calculus which specific operators for Obligation, Permission and Prohibition.
Thursday, March 19, 2009
Institutions
An institution is identified by a set of constraints
governing the interactions of a society
in order to structure and regulate the relationship between its members
Institutions allow for a growth on the complexity of the organizations and reduce interaction costs
Participants act and expect others to act according to the norms
Trust among parties when having incomplete information
8
As we have introduced before, an institution enforces a set of constraints in order to regulate the relationship between the members of the society. Having these relationships structured and regulated allows its members to be able to act, and predict how others will act, according to some “standards”. This way, the complexity of these interactions can be higher, because the risk
Thursday, March 19, 2009
Electronic InstitutionsAn e-institution is the model of a human institution
specifying its norms in a suitable computational formalism
Benefits similar to human institutions:
Reduce uncertainty about other agents’ behaviour
Reduce misunderstanding with a common set of norms
Predictable outcome of a certain interaction
Simplification of the decision-making process
Literature focus is on Multi-Agent Systems
9
Thursday, March 19, 2009
Objectives
Incorporate an existing framework for e-Institutions in the SOA governance methodologies
Adapt an e-Institutional framework to be used in SOA
Two crucial elements in the generalization MAS -> SOA
Capture of events: violation detection, norm enforcement
Norm formalism and enforcement mechanism
Contributions have been done on these fields
10
Thursday, March 19, 2009
ObjectivesTo design an implement an open-source SOA norm enforcement framework
Integrate ideas and concepts common in governance and institutional theories
Apply and generalize state of the art in e-Institutions
Integrate this framework in the SOA governance lifecycle
11
Create a mapping between operational representation of norms and SOA orchestration and choreography languages
Benchmark this framework with other SOA governance options
Adapt theories about e-Institutions to SOA
Contribute the advances done to e-Institutional literature
Thursday, March 19, 2009
Behaviour Monitoring in SOAFirst step in behavioural control: Monitoring
Monitoring:
the provision of information by the use of sensors
about the system’s environment
in order to take actions depending on the result of some processing
Existing monitoring approaches
Variable description, e.g. QoS metrics
Message tracking, e.g. agent-mediated e-Institutions
Problem in distributed scenarios: how to combine them?
12
Thursday, March 19, 2009
Provenance
Provenance is the trusted, documented history of a piece of data
EU-Provenance: SOA implementation
Capture of the interactions, the relationship between them, and internal states, of the members of a distributed system
Based on formal semantics for unambiguous, interpretable capture
Allows for monitoring of loosely-coupled distributed complex processes
13
Thursday, March 19, 2009
14
Thursday, March 19, 2009
14
Thursday, March 19, 2009
Advantages of ProvenanceThe resulting system gets the capability to produce at execution-time an explicit representation of the distributed processes taking place
This representation can be queried and analyzed in order to extract valuable information to validate
Documentation can be generated from both strongly or weakly connected processes
Secure environment, privacy of data can be ensured
Successfully applied to a distributed organ transplant management application
15
Thursday, March 19, 2009
Enforcement in SOACurrent approach is based on Service-Level Agreements
Formal negotiated agreements between a service provider and a customer
Service providers perform monitoring to verify QoS parameters
Several formalisms available, but are too focused on low-level metrics and/or are too domain-specific
Contracts: a more generic approach -> Behavioural Commitments
Written or spoken agreements that are intended to be enforceable
Containing a set of clauses that can be seen as norms
Contractual e-Institutions
16
Thursday, March 19, 2009
Contracting LanguageOur work in the EU-Contract Project:
