This paper introduces an architecture of distributed systems that facilitates the implementation of a substantial range of dependable system properties, i.e., properties that span an entire system, or a set of components dispersed throughout it. This architecture, called GDS, for governed distributed system, governs the system by controlling the flow of messages between its actors, independently of the internals of the interacting actors. This governance is done via an enforced collection of interaction laws organized into a modular and conflict free hierarchical ensemble. This ensemble of laws is sensitive to the history of interaction; and it is enforced in a decentralized manner, and is thus scalable. The dependable system properties that can be implemented under GDS can have the following beneficial consequences, among others: a) the ability to establish regularities over the system, rendering it more coherent, and easier to reason about; b) the ability to provide a degree of trust among the disparate actor of the system; and c) the ability to ensure compliance with interaction protocols that are essential for distributed computing. Consequently, the GDS architecture can have a significant impact on the following important system qualities: security, fault tolerance, auditability, and manageability.
References
[1]
Avizienis, A., Laprie, J.-C. and Randell, B. (2004) Dependability and Its Threats: A Taxonomy. In: Jacquart, R., Eds., Building the Information Society, IFIP International Federation for Information Processing, Vol. 156, Springer, Boston, MA, 91-120. https://doi.org/10.1007/978-1-4020-8157-6_13
[2]
Artikis, A., Sergot, M. and Pitt, J. (2006) Specifying Norm-Governed Computational Societies. Technical Report, Imperial College of Science Technology and Medicine, London.
[3]
Bidan, C. and Issarny, V. (1998) Dealing with Multi-Policy Security in Large Open Distributed Systems. In: Quisquater, J.J., Deswarte, Y., Meadows, C. and Gollmann, D., Eds., Computer Security—ESORICS 98, ESORICS 1998, Lecture Notes in Computer Science, Vol. 1485, Springer, Berlin, Heidelberg, 51-66.
https://doi.org/10.1007/BFb0055855
[4]
Papazoglou, M.P., Traverso, P., Dustdar, S., Leymann, F. and Kramer, B.J. (2006) Service-Oriented Computing: A Research Roadmap. In: Cubera, F., Ed., Service Oriented Computing (SOC), Number 05462 in Dagstuhl Seminar Proceedings, Internationales Begegnungs.
[5]
Tanenbaum,A., Van Renesse, R., Staveren, H., Sharp, G.J., Mullender, S.J. and Rossum, G. (1990) Experiences with the Amoeba Distributed System. Communications of the ACM, 33, 46-63. https://doi.org/10.1145/96267.96281
[6]
Ao, X.H. and Minsky, N.H. (2003) Flexible Regulation of Distributed Coalitions. In: Snekkenes, E. and Gollmann, D., Eds., Computer Security—ESORICS 2003, Lecture Notes in Computer Science, Vol. 2808, Springer, Berlin, Heidelberg, 39-60.
https://doi.org/10.1007/978-3-540-39650-5_3
[7]
Sandhu, R.S., Ferraiolo, D. and Kuhn, R. (2000) The NIST Model for Role-Based Access Control: Towards a Unified Standard. Proceedings of ACM Workshop on Role-Based Access Control, ACM.
[8]
Damianou, N., Dulay, N., Lupu, E. and Sloman, M. (2001) The Ponder Policy Specification Language. Proc. of Policy Worshop, Bristol.
[9]
Haeberlen, A., Kouznetsov, P. and Druschel, P. (2007) Peer Review: Practical Accountability for Distributed Systems. Proceedings of Twenty-First ACM SIGOPS Symposium on Operating Systems Principles, Stevenson, Washington, 14-17 October 2007, 175-188. https://doi.org/10.1145/1323293.1294279
[10]
Minsky, N.H. (2006) Law Governed Interaction (LGI): A Distributed Coordination and Control Mechanism (An Introduction, and a Reference Manual). Rutgers. http://www.moses.rutgers.edu/
[11]
Ao, X., Minsky, N., Nguyen, T. and Ungureanu, V. (2000) Law-Governed Communities Over the Internet. Proc. of Fourth International Conference on Coordination Models and Languages, Limassol, Cyprus, LNCS 1906, 133-147.
