Post on 20-Dec-2015
transcript
CoAX - Coalition TIE BriefingCoAX - Coalition TIE BriefingDARPA CoABS PI MeetingDARPA CoABS PI Meeting
AFRL Rome, AIAI, Boeing, Dartmouth, DERA Malvern, Lockheed AFRL Rome, AIAI, Boeing, Dartmouth, DERA Malvern, Lockheed Martin ATL, Michigan, MIT Sloan, Stanford, USC/ISI, UWF/IHMCMartin ATL, Michigan, MIT Sloan, Stanford, USC/ISI, UWF/IHMC
Support from GITI, ISX, MitreSupport from GITI, ISX, Mitre
Coalition Agents eXperiment (CoAX)Coalition Agents eXperiment (CoAX)http://www.aiai.ed.ac.uk/project/coax/http://www.aiai.ed.ac.uk/project/coax/
Supported by theDARPA CoABS
Program
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX Briefing OutlineBriefing Outline
OverviewOverview Key Coalition and Technical DriversKey Coalition and Technical Drivers Binni ScenarioBinni Scenario CoAX ComponentsCoAX Components
Domain ManagementDomain Management DemonstrationsDemonstrations
6 Month Demonstration Report6 Month Demonstration Report 9, 18 and 30 Month Demonstration Plans9, 18 and 30 Month Demonstration Plans
Status and Next StepsStatus and Next Steps
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX Aim of Coalition TIEAim of Coalition TIE Aim:Aim:
Address unique aspects of coalition operations through the Address unique aspects of coalition operations through the development and evaluation of agent domain and task development and evaluation of agent domain and task management services.management services.
Aim will be met through delivery of:Aim will be met through delivery of: Phased technical demonstrations of increasing complexityPhased technical demonstrations of increasing complexity Technical reports and research papersTechnical reports and research papers Coalition-oriented grid servicesCoalition-oriented grid services
RequirementsRequirements Use of existing military applications (MBP, CAMPS)Use of existing military applications (MBP, CAMPS) Use of heterogeneous set of both domain-aware and Use of heterogeneous set of both domain-aware and
‘come-as-you-are’ grid agents‘come-as-you-are’ grid agents
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX Key Coalition DriversKey Coalition Drivers
Different doctrine, decision making, rules of engagement Different doctrine, decision making, rules of engagement and, in general, mission “agendas”.and, in general, mission “agendas”.
Different technology skill and equipment levels.Different technology skill and equipment levels. Different cultures and languages.Different cultures and languages. Questionable compatibility of respective national Questionable compatibility of respective national
information systems.information systems. Limited models for coalition force operations.Limited models for coalition force operations. Command authorities - agreement and transfers.Command authorities - agreement and transfers. Variable reliability of components and infrastructures.Variable reliability of components and infrastructures. Information systems resource sharing agreements and Information systems resource sharing agreements and
capacity.capacity. Different interpretation of situational information.Different interpretation of situational information. Lack of compatible security architectures.Lack of compatible security architectures.
From LeRoy Pearce (Canadian MOD), 1999
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX Key Technical DriversKey Technical Drivers
Working with agents in multiple dynamic domains.Working with agents in multiple dynamic domains. Need for partial (secure) sharing and visualization of Need for partial (secure) sharing and visualization of
processes, data and facilities.processes, data and facilities. Need flexible interagent task and process management.Need flexible interagent task and process management. Unclear and/or emerging objectives and tasking.Unclear and/or emerging objectives and tasking. Cannot assume compatibility or complete reliability of Cannot assume compatibility or complete reliability of
functional capabilities, communications, security functional capabilities, communications, security arrangements or information resources.arrangements or information resources.
Need to integrate and use legacy systems.Need to integrate and use legacy systems. Need for rapid formation and management of agent Need for rapid formation and management of agent
relationships.relationships. Need to respect national concerns, limitations, cultural Need to respect national concerns, limitations, cultural
and political differences, etc.and political differences, etc.
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX Binni - Gateway to theBinni - Gateway to theGolden Bowl of AfricaGolden Bowl of Africa
Rathmell, R.A. (1999) A Coalition Force Scenario 'Binni - Gateway to the Golden Bowl of Africa', inProceedings of the International Workshop on Knowledge-Based Planning for Coalition Forces,
(ed. Tate, A.) pp. 115-125, Edinburgh, Scotland, 10th-11th May 1999.