Intentional semantics in the communication between services
Creation of a contracting language
Creation of higher-level behavioural control mechanisms
XML-based Contracting language
can be used in SOA and MAS
based on Deontic Logic (O, P, F)
involves several layers of communication: messages and protocols
17
Thursday, March 19, 2009
18
Contracting Language Layers
Thursday, March 19, 2009
18
Contracting Language Layers
Domain Ontology Layer
Contract Layer
Message Content Layer
Message Layer
Interaction Protocol Layer
Context Layer
Thursday, March 19, 2009
18
Contracting Language Layers
Domain Ontology Layer
Contract Layer
Message Content Layer
Message Layer
Interaction Protocol Layer
Context Layer
Domain terms: car, workshop, repair
Thursday, March 19, 2009
18
Contracting Language Layers
Domain Ontology Layer
Contract Layer
Message Content Layer
Message Layer
Interaction Protocol Layer
Context Layer
A contract: “the workshop is obliged to
repair the car in 2 days”
Domain terms: car, workshop, repair
Thursday, March 19, 2009
18
Contracting Language Layers
Domain Ontology Layer
Contract Layer
Message Content Layer
Message Layer
Interaction Protocol Layer
Context Layer
A contract: “the workshop is obliged to
repair the car in 2 days”
Domain terms: car, workshop, repair
Statements / actions related to contracts:
cancel(contract C1)
Thursday, March 19, 2009
18
Contracting Language Layers
Domain Ontology Layer
Contract Layer
Message Content Layer
Message Layer
Interaction Protocol Layer
Context Layer
A contract: “the workshop is obliged to
repair the car in 2 days”
Domain terms: car, workshop, repair
Statements / actions related to contracts:
cancel(contract C1)
Message envelope + intentionality: from service S1 to service S2 …Request[cancel(contract C1)]
Thursday, March 19, 2009
18
Contracting Language Layers
Domain Ontology Layer
Contract Layer
Message Content Layer
Message Layer
Interaction Protocol Layer
Context Layer
A contract: “the workshop is obliged to
repair the car in 2 days”
Domain terms: car, workshop, repair
Statements / actions related to contracts:
cancel(contract C1)
Message envelope + intentionality: from service S1 to service S2 …Request[cancel(contract C1)]
Protocolhandling: S1
S2
Thursday, March 19, 2009
18
Contracting Language Layers
Domain Ontology Layer
Contract Layer
Message Content Layer
Message Layer
Interaction Protocol Layer
Context Layer
A contract: “the workshop is obliged to
repair the car in 2 days”
Domain terms: car, workshop, repair
Statements / actions related to contracts:
cancel(contract C1)
Message envelope + intentionality: from service S1 to service S2 …Request[cancel(contract C1)]
Protocolhandling: S1
S2Request
Thursday, March 19, 2009
18
Contracting Language Layers
Domain Ontology Layer
Contract Layer
Message Content Layer
Message Layer
Interaction Protocol Layer
Context Layer
A contract: “the workshop is obliged to
repair the car in 2 days”
Domain terms: car, workshop, repair
Statements / actions related to contracts:
cancel(contract C1)
Message envelope + intentionality: from service S1 to service S2 …Request[cancel(contract C1)]
Protocolhandling: S1
S2Request
Agree
Thursday, March 19, 2009
18
Contracting Language Layers
Domain Ontology Layer
Contract Layer
Message Content Layer
Message Layer
Interaction Protocol Layer
Context Layer
A contract: “the workshop is obliged to
repair the car in 2 days”
Domain terms: car, workshop, repair
Statements / actions related to contracts:
cancel(contract C1)
Message envelope + intentionality: from service S1 to service S2 …Request[cancel(contract C1)]
Protocolhandling: S1
S2Request
Agree
Interactioncontext:
Thursday, March 19, 2009
18
DomainOntology
ContractualOntology
Contracting Language Layers
Domain Ontology Layer
Contract Layer
Message Content Layer
Message Layer
Interaction Protocol Layer
Context Layer
A contract: “the workshop is obliged to
repair the car in 2 days”
Domain terms: car, workshop, repair
Statements / actions related to contracts:
cancel(contract C1)
Message envelope + intentionality: from service S1 to service S2 …Request[cancel(contract C1)]
Protocolhandling: S1
S2Request
Agree
Interactioncontext:
Thursday, March 19, 2009
Language XML Structure
19
Thursday, March 19, 2009
