computational mechanisms for norm enforcement in service-oriented architectures

Computational mechanisms for norm enforcement in service-oriented architecturesAlumne: Sergio Álvarez Napagao

Profesor: Javier Vázquez Salceda

1

Thursday, March 19, 2009

Contents

Introduction

Behaviour Monitoring in SOA

Behaviour Enforcement in SOA

A proposal for a Norm Enforcement Mechanism in SOA

Conclusions and Working Plan

2


Introduction

Computation as Interaction

Computation as a result of the action of a network

Service-orientation

Service-Oriented Architectures (SOA)

Resources are distributed and accessed as services

3

Challenges

Semantic verification of behaviour

Higher-level behavioural control mechanisms

QoS metrics -> Behavioural metrics

Opportunity: apply more than 15 years of research from MAS to SOA

This thesis proposal can be located in the field of computation as interaction. A paradigm that evolves from monolithic computation to see computation as the result of a distributed process. SOA is the most common reflection of the success of this paradigm: distributed resources, accessible as services.

From the AI point of view, there is a clear opportunity: to apply concepts, algorithms, methodologies from AI research to the service-orientation environments.

Among many other challenges, we focus here on two of them: the need for semantic verification of the behaviour of the services, and the need for mechanisms that allow for a high-level control. For example, the most used control is based on QoS metrics, which are low level.


SOA Governance

Governance

conducting, influencing, regulating

actions, affairs

of a state, a organization, a group of people

according to rules born inside this group

SOA Governance: emergent concept in SOA community

Business environment concerned with SOA adoption

4

This need for a higher-level control has not only been studied from the AI perspective, but also from the industry, using the concept of Governance.

Governance is defined as the procedure of regulating the behaviour of the members of a society, by the use of rules promoted or motivated by the nature of this society.

Corporate governance, IT governance, are examples of the application of this theoretical concept. SOA governance arised from the business industry, motivated by the need for a more fine-grained control over the process of SOA adoption.


SOA GovernanceMethodologies and tools needed to maintain order in SOA

Issues to solve:

Fragile and delicate SOA implementations

Services that cannot easily be reused

Lack of trust and confidence in services as assets

Security breaches

Unpredictable performance

Electronic Norms and Institutions can be applied

5SOA governance is, more concretely, a set of methodologies and tools that supervise a SOA system, from its conception, to its design, implementation and maintenance.

The motivation is that adapting monolithic applications to service-orientation is too often very costly for the companies. Common problems are implementations that result to be not robust, with a low performance, and/or with compromise of security. The main problem in the end is that services are not seen with confidence as a good solution. SOA governance intends to tackle all this.

As we have seen earlier, governance is based on the application of rules. The concepts of norms and institutions could fit in here.


Norms

A rule or standard of behaviour

shared by members of a social group

by which something is judged and approved or disapproved

Institutional Theory approach

Norms are rules supported by social institutions

Institutional constraints reduce the cost of human interactions

6A norm is a rule or standard of behaviour that applies to the members of a society. The main objective of a norm is to allow these members to be able to reason about something being acceptable or not, that is, to set a standard.

One of the approaches about norms found in the previous century has been Institutional Theory, leaded by North and Scott. In this approach, norms are rules that are enforced by a social institution. The purpose of having an institution setting constraints is to reduce the risk, or at least the perception of the possible risk, of human interactions.

How are norms represented?


Norms

Roman Law

Normatives: WHAT can be done by WHO and WHEN

Regulations: HOW a normative can be applied

Human language -> Logic formalization

Deontic Logic (KD), based on propositional calculus

O(bligation), P(ermission), F(orbidden) operators

Electronic implementations tend to adapt Deontic Logic

7

Most European countries follow the model set by the Roman Law. In Roman Law, there are two kinds of norms: normatives, which define WHAT can be done by WHO, and the regulations: HOW a normative can be applied.

Laws, in the human context, are obviously represented using natural language. However, some attempts have been done to use human language in a computational context successfully. Among the logic formalisms used to represent norms, the most common is Deontic Logic, which is a modal logic based on propositional calculus which specific operators for Obligation, Permission and Prohibition.


