Agile Objects can increase the flexibility and survivability of high performance distributed systems. The Agile Objects project's goal is to develop a range of technologies which enhance the capabilities of applications based on distributed or component object models. Specifically, Agile Objects will allow component-based applications to be location elusive (distributed without concern for performance, dynamic redistributed in response to environmental changes, and achieve that redistribution while providing hard real-time performance guarantees), interface elusive (change their interfaces dynamically in response reconfiguration, attack, or change in system environment to increase their survivability in the face of physical or electronic attack), and dynamically elusive (manage a proportional response to attacks based on the capabilities of location and interface elusiveness). These capabilities enable the construction of inherently survivable applications based on components. The component middleware enables applications to exploit location elusiveness, interface elusiveness, and dynamic elusiveness respond flexibly to noisy information about attacks and to survive.
UCSD Project Members: Luis Rivera, Kay Connelly, Tony Wang, Alex Olugbile, Geta Sampemane, and Andrew Chien.
TAMU Project Members: Sangig Rho and Riccardo Bettati.
Increasing large-scale use of component object frameworks presents an opportunity for middleware infrastructures which can automatically provide dramatically greater software system flexibility and thereby survivability. We will develop a framework called Agile Objects which leverages component object models and enables the construction of survivable systems that support increased application survivability through elusive technologies: location elusiveness, interface elusiveness, and dynamic elusiveness. The project is developing three core technologies (location elusiveness, interface elusiveness, and dynamic elusiveness) which enable the construction of component-based inherently survivable systems. These technologies will be embedded in a component middleware which allows applications based on component technologies to exploit survivability capabilities transparently. For more sophisticated or demanding applications, a translucent approach to these capabilities may also be beneficial.
Location Elusiveness is the capability of application components to be reconfigured across distributed resources -- while the application is running and preserving the performance and real-time properties of the application both across and during the migration. In short, an application can flee systems that are likely (or already) compromised, dynamically reconfiguring to continue its mission. Such capability leverages recent dramatic advances in user-level networking and open real-time systems, but also requires significant advances in component runtime systems, system resource virtualization, component migration, and dynamic management of application performance thru migration. We will design, implement, and develop a component middleware system which enables online application reconfiguration to enhance application survivability.
Interface Elusiveness enables a component middleware system to manage automatic change and configuration of application component and distributed object interfaces to maintain application security. Such automatic management is critical in an environment where the application is reconfigured in ways and into resource environments that the application designer never considered. For example, components presumed local may now be remoted, exposing formerly intra-process communication to a variety of network security attacks. The interface manipulation and binding technologies used pervasively in distributed object and component systems provide the core capability for interface elusiveness approaches, but at present there is little understanding of how to specify security properties, manage them for Agile Object systems, and use Interface Elusiveness techniques to provide application security. We are developing intellectual, analytical, and empirical frameworks to explore this technology. Prototypes which embody interface elusiveness approaches will be built and integrated into overall Agile Objects prototypes.
Dynamic Elusiveness is the capability to dynamically manage the dimensions of elusiveness in response to a complex and evolving security / intrusion environment. In typical environments, information about security attacks is noisy, and ability to react is limited and slow. Exploiting the flexible capabilities of location and interface elusiveness, it is possible to construct systems which provide detailed information on some attack types (distributed object interface attacks) and provide low-impact effective responses to attacks (rapid reconfiguration). We will explore a range of responses to detected electronic and physical attacks, balancing the cost of mutation/migration versus the desired difficulty of penetration and survivability.
Performing experiments with prototype and ultimately large-scale applications is a critical part of understanding, demonstrating, and transferring novel Agile Objects technologies. As such we will build a series of prototypes which embody these technologies. These prototypes will be widely disseminated to the community and also use to perform empirical studies of effectiveness and capabilities.