W E
N
S
GeographyGeography
Binni - All FeaturesBinni - All Features
BANDAR Population centres ×× Military airfields Gravel roads
Brongo Ports Q Civilian Airfields Tracks
KEY Tarmac roads175 Heights (metres) RailwaysLAYERS:LAYERS:
ReturnReturn
CapeVincent
CapeAmstado
Caca
KasoLagoon
Amisa
Jacal
Pra
Ankobra
Tana
Ofin
Afr
am
Daka
Black Caca
Kapowa
White Caca
Mawli
LAKE CACA
WaterWater
Brongo Ports Q Civilian Airfields Tracks
Q
Q Q
Q
Q
Q
××
××
××
××
××
TransportTransport
WESTERN REGION
AGADEZ
Zingato
SIKASSO
COSTA DELMARIA
LAKI
BANDAR
UGWULU
UPPER REGION
NORTHERN REGION
CACA REGION EASTERN REGION
CACAREGION
ASHANTI REGION
CENTRAL REGION
BANDARREGION
AGADEZ
GAO
Kwanabouri
Gambaga268
Masembi
Gam
bag
a E
scar
pm
ent Higgville
Libar
Zatu
To
Cun
meg
e To
Tifi
llo
Dinga
Anala876
527
390
482
436
588
752
542
707
123
788
613
175
613
Akwapim-Gao Range
Kw
ahu
Pla
teau
To
Pam
ple
To
Seg
umbo
KamongoJinja
Brongo
LavalBiloo
Sagiba
BaveGamba
Kolla
AntokGrandville
Hakkali
To Cecil
DadoMinga
Kaso
NangaCaca Dam Esuko
Blackman
Laponga
Zaribe
Bonrope
Tonka
775AtewaRanga
SaltpondAchobo
Adaido
DiplomboElmina
Wonka
Deanville
Sonara
Sandosta
Komenda
Gonobo Grandvache
Polia
Jamestown
Slabo
Donga
Anguiba KutchiAkimbo
Sago-town
Wazilla
Suthertown
Bisa
Wampimba
Belucar
Salisbury
Bisha
St Andrews
Sellerham
Kingtown
To P
etit Paris
To E
scallope
Lissa
Libretto
Slafito
Langford
To
Fal
o
Asoba
NedallaEpidurango
Aida
To H
arra
NamesNames
SettingSetting
Lat / LongLat / Long
31E31E
36E36E35E35E34E34E33E33E
32E32E
39E39E
38E38E
37E37E
36E36E35E35E34E34E33E33E32E32E31E31E
39E39E38E38E37E37E
17N17N
16N16N
15N15N
20N20N
19N19N
18N18N
17N17N
16N16N
15N15N
19N19N
18N18N
21N21N
W E
N
S
CapeVincent
CapeAmstado
Caca
KasoLagoon
Amisa
Jacal
Pra
Ankobra
Tana
Ofin
Afr
am
Daka
Black Caca
Kapowa
White Caca
Mawli
LAKE CACA
Gaoforces
Agadezforces
Fire Storm
Forces separated by fire storm
W E
N
S
CapeVincent
CapeAmstado
Caca
KasoLagoon
Amisa
Jacal
Pra
Ankobra
Tana
Ofin
Afr
am
Daka
Black Caca
Kapowa
White Caca
Mawli
LAKE CACA
Gaoforces
AgadezForces
Fire StormFalse Agadez
forces
FalseGao
forces
Gao deception is intended to displace firestorm:separation fails.