Language XML Structure
19
Thursday, March 19, 2009
Language XML Structure
19
Thursday, March 19, 2009
20
Thursday, March 19, 2009
Contractual Middleware
A middleware has been implemented for the creation of contract-aware agent-based services, allowing to:
Create contracts
Handle all contract-related communication
Manage the active responsibilities during contract execution
Solve disputes if administrative parties are in the system
Language + Middleware -> Creation of e-Institutions
21
Thursday, March 19, 2009
Contract Scenario
22
Thursday, March 19, 2009
Internal Architecture
23
Thursday, March 19, 2009
Thesis ProposalContractual Institution- and Provenance-based Norm Enforcement Mechanism
Idea: Electronic Institutions applied to the SOA governance lifecycle
Approach taken: generalization of an e-Institutional framework to SOA, and adapted to a SOA governance methodology
Use of previous contributions
Provenance for SOA monitoring
Contracting language for norm formalism
Contracting middleware for Contractual e-Institution implementation
24
Thursday, March 19, 2009
Areas of work
Normative framework
e-Institutional framework (HARMONIA)
Architecture proposal
De facto standard SOA governance methodology (webMethods)
25
Thursday, March 19, 2009
Normative FrameworkThe normative framework is based on norms and landmarks
HARMONIA is the basis for the normative framework
Control landmarks are added (H. Aldewereld Thesis)
Landmarks represent relevant (positive or negative) states of the system
Actors can reason about actions to fulfill by the use of landmarks
Control is not centralized, but based on the detection of violation states by the agents of the system
Language for substantive norms adapted from the contracting language
26
Thursday, March 19, 2009
SOA Governance Lifecycle
27
Thursday, March 19, 2009
28
Agent
assertionplug-in
Agent
assertionplug-in
Agent
assertionplug-in
Application Agents
OntologyNorm
Repository
Landmark
Mapping
Context Manager
Provenance
StoreMonitor
Observer Agent
EnforcementEngine
ViolationDetectionEngine(JESS)
Translatorjess rules
violationevent
jess facts
Enforcement Agent
Definitions,Norms, Landmarks
register
p-assertion
Definitions,Norms, Landmarks
p-assertionp-assertion p-assertion
Thursday, March 19, 2009
29
Agent
assertionplug-in
Agent
assertionplug-in
Agent
assertionplug-in
Application Agents
OntologyNorm
Repository
Landmark
Mapping
Context Manager
Provenance
StoreMonitor
Observer Agent
EnforcementEngine
ViolationDetectionEngine(JESS)
Translatorjess rules
violationevent
jess facts
Enforcement Agent
Definitions,Norms, Landmarks
register
p-assertion
Definitions,Norms, Landmarks
p-assertionp-assertion p-assertion
Thursday, March 19, 2009
29
Agent
assertionplug-in
Agent
assertionplug-in
Agent
assertionplug-in
Application Agents
OntologyNorm
Repository
Landmark
Mapping
Context Manager
Provenance
StoreMonitor
Observer Agent
EnforcementEngine
ViolationDetectionEngine(JESS)
Translatorjess rules
violationevent
jess facts
Enforcement Agent
Definitions,Norms, Landmarks
register
p-assertion
Definitions,Norms, Landmarks
p-assertionp-assertion p-assertion
Gathers all elements needed for understandability in an institution Vocabulary Processes, actions Norms
Thursday, March 19, 2009
30
Agent
assertionplug-in
Agent
assertionplug-in
Agent
assertionplug-in
Application Agents
OntologyNorm
Repository
Landmark
Mapping
Context Manager
Provenance
StoreMonitor
Observer Agent
EnforcementEngine
ViolationDetectionEngine(JESS)
Translatorjess rules
violationevent
jess facts
Enforcement Agent
Definitions,Norms, Landmarks
register
p-assertion
Definitions,Norms, Landmarks
p-assertionp-assertion p-assertion
Thursday, March 19, 2009
30
Agent
assertionplug-in
Agent
assertionplug-in
Agent
assertionplug-in
Application Agents
OntologyNorm
Repository
Landmark
Mapping
Context Manager
Provenance
StoreMonitor
Observer Agent
EnforcementEngine
ViolationDetectionEngine(JESS)
Translatorjess rules
violationevent
jess facts
Enforcement Agent
Definitions,Norms, Landmarks
register
p-assertion
Definitions,Norms, Landmarks
p-assertionp-assertion p-assertion
Agents that interact inside the institution and its context Generic role with not predefined active task in norm enforcement They should report all relevant events to the Observer Agent with p-assertions No assumption about