[12]
Minsky, N.H., Ungureanu, V., Wang, W. and Zhang, J. (1996) Building Reconfiguration Primitives into the Law of a System. Proc. of the Third International Conference on Configurable Distributed Systems (ICCDS’96).
[13]
Zhang, W.X., Serban, C. and Minsky, N.H. (2007) Establishing Global Properties of Multi-Agent Systems via Local Laws. In: Weyns, D., Parunak, H.V.D. and Michel, F., Eds., Environments for Multi-Agent Systems III, E4MAS 2006, Lecture Notes in Computer Science, Vol. 4389, Springer, Berlin, Heidelberg.
https://doi.org/10.1007/978-3-540-71103-2_10
[14]
Belokosztolszki, A. and Moody, K. (2002) Meta-Policies for Distributed Role-Based Access Control Systems. Proceedings of Third International Workshop on Policies for Distributed Systems and Networks, Monterey, CA, 5-7 June 2002, 106-115.
https://doi.org/10.1109/POLICY.2002.1011298
[15]
Esteva, M., Rosell, B., Rodriguez-Aguilar, J.A., Josep, A. and Ameli, L. (2004) An Agent-Based Middleware for Electronic Institutions. Proceedings of the Third International Joint Conference on Autonomous Agents and Multiagent Systems, Volume 1, IEEE Computer Society, 236-243.
[16]
Lazouski, A., Martinelli, F. and Mori, P. (2008) A Survey of Usage Control in Computer Security. Istituto di Informática e Telemática, CNR.
[17]
Smith, S.W. and Austel, V. (1998) Trusting Trusted Hardware: Towards a Formal Model for Programmable Secure Coprocessors. 3rd USENIX Workshop on Electronic Commerce.
[18]
Rushby, J.M. (1981) Design and Verification of Secure Systems. Proceedings of the Eighth ACM Symposium on Operating Systems Principles, Pacific Grove, CA, 14-16 December 1981, 12-21. https://doi.org/10.1145/800216.806586
[19]
Inverardi, P. and Mostarda, L. (2005) A Distributed Intrusion Detection Approach for Secure Software Architecture. In: Morrison, R. and Oquendo, F., Eds., Software Architecture, EWSA 2005, Lecture Notes in Computer Science, Vol. 3527, Springer, Berlin, Heidelberg, 168-184. https://doi.org/10.1007/11494713_12
[20]
Casati, F., Shan, E., Dayal, U. and Shan, M. (2003) Business-Oriented Management of Web Services. Communications of the ACM, 46, 55-60.
https://doi.org/10.1145/944217.944238
[21]
Serban, C., Chen, Y., Zhang, W. and Minsky, N. (2008) The Concept of Decentralized and Secure Electronic Marketplace. The Journal of Electronic Commerce Research, 8, 79-101. ttps://doi.org/10.1007/s10660-008-9014-0
[22]
Jajodia, S., Samarati, P., Sapino, M.L. and Subrahmanian, V.S. (2001) Flexible Support for Multiple Access Control Policies. ACM Transactions on Database Systems, 26, 214-260. https://doi.org/10.1145/383891.383894
[23]
Chadha, R. (2006) A Cautionary Note about Policy Conflict Resolution. Military Communications Conference, MILCOM 2006, IEEE, Washington, DC, 23-25 October 2006, 1-8. https://doi.org/10.1109/MILCOM.2006.302500
[24]
Vázquez-Salceda, J., Dignum, V. and Dignum, F. (2005) Organizing Multiagent Systems. Autonomous Agents and Multi-Agent Systems, 11, 307-360.
https://doi.org/10.1007/s10458-005-1673-9
[25]
Mendonca, M., Obraczka, K. and Turletti, T. (2012) The Case for Software-Defined Networking in Heterogeneous Networked Environments. Proceedings of the 2012 ACM conference on CoNEXT Student Workshop, Nice, 10-10 December 2012, 59-60. https://doi.org/10.1145/2413247.2413283
[26]
Krishnan, M. (2015) Survey on Security Risks in Android OS and an Introduction to Samsung KNOX. International Journal of Computer Science and Information Technologies, 6.