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX CoAX ComponentsCoAX Components Agent management servicesAgent management services
KAoS domain and resource management (Boeing, IHMC)KAoS domain and resource management (Boeing, IHMC) Exception handling (MIT)Exception handling (MIT)
Task management servicesTask management services Task and process management (AIAI)Task and process management (AIAI) Plan deconfliction (Michigan)Plan deconfliction (Michigan) Market-based incentive management (Stanford)Market-based incentive management (Stanford)
Domain-aware grid agentsDomain-aware grid agents MBP (DERA)MBP (DERA) CAMPS (AFRL)CAMPS (AFRL) Malicious agents (IHMC, Boeing)Malicious agents (IHMC, Boeing) Various information, monitoring, visualization, and observer agentsVarious information, monitoring, visualization, and observer agents
““Come-as-you-are” grid agentsCome-as-you-are” grid agents EMAA/CAST AODB info agent (LM-ATL)EMAA/CAST AODB info agent (LM-ATL) Ariadne Web-enabled weather agent (USC/ISI)Ariadne Web-enabled weather agent (USC/ISI) Observer agents (Dartmouth)Observer agents (Dartmouth)
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX Briefing OutlineBriefing Outline
OverviewOverview Key Coalition and Technical DriversKey Coalition and Technical Drivers Binni ScenarioBinni Scenario CoAX ComponentsCoAX Components
Domain ManagementDomain Management DemonstrationsDemonstrations
6 Month Demonstration Report6 Month Demonstration Report 9, 18 and 30 Month Demonstration Plans9, 18 and 30 Month Demonstration Plans
Status and Next StepsStatus and Next Steps
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX
Agent DomainsAgent Domains
A
A
AAA
AA
AA
A
A
AA DM
An agent domain consists of one or more agents registered with a common Domain Manager which
provides for common administration and enforcement of domain-wide, VM-specific, and agent-specific policies.
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX
Agent Domain Agent Domain Management in CoAXManagement in CoAX
Broadens typical distributed security concerns to include:Broadens typical distributed security concerns to include: Communication and access management: Who can Communication and access management: Who can
communicate with whom for what services?communicate with whom for what services? Registration management: Who can join the domain Registration management: Who can join the domain
under what circumstances?under what circumstances? Resource management: Who can have which kind and Resource management: Who can have which kind and
how much of a given computing resource?how much of a given computing resource? Mobility management: Who can move where under what Mobility management: Who can move where under what
circumstances?circumstances? Conversation management: What constraints govern Conversation management: What constraints govern
interaction between conversing agents? interaction between conversing agents? Obligation management: Who is not meeting Obligation management: Who is not meeting
commitments?commitments?Initial capability shown in six-month demoInitial capability slated for nine-month demoInitial capability slated for 2001-2002 demos
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX
NativeMech
NativeMech
OtherOther
GuardGuard
Policy Management Framework
Policy Management Framework
PolicyAdminTool
PolicyAdminTool
Java VMJava VM
Guard
Aroma VMAroma VM
GuardGuard
ServletServletRMI KAoS
DomainManager
KAoSDomainManager
HTTP
Agent
Policy DirectoryPolicy Directory
Agent
Agent
Agent
AgentAgent
RMIJNDI
Guard is responsible for:1. Interpreting policy2. Enforcing with appropriate native mechanism
1. Abstract, mechanism- neutral representation/XML syntax (DAML collaboration)2. Distributed networked availability3. Secure
1. Ensures policy consistency at all levels2. Stores policy changes3. Notifies guards
Authorized user makes changes over the Web
Event-driven policy changes
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX
Policy EnforcementProblems and Solutions
Problem: Enforcing policies on unmodified, potentially malicious agents Solution: Platform-based enforcement (e.g., Java 2 security) Problem: Permissions granted statically according to code source (can’t have different permissions for two agent instances from same code base)
Solution: Hack JAAS (Java Authentication and Authorization Service) to allow dynamic permissions and instance-level authentication and authorization
Problem: High-level agent security requirements do not always map to low-level built-in Java security mechanisms
Solution: Lock down permissions of untrusted (agent) code and force agent to use a trusted privileged-code wrapper under control of the guard (eventually to be packaged as domain-aware “grid helper”) to perform selected actions
Problem: Fine-grained resource allocation and control and revocation of permissions in the face of denial-of-service attacks
Solution: Run agent under Java-compatible Aroma VM allowing dynamic fine-grained resource rate and quantity control
Problem: “Obligation policies” cannot be enforced by preventing actions in advance but only by monitoring and after-the-fact sanctions
Solution: Sentinel-based policy enforcement (relevant work in this area by MIT)
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX Briefing OutlineBriefing Outline
OverviewOverview Key Coalition and Technical DriversKey Coalition and Technical Drivers Binni ScenarioBinni Scenario CoAX ComponentsCoAX Components
Domain ManagementDomain Management DemonstrationsDemonstrations
6 Month Demonstration Report6 Month Demonstration Report 9, 18 and 30 Month Demonstration Plans9, 18 and 30 Month Demonstration Plans
Status and Next StepsStatus and Next Steps
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX
Demonstration Demonstration ScheduleSchedule
1-month demo at kick-off in February 2000 showing direct connection between DERA MBP and LM ATL AODB.