Institutions

An institution is identified by a set of constraints

governing the interactions of a society

in order to structure and regulate the relationship between its members

Institutions allow for a growth on the complexity of the organizations and reduce interaction costs

Participants act and expect others to act according to the norms

Trust among parties when having incomplete information

8

As we have introduced before, an institution enforces a set of constraints in order to regulate the relationship between the members of the society. Having these relationships structured and regulated allows its members to be able to act, and predict how others will act, according to some “standards”. This way, the complexity of these interactions can be higher, because the risk


Electronic InstitutionsAn e-institution is the model of a human institution

specifying its norms in a suitable computational formalism

Benefits similar to human institutions:

Reduce uncertainty about other agents’ behaviour

Reduce misunderstanding with a common set of norms

Predictable outcome of a certain interaction

Simplification of the decision-making process

Literature focus is on Multi-Agent Systems

9


Objectives

Incorporate an existing framework for e-Institutions in the SOA governance methodologies

Adapt an e-Institutional framework to be used in SOA

Two crucial elements in the generalization MAS -> SOA

Capture of events: violation detection, norm enforcement

Norm formalism and enforcement mechanism

Contributions have been done on these fields

10


ObjectivesTo design an implement an open-source SOA norm enforcement framework

Integrate ideas and concepts common in governance and institutional theories

Apply and generalize state of the art in e-Institutions

Integrate this framework in the SOA governance lifecycle

11

Create a mapping between operational representation of norms and SOA orchestration and choreography languages

Benchmark this framework with other SOA governance options

Adapt theories about e-Institutions to SOA

Contribute the advances done to e-Institutional literature


Behaviour Monitoring in SOAFirst step in behavioural control: Monitoring

Monitoring:

the provision of information by the use of sensors

about the system’s environment

in order to take actions depending on the result of some processing

Existing monitoring approaches

Variable description, e.g. QoS metrics

Message tracking, e.g. agent-mediated e-Institutions

Problem in distributed scenarios: how to combine them?

12


Provenance

Provenance is the trusted, documented history of a piece of data

EU-Provenance: SOA implementation

Capture of the interactions, the relationship between them, and internal states, of the members of a distributed system

Based on formal semantics for unambiguous, interpretable capture

Allows for monitoring of loosely-coupled distributed complex processes

13


14


Advantages of ProvenanceThe resulting system gets the capability to produce at execution-time an explicit representation of the distributed processes taking place

This representation can be queried and analyzed in order to extract valuable information to validate

Documentation can be generated from both strongly or weakly connected processes

Secure environment, privacy of data can be ensured

Successfully applied to a distributed organ transplant management application

15


Enforcement in SOACurrent approach is based on Service-Level Agreements

Formal negotiated agreements between a service provider and a customer

Service providers perform monitoring to verify QoS parameters

Several formalisms available, but are too focused on low-level metrics and/or are too domain-specific

Contracts: a more generic approach -> Behavioural Commitments

Written or spoken agreements that are intended to be enforceable

Containing a set of clauses that can be seen as norms

Contractual e-Institutions

16


Contracting LanguageOur work in the EU-Contract Project:

Intentional semantics in the communication between services

Creation of a contracting language

Creation of higher-level behavioural control mechanisms

XML-based Contracting language

can be used in SOA and MAS

based on Deontic Logic (O, P, F)

involves several layers of communication: messages and protocols

17


18

Contracting Language Layers


18


Domain Ontology Layer

Contract Layer

Message Content Layer

Message Layer

Interaction Protocol Layer

Context Layer


18



Contract Layer


Message Layer


Context Layer

Domain terms: car, workshop, repair


18



Contract Layer


Message Layer


Context Layer

A contract: “the workshop is obliged to

repair the car in 2 days”



18



Contract Layer


Message Layer


Context Layer




Statements / actions related to contracts:

cancel(contract C1)


18



Contract Layer


Message Layer


Context Layer





cancel(contract C1)

Message envelope + intentionality: from service S1 to service S2 …Request[cancel(contract C1)]


18



Contract Layer


Message Layer


Context Layer





cancel(contract C1)


Protocolhandling: S1

S2


18



Contract Layer


Message Layer


Context Layer





cancel(contract C1)



S2Request


18



Contract Layer


Message Layer


Context Layer





cancel(contract C1)



S2Request

Agree


18



Contract Layer


Message Layer


Context Layer





cancel(contract C1)



S2Request

Agree

Interactioncontext:


18

DomainOntology

ContractualOntology



Contract Layer


Message Layer


Context Layer





cancel(contract C1)



S2Request

Agree

Interactioncontext:


Language XML Structure

19


20


Contractual Middleware

A middleware has been implemented for the creation of contract-aware agent-based services, allowing to:

Create contracts

Handle all contract-related communication

Manage the active responsibilities during contract execution

Solve disputes if administrative parties are in the system

Language + Middleware -> Creation of e-Institutions

21


Contract Scenario

22


Internal Architecture

23


Thesis ProposalContractual Institution- and Provenance-based Norm Enforcement Mechanism

Idea: Electronic Institutions applied to the SOA governance lifecycle

Approach taken: generalization of an e-Institutional framework to SOA, and adapted to a SOA governance methodology

Use of previous contributions

Provenance for SOA monitoring

Contracting language for norm formalism

Contracting middleware for Contractual e-Institution implementation

24


Areas of work

Normative framework

e-Institutional framework (HARMONIA)