[27]
Subotic, S., Bishop, J. and Gruner, S. (2006) Aspect-Oriented Programming for a Distributed Framework: Reviewed Article. South African Computer Journal, 5, 81-89.
[28]
Phan, T., He, Z.J. and Nguyen, T.D. (2006) Policies over Standard Client-Server Interactions. Journal of Computers, 1.
[29]
Minsky, N.H. (2003) On Conditions for Self-Healing in Distributed Software Systems. Proceedings of the International Autonomic Computing Workshop Seattle Washington.
[30]
Randell, B. (1975) System Structure for Software Fault Tolerance. IEEE Transactions on Software Engineering, 220-232.
[31]
Gheorghe, G., Neuhaus, S. and Crispo, B. (2010) xESB: An Enterprise Service Bus for Access and Usage Control Policy Enforcement. In: Nishigaki, M., Josang, A., Murayama, Y. and Marsh, S., Eds., Trust Management IV. IFIPTM 2010, IFIP Advances in Information and Communication Technology, Vol. 321, Springer, Berlin, Heidelberg, 63-78. https://doi.org/10.1007/978-3-642-13446-3_5
[32]
Liu, X.Z., Guo, Z.Y., Wang, X., Chen, F.B., Lian, X.C., Tang, J., Wu, M., Kaashoek, M.F. and Zhang, Z. (2008) D3S: De-Bugging Deployed Distributed Systems. NSDI, 423-437.
[33]
Shrivastava, S.K. (1995) Lessons Learned from Building and Using the Arjuna Distributed Programming System. In: Birman, K.P., Mattern, F. and Schiper, A., Eds., Theory and Practice in Distributed Systems, Lecture Notes in Computer Science, Vol. 938, Springer, Berlin, Heidelberg, 17-32.
https://doi.org/10.1007/3-540-60042-6_2
[34]
McDaniel, P. and Prakash, A. (2002) Methods and Limitations of Security Policy Reconciliation. Proc. of the IEEE Symp on Security and Privacy.
[35]
Bianchini, R., Martin, R.P., Nagaraja, K., Nguyen, T.D. and Oliveira, F. (2005) Human-Aware Computer System Design. Proceedings of the 10th Workshop on Hot Topics in Operating Systems (HotOS).
[36]
Minsky, N.H. (2012) Decentralized Governance of Distributed Systems via Interaction Control. In: Artikis, A., Craven, R., Kesim Çiçekli, N., Sadighi, B. and Stathis, K., Eds., Logic Programs, Norms and Action, Lecture Notes in Computer Science, Vol. 7360, Springer, Berlin, Heidelberg, 374-400.
https://doi.org/10.1007/978-3-642-29414-3_20
[37]
Wang, Z. and Minsky, N. (2014) Fault Tolerance in Heterogeneous Distributed Systems. Proc. of the 9th IEEE International Workshop on Trusted Collaboration.
https://doi.org/10.4108/icst.collaboratecom.2014.257585
[38]
Xu, J., Randell, B., Romanovsky, A., Rubira, C.M.F., Stroud, R.J. and Wu, Z.X. (1995) Fault Tolerance in Concurrent Object-Oriented Software through Coordinated Error Recovery. Twenty-Fifth International Symposium on Fault-Tolerant Computing, 1995, FTCS-25, Digest of Papers, IEEE, 499-508.
[39]
Pereira, D.P. and de Melo, A.C.V. (2010) Formalization of an Architectural Model for Exception Handling Coordination Based on CA Action Concepts. Science of Computer Programming, 75, 333-349. https://doi.org/10.1016/j.scico.2009.12.006
[40]
Xu, J., Romanovsky, A. and Randell, B. (1998) Coordinated Exception Handling in Distributed Object Systems: From Model to System Implementation. Proceedings of 18th International Conference on Distributed Computing Systems, IEEE, Amsterdam, 29-29 May 1998, 12-21. https://doi.org/10.1109/ICDCS.1998.679465
[41]
Schneider, F.B. (1984) Byzantine Generals in Action: Implementing Fail-Stop Processors. ACM Transactions on Computer Systems (TOCS), 2, 145-154.