6-month demo (internal milestone) in July 2000 showing initial integration of selected CoAX components for 9-month demo.
9-month demo (deliverable) in October 2000: Brief the CoAX TIE and Binni scenario; Show full integration of selected CoAX components; Show that selected components interoperate in a Binni-
based scenario and that a relevant 'story' can be told about agent functionality;
Additional stand-alone demos of other components. 18-month demo in July 2001 showing full integration of all
CoAX components in a rich coalition scenario: Focal point to engage other nations and research teams.
30-month demo in July 2002 showing dynamic aspects of domain management and tasking.
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX
6-Month 6-Month Demonstration ReportDemonstration Report
Overall Objective: Integrated Binni scenario demonstration centered on MBP containing Process Panel
monitoring and multiple information-providing agents showing dynamic communication policy management between three KAoS domains on the grid
Specific accomplishments: Binni scenario information used to populate MBP, PP, and LM-ATL agents and shape
storyboard Domain-aware conversational grid agents registered in three separate KAoS-managed
domains representing coalition function units and countries KAoS matchmakers transparently federate across domain boundaries consistent with
current domain policy LM-ATL ‘come-as-you-are’ message-based grid agent interacts with domain-aware agents Tasking and control across coalition functional units Visualization of coalition C2 process via a simple process model Use of simple web-based policy administration tool to change domain policies and update
policy enforcement mechanisms to selectively block and unblock interdomain agent communication
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX
JTF HQJFAC HQ
Gao Intel
6-Month Integrated6-Month IntegratedDemo StructureDemo Structure
‘Come-as-you-are’ message-based grid agentsAODBAODB
LM-ATLLM-ATL
DbDbiiii
PP'PP'
Domain-aware conversational
grid agents
DbDbii
MBPMBPIntel1Intel1
Intel2Intel2DM2DM2
MM2MM2
DM3DM3
MM3MM3
DM1DM1MM1MM1
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX
9-Month 9-Month Demonstration PlanDemonstration Plan
Overall Objective: Integrated Binni scenario demonstration with MBP/CAMPS link containing PP
monitoring, information-providing, and malicious agents, and showing dynamic task and communication, registration, and resource control policy management of ~25 agents in six KAoS domains (including a subdomain) on the grid
Stand-alone demonstrations of additional coalition-related capabilities Specific additional objectives beyond the 6-month demonstration:
US domain with domain-aware AODB and CAMPS agents Ariadne ‘come-as-you-are’ open source weather agent Observer (Intel) domain containing surrogates for Dartmouth agents Gao Observer subdomain containing malicious observer agent whose denial-of-
service attack is countered by KAoS and NOMADS resource control mechanisms Stand-alone demonstrations of: MIT ‘agent death’ exception handling, Stanford
incentive management, U. Michigan plan deconfliction, and Dartmouth ‘observer agents’
More powerful web-based policy administration tool administering communication, registration, and resource policies
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX
JFAC HQ
Gao Intel
US
JTF HQ
Observers(Intel)
Gao Obs.
Subdomain of “Observers”
9-Month Integrated 9-Month Integrated Demo StructureDemo Structure
DbDbiiii
DbDbii
MBPMBPIntel1Intel1
Intel2Intel2DM2DM2
MM2MM2
DM1DM1
MM1MM1
DM4DM4 MM4MM4
AODBAODB
PP'PP'
DM3DM3
MM3MM3
DM5DM5
MM5MM5DGODGO
DAODAO
GAOGAODM6DM6
MM6MM6
WeatherWeatherVizViz
AL PlanAL Plan
AODBAODB
LM-ATLLM-ATL
WeatherWeather
AriadneAriadneCAMPSCAMPS
ALDBALDB
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX
18-Month 18-Month Demonstration PlanDemonstration Plan
Overall Objective: Integrated Binni scenario demonstration including all CoAX participants showing exception
handling, incentive management, plan deconfliction services, and dynamic task and domain management of ~35 agents in nine KAoS domains (including a subdomain and agents with multiple domain membership) on the grid
Specific additional objectives beyond the 9-month demonstration: Emphasis on execution phase of Binni scenario Packaging of initial task and domain management capabilities as grid services Separate UK and meteorology domains and coalition superdomain Policy conflict resolution mechanisms in place for GAO agent registered as member of
multiple domains Use of MIT exception handling grid services Use of Stanford to allocate tasks and computing resources and manage incentives Use of Michigan services to identify and resolve plan conflicts Use of Dartmouth ‘observer agents’ to feed coalition command Management of mobility and conversation policies through policy admin. tool Additional forms of attack by malicious agents countered by enhanced agent domain
management mechanisms
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX
JTF HQ
JFAC HQ
Gao Intel
US
Observers(Intel)
UKCoalition
Met.