Internal architecture Reasoning cycle Technological platform
Thursday, March 19, 2009
31
Agent
assertionplug-in
Agent
assertionplug-in
Agent
assertionplug-in
Application Agents
OntologyNorm
Repository
Landmark
Mapping
Context Manager
Provenance
StoreMonitor
Observer Agent
EnforcementEngine
ViolationDetectionEngine(JESS)
Translatorjess rules
violationevent
jess facts
Enforcement Agent
Definitions,Norms, Landmarks
register
p-assertion
Definitions,Norms, Landmarks
p-assertionp-assertion p-assertion
Thursday, March 19, 2009
31
Agent
assertionplug-in
Agent
assertionplug-in
Agent
assertionplug-in
Application Agents
OntologyNorm
Repository
Landmark
Mapping
Context Manager
Provenance
StoreMonitor
Observer Agent
EnforcementEngine
ViolationDetectionEngine(JESS)
Translatorjess rules
violationevent
jess facts
Enforcement Agent
Definitions,Norms, Landmarks
register
p-assertion
Definitions,Norms, Landmarks
p-assertionp-assertion p-assertion
Responsible of safely register and maintain events and state changes in the institution Gathering and selection are critical processes Monitor
Provides a pull way of obtaining stored information Keeps a real-time representation of the p-assertions being recorded Enforcement Agents subscribe with a list of landmark patterns Whenever a p-assertion is matched, it is sent to the registrant
Thursday, March 19, 2009
32
Agent
assertionplug-in
Agent
assertionplug-in
Agent
assertionplug-in
Application Agents
OntologyNorm
Repository
Landmark
Mapping
Context Manager
Provenance
StoreMonitor
Observer Agent
EnforcementEngine
ViolationDetectionEngine(JESS)
Translatorjess rules
violationevent
jess facts
Enforcement Agent
Definitions,Norms, Landmarks
register
p-assertion
Definitions,Norms, Landmarks
p-assertionp-assertion p-assertion
Thursday, March 19, 2009
32
Agent
assertionplug-in
Agent
assertionplug-in
Agent
assertionplug-in
Application Agents
OntologyNorm
Repository
Landmark
Mapping
Context Manager
Provenance
StoreMonitor
Observer Agent
EnforcementEngine
ViolationDetectionEngine(JESS)
Translatorjess rules
violationevent
jess facts
Enforcement Agent
Definitions,Norms, Landmarks
register
p-assertion
Definitions,Norms, Landmarks
p-assertionp-assertion p-assertion
Responsible for the fulfillment of a subset of the norms They register to the Observer Agent with a list of landmarks Translator
Parses p-assertions into Jess facts Violation Detection Engine
Violations detected when executing rules (norms) with the facts Enforcement Engine
Takes decisions and plans actions when a violation is raisedThursday, March 19, 2009
Distributed systems bring more complexity in interactions
There is an opportunity to apply research of MAS in SOA
From the industry there is a need for control in the SOA lifecycle
We have seen 2 relevant problems
Monitoring
Contribution: Provenance-aware distributed complex scenario
Enforcement
Contribution: electronic contracting language and middleware
33
Conclusions
Thursday, March 19, 2009
Conclusions
Proposal: to join e-Institutional research and SOA governance requirements
Architecture proposal
High level norm-enforcement in SOA
Distributed complex process and state monitoring
We expect to contribute with new concepts, methods and techniques to the field of e-Institutions and to the SOA industry
34
Thursday, March 19, 2009
Working Plan
35
Jan-Apr May-Aug Sep-Dec Jan-Apr May-Aug
2009 2010
Refinement
Implementation
Deployment
Thursday, March 19, 2009
Working Plan
36
Jan-Apr May-Aug Sep-Dec Jan-Apr May-Aug
2009 2010
Refinement
Implementation
Deployment
Map SOA Governance and Institutional Theory common concepts.Generalization and adaptation of the contracting language to the HARMONIA framework. Integration of the contracting framework to the architecture. Identify issues and drawbacks of the architecture and solve them. Formalization of the architecture as an electronic institutional framework.
Thursday, March 19, 2009
Working Plan
37
Jan-Apr May-Aug Sep-Dec Jan-Apr May-Aug
2009 2010
Refinement
Implementation
Deployment
Mapping between orchestration and choreography frameworks and operational representation of norms. Extract and define metrics, from Institutional Theory, for the evaluation of the architecture.