https://doi.org/10.1145/190.357399
[42]
Schneider, F.B. (1990) Implementing Fault-Tolerant Services Using the State Machine Approach: A Tutorial. ACM Computing Surveys (CSUR), 22, 299-319.
https://doi.org/10.1145/98163.98167
[43]
Schlichting, R.D and Schneider, F.B. (1983) Fail-Stop Processors: An Approach to Designing Fault-Tolerant Computing Systems. ACM Transactions on Computer Systems (TOCS), 1, 222-238. https://doi.org/10.1145/357369.357371
[44]
Zhang, J., Cheng, B.H.C., Yang, Z.X. and McKinley, P.K. (2005) Enabling Safe Dynamic Component-Based Software Adaptation. In: de Lemos, R., Gacek, C. and Romanovsky, A., Eds., Architecting Dependable Systems III, Lecture Notes in Computer Science, Vol. 3549, Springer, Berlin, Heidelberg, 194-211.
https://doi.org/10.1007/11556169_9
[45]
Papadopoulos, G.A. and Arbab, F. (2001) Configuration and Dynamic Reconfiguration of Components Using the Coordination Paradigm. Future Generation Computer Systems, 17, 1023-1038. https://doi.org/10.1016/S0167-739X(01)00043-7
[46]
Zarras, A., Fredj, M., Georgantas, N. and Issarny, V. (2006) Engineering Reconfigurable Distributed Software Systems: Issues Arising for Pervasive Computing. In: Butler, M., et al., Eds., Fault-Tolerant Systems in LNCS, Springer-Verlag, 364-386.
[47]
Weyns, D., Malek, S. and Andersson, J. (2010) On Decentralized Self-Adaptation: Lessons from the Trenches and Challenges for the Future. Proceedings of the 2010 ICSE Workshop on Software Engineering for Adaptive and Self-Managing Systems, Cape Town, South Africa, 3-4 May 2010, 84-93.
https://doi.org/10.1145/1808984.1808994
[48]
de Oliveira, M., Golçalves, E. and Purvis, M. (2014) Institutional Environments: A Framework for the Development of Open Multiagent Systems. In: Bazzan, A. and Pichara, K., Eds., Advances in Artificial Intelligence-IBERAMIA 2014, Lecture Notes in Computer Science, Vol. 8864, Springer, Cham, 560-571.
https://doi.org/10.1007/978-3-319-12027-0_45
[49]
Stillerman, M., Marceau, C. and Stillman, M. (1999) Intrusion Detection for Distributed Applications. Communications of the ACM, 42, 62-69.
https://doi.org/10.1145/306549.306577
[50]
Sotiris I., Keromytis, A.D., Bellovin, S.M. and Smith, J.M. (2000) Implementing a Distributed Firewall. ACM Conference on Computer and Communications Security, 190-199.
[51]
Urdaneta, G., Pierre, G. and Van Steen, M. (2011) A Survey of DHT Security Techniques. ACM Computing Surveys (CSUR), 43.
[52]
Wang, Z. and Minsky, N.H. (2015) Towards Secure Distributed Hash Table. 11th EAI International Conference on Collaborative Computing: Networking, Applications and Worksharing.
[53]
Kiczales, G. and Mezini, M. (2005) Aspect-Oriented Programming and Modular Reasoning. Proc. Int. Conf. Software Engineering (ICSE), 49-58.
[54]
Rowanhill, J.C., Varner, P.E. and Knight, J.C. (2004) Efficient Hierarchic Management for Reconfiguration of Networked Information Systems. 2004 International Conference on Dependable Systems and Networks, IEEE, Florence, 28 June-1 July 2004, 517-526. https://doi.org/10.1109/DSN.2004.1311921
[55]
Liskov, B. (1988) Distributed Programming in Argus. Communications of the ACM, 31, 300-312. https://doi.org/10.1145/42392.42399
[56]
Osborn, S., Sandhu, R. and Munawer, Q. (2000) Configuring Role-Based Access Control to Enforce Mandatory and Discretionary Access Control Policies. ACM Transactions on Information and System Security, 3, 85-106.
https://doi.org/10.1145/354876.354878
[57]
Yuan, E. and Tong, J. Attributed Based Access