Architecture proposal

De facto standard SOA governance methodology (webMethods)

25


Normative FrameworkThe normative framework is based on norms and landmarks

HARMONIA is the basis for the normative framework

Control landmarks are added (H. Aldewereld Thesis)

Landmarks represent relevant (positive or negative) states of the system

Actors can reason about actions to fulfill by the use of landmarks

Control is not centralized, but based on the detection of violation states by the agents of the system

Language for substantive norms adapted from the contracting language

26


SOA Governance Lifecycle

27


28

Agent

assertionplug-in

Agent

assertionplug-in

Agent

assertionplug-in

Application Agents

OntologyNorm

Repository

Landmark

Mapping

Context Manager

Provenance

StoreMonitor

Observer Agent

EnforcementEngine

ViolationDetectionEngine(JESS)

Translatorjess rules

violationevent

jess facts

Enforcement Agent

Definitions,Norms, Landmarks

register

p-assertion


p-assertionp-assertion p-assertion


29

Agent

assertionplug-in

Agent

assertionplug-in

Agent

assertionplug-in

Application Agents

OntologyNorm

Repository

Landmark

Mapping

Context Manager

Provenance

StoreMonitor

Observer Agent

EnforcementEngine



violationevent

jess facts

Enforcement Agent


register

p-assertion




29

Agent

assertionplug-in

Agent

assertionplug-in

Agent

assertionplug-in

Application Agents

OntologyNorm

Repository

Landmark

Mapping

Context Manager

Provenance

StoreMonitor

Observer Agent

EnforcementEngine



violationevent

jess facts

Enforcement Agent


register

p-assertion



Gathers all elements needed for understandability in an institution Vocabulary Processes, actions Norms


30

Agent

assertionplug-in

Agent

assertionplug-in

Agent

assertionplug-in

Application Agents

OntologyNorm

Repository

Landmark

Mapping

Context Manager

Provenance

StoreMonitor

Observer Agent

EnforcementEngine



violationevent

jess facts

Enforcement Agent


register

p-assertion




30

Agent

assertionplug-in

Agent

assertionplug-in

Agent

assertionplug-in

Application Agents

OntologyNorm

Repository

Landmark

Mapping

Context Manager

Provenance

StoreMonitor

Observer Agent

EnforcementEngine



violationevent

jess facts

Enforcement Agent


register

p-assertion



Agents that interact inside the institution and its context Generic role with not predefined active task in norm enforcement They should report all relevant events to the Observer Agent with p-assertions No assumption about

Internal architecture Reasoning cycle Technological platform


31

Agent

assertionplug-in

Agent

assertionplug-in

Agent

assertionplug-in

Application Agents

OntologyNorm

Repository

Landmark

Mapping

Context Manager

Provenance

StoreMonitor

Observer Agent

EnforcementEngine



violationevent

jess facts

Enforcement Agent


register

p-assertion




31

Agent

assertionplug-in

Agent

assertionplug-in

Agent

assertionplug-in

Application Agents

OntologyNorm

Repository

Landmark

Mapping

Context Manager

Provenance

StoreMonitor

Observer Agent

EnforcementEngine



violationevent

jess facts

Enforcement Agent


register

p-assertion



Responsible of safely register and maintain events and state changes in the institution Gathering and selection are critical processes Monitor

Provides a pull way of obtaining stored information Keeps a real-time representation of the p-assertions being recorded Enforcement Agents subscribe with a list of landmark patterns Whenever a p-assertion is matched, it is sent to the registrant


32

Agent

assertionplug-in

Agent

assertionplug-in

Agent

assertionplug-in

Application Agents

OntologyNorm

Repository

Landmark

Mapping

Context Manager

Provenance

StoreMonitor

Observer Agent

EnforcementEngine



violationevent

jess facts

Enforcement Agent


register

p-assertion




32

Agent

assertionplug-in

Agent

assertionplug-in

Agent

assertionplug-in

Application Agents

OntologyNorm

Repository

Landmark

Mapping

Context Manager

Provenance

StoreMonitor

Observer Agent

EnforcementEngine



violationevent

jess facts

Enforcement Agent


register

p-assertion



Responsible for the fulfillment of a subset of the norms They register to the Observer Agent with a list of landmarks Translator

Parses p-assertions into Jess facts Violation Detection Engine

Violations detected when executing rules (norms) with the facts Enforcement Engine

Takes decisions and plans actions when a violation is raisedThursday, March 19, 2009