Thursday, March 19, 2009
Working Plan
38
Jan-Apr May-Aug Sep-Dec Jan-Apr May-Aug
2009 2010
Refinement
Implementation
Deployment
Research on the suitable technologies for the implementation. Adaptation of the contracting middleware for its use in the architecture.
Thursday, March 19, 2009
Working Plan
39
Jan-Apr May-Aug Sep-Dec Jan-Apr May-Aug
2009 2010
Refinement
Implementation
Deployment
Implementation of the components of the architecture.Integration of the use case in the implementation.
Thursday, March 19, 2009
Working Plan
40
Jan-Apr May-Aug Sep-Dec Jan-Apr May-Aug
2009 2010
Refinement
Implementation
Deployment
Design of the test cases. Creation of testbeds for the deployment.Deployment of the use case in the testbeds. Benchmark of the results of the testbed executions.
Thursday, March 19, 2009
Working Plan
41
Jan-Apr May-Aug Sep-Dec Jan-Apr May-Aug
2009 2010
Refinement
Implementation
Deployment
Integration of the architecture in a SOA governance methodology lifecycle. Benchmark of the results of the architecture.Find issues concerning the performance of the architecture.
Thursday, March 19, 2009
PublicationsSergio Alvarez-Napagao and Javier Vázquez-Salceda, Using Provenance to implement a Norm Enforcement Mechanism for Agent-Mediated Healthcare Systems, Proceedings of the Fifth Workshop on Agents Applied in Health Care at AAMAS’08, Estoril, Portugal (2008), 8.Sergio Alvarez-Napagao, Javier Vázquez-Salceda, Tamás Kifor, László Z Varga, and Steven Willmott, Applying provenance in distributed organ transplant management, International Provenance and Annotation workshop (IPAW 2006), 3-5 May 2006, Chicago, USA, ISBN 978-3-540-46302-3 (2006). Roberto Confalonieri, Sergio Alvarez-Napagao, Sofia Panagiotidi, Javier Vázquez-Salceda, and Steven Willmott, A Middleware Architecture for Building Contract-Aware Agent-Based Services, Proceedings of the International Workshop on Service-Oriented Computing: Agents, Semantics, and Engineering -SOCASE’08-, at AAMAS’08, Estoril, Portugal, ISBN 978-3-540-79967-2 (2008). Tamás Kifor, László Z Varga, Sergio Alvarez-Napagao, Javier Vázquez-Salceda, and Steven Willmott, Privacy Issues of Provenance in Electronic Healthcare Record Systems, First International Workshop on Privacy and Security in Agent-based Collaborative Environments (PSACE2006), Hakodata, Japan (2006).Tamás Kifor, László Z Varga, Javier Vázquez-Salceda, Sergio Alvarez-Napagao, Steven Willmott, Simon Miles, and Luc Moreau, Provenance in Agent-mediated Healthcare Systems, IEEE Intelligent Systems, ISSN 1541-1672-21 (2006), no. 6, 38–46. Sofia Panagiotidi, Javier Vázquez-Salceda, Sergio Alvarez-Napagao, Steven Willmott, and Roberto Confalonieri, Intelligent Contracting Agents Language, Proceedings of the Symposium on Behaviour Regulation in Multi-Agent Systems -BRMAS’08-, Aberdeen, UK (2008).Javier Vázquez-Salceda and Sergio Alvarez-Napagao, Using SOA Provenance to Implement Norm Enforcement in e-Institutions, Proceedings of the Workshop on Coordination, Organizations, Institutions and Norms - COIN@AAAI08-, at AAAI 08, Chicago, USA (2008). Javier Vázquez-Salceda, Sergio Alvarez-Napagao, Tamás Kifor, László Z Varga, Simon Miles, Luc Moreau, and Steven Willmott, EU PROVENANCE Project: An Open Provenance Architecture for Distributed Applications, R. Annicchiarico, U. Cortés, C. Urdiales (eds.) Agent Technology and E-Health. Whitestein Series in Software Agent Technologies and Autonomic Computing. Birkhäuser Verlag AG, Switzerland, ISBN: 978-3-7643-8546-0 (2007), 55–64.
42
Thursday, March 19, 2009
Thanks for your attention
Questions?
43
Thursday, March 19, 2009