18-Month Integrated 18-Month Integrated Demo StructureDemo Structure
Gao Obs.
AODBAODB
LM-ATLLM-ATL
WeatherWeather AriadneAriadne
CAMPSCAMPS
ALDBALDB
DbDbiiii
DbDbii
MBPMBP
Intel1Intel1
Intel2Intel2 DM2DM2
MM2MM2DM1DM1MM1MM1DM4DM4 MM4MM4
AODBAODB
DM8DM8 MM8MM8DM5DM5
MM5MM5DGODGO
DAODAO
GAOGAODM6DM6
MM6MM6
AL PlanAL Plan
Intel1aIntel1aIntel3Intel3
DM7DM7
MM7MM7
DbDbiiiiii
DM3DM3
MM3MM3
WeatherWeatherVizViz DM9DM9
MM9MM9PPPP
EH
IMIM
Plan Dec.Plan Dec.
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX
30-Month 30-Month Demonstration PlanDemonstration Plan
Overall Objective: Integrated Binni scenario demonstration including CoAX participants showing
dynamic creation and reconfiguration of agent domains, virtual organization, and overall coalition process
Specific additional objectives beyond the 18-month demonstration: Demonstration includes all phases of Binni scenario Possible participation of other nations (especially TTCP) and additional CoABS
research teams New coalition members and domains added on-the-fly Generic task and process management facilities Tailored visualizations High-level task, process, and domain management tools Management of obligation policies, and fleshing out set of communication,
access control, resource management, conversation, and mobility policies
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX Briefing OutlineBriefing Outline
OverviewOverview Key Coalition and Technical DriversKey Coalition and Technical Drivers Binni ScenarioBinni Scenario CoAX ComponentsCoAX Components
Domain ManagementDomain Management DemonstrationsDemonstrations
6 Month Demonstration Report6 Month Demonstration Report 9, 18 and 30 Month Demonstration Plans9, 18 and 30 Month Demonstration Plans
Status and Next StepsStatus and Next Steps
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX
Status andStatus andNext StepsNext Steps
1-month and 6-month demo milestones successfully 1-month and 6-month demo milestones successfully completedcompleted
100+ page ‘living document’ describing CoAX and 100+ page ‘living document’ describing CoAX and Binni ‘FLASH’ scenario deliveredBinni ‘FLASH’ scenario delivered
Ongoing work with GITI on design for packaging of Ongoing work with GITI on design for packaging of agent domain services for the gridagent domain services for the grid
9-month demonstration ready in October9-month demonstration ready in October Integrated demonstrationIntegrated demonstration Stand-alone demonstrationsStand-alone demonstrations
Sneak preview of progress on 9-month demonstration Sneak preview of progress on 9-month demonstration at Malvern TTCP meeting in Septemberat Malvern TTCP meeting in September
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX SummarySummary Coalition operations is a matter of high concern for Coalition operations is a matter of high concern for
the military and a great proving ground for agent the military and a great proving ground for agent researchresearch
Binni provides mature rich source of realistic scenario Binni provides mature rich source of realistic scenario datadata
Actual military tools used in true cross-national Actual military tools used in true cross-national collaboration—hope to expand to additional nations in collaboration—hope to expand to additional nations in the not-too-distant futurethe not-too-distant future
Fourteen CoABS partners cooperating in phased Fourteen CoABS partners cooperating in phased technical integrationtechnical integration
Grid provided necessary interoperabilityGrid provided necessary interoperability Significant new research issues being addressed of Significant new research issues being addressed of
both theoretical and practical significanceboth theoretical and practical significance
CoAX /10 August 2000 Briefing
Supported by theDARPA CoABS
Program
CoAX Further InformationFurther Information
See http://www.aiai.ed.ac.uk/project/coax/See http://www.aiai.ed.ac.uk/project/coax/ coax@aiai.ed.ac.uk, coax-info@aiai.ed.ac.ukcoax@aiai.ed.ac.uk, coax-info@aiai.ed.ac.uk CoAX and Binni documentation availableCoAX and Binni documentation available