Distributed systems bring more complexity in interactions

There is an opportunity to apply research of MAS in SOA

From the industry there is a need for control in the SOA lifecycle

We have seen 2 relevant problems

Monitoring

Contribution: Provenance-aware distributed complex scenario

Enforcement

Contribution: electronic contracting language and middleware

33

Conclusions


Conclusions

Proposal: to join e-Institutional research and SOA governance requirements

Architecture proposal

High level norm-enforcement in SOA

Distributed complex process and state monitoring

We expect to contribute with new concepts, methods and techniques to the field of e-Institutions and to the SOA industry

34


Working Plan

35

Jan-Apr May-Aug Sep-Dec Jan-Apr May-Aug

2009 2010

Refinement

Implementation

Deployment


Working Plan

36


2009 2010

Refinement

Implementation

Deployment

Map SOA Governance and Institutional Theory common concepts.Generalization and adaptation of the contracting language to the HARMONIA framework. Integration of the contracting framework to the architecture. Identify issues and drawbacks of the architecture and solve them. Formalization of the architecture as an electronic institutional framework.


Working Plan

37


2009 2010

Refinement

Implementation

Deployment

Mapping between orchestration and choreography frameworks and operational representation of norms. Extract and define metrics, from Institutional Theory, for the evaluation of the architecture.


Working Plan

38


2009 2010

Refinement

Implementation

Deployment

Research on the suitable technologies for the implementation. Adaptation of the contracting middleware for its use in the architecture.


Working Plan

39


2009 2010

Refinement

Implementation

Deployment

Implementation of the components of the architecture.Integration of the use case in the implementation.


Working Plan

40


2009 2010

Refinement

Implementation

Deployment

Design of the test cases. Creation of testbeds for the deployment.Deployment of the use case in the testbeds. Benchmark of the results of the testbed executions.


Working Plan

41


2009 2010

Refinement

Implementation

Deployment

Integration of the architecture in a SOA governance methodology lifecycle. Benchmark of the results of the architecture.Find issues concerning the performance of the architecture.


PublicationsSergio Alvarez-Napagao and Javier Vázquez-Salceda, Using Provenance to implement a Norm Enforcement Mechanism for Agent-Mediated Healthcare Systems, Proceedings of the Fifth Workshop on Agents Applied in Health Care at AAMAS’08, Estoril, Portugal (2008), 8.Sergio Alvarez-Napagao, Javier Vázquez-Salceda, Tamás Kifor, László Z Varga, and Steven Willmott, Applying provenance in distributed organ transplant management, International Provenance and Annotation workshop (IPAW 2006), 3-5 May 2006, Chicago, USA, ISBN 978-3-540-46302-3 (2006). Roberto Confalonieri, Sergio Alvarez-Napagao, Sofia Panagiotidi, Javier Vázquez-Salceda, and Steven Willmott, A Middleware Architecture for Building Contract-Aware Agent-Based Services, Proceedings of the International Workshop on Service-Oriented Computing: Agents, Semantics, and Engineering -SOCASE’08-, at AAMAS’08, Estoril, Portugal, ISBN 978-3-540-79967-2 (2008). Tamás Kifor, László Z Varga, Sergio Alvarez-Napagao, Javier Vázquez-Salceda, and Steven Willmott, Privacy Issues of Provenance in Electronic Healthcare Record Systems, First International Workshop on Privacy and Security in Agent-based Collaborative Environments (PSACE2006), Hakodata, Japan (2006).Tamás Kifor, László Z Varga, Javier Vázquez-Salceda, Sergio Alvarez-Napagao, Steven Willmott, Simon Miles, and Luc Moreau, Provenance in Agent-mediated Healthcare Systems, IEEE Intelligent Systems, ISSN 1541-1672-21 (2006), no. 6, 38–46. Sofia Panagiotidi, Javier Vázquez-Salceda, Sergio Alvarez-Napagao, Steven Willmott, and Roberto Confalonieri, Intelligent Contracting Agents Language, Proceedings of the Symposium on Behaviour Regulation in Multi-Agent Systems -BRMAS’08-, Aberdeen, UK (2008).Javier Vázquez-Salceda and Sergio Alvarez-Napagao, Using SOA Provenance to Implement Norm Enforcement in e-Institutions, Proceedings of the Workshop on Coordination, Organizations, Institutions and Norms - COIN@AAAI08-, at AAAI 08, Chicago, USA (2008). Javier Vázquez-Salceda, Sergio Alvarez-Napagao, Tamás Kifor, László Z Varga, Simon Miles, Luc Moreau, and Steven Willmott, EU PROVENANCE Project: An Open Provenance Architecture for Distributed Applications, R. Annicchiarico, U. Cortés, C. Urdiales (eds.) Agent Technology and E-Health. Whitestein Series in Software Agent Technologies and Autonomic Computing. Birkhäuser Verlag AG, Switzerland, ISBN: 978-3-7643-8546-0 (2007), 55–64.

42


Thanks for your attention

Questions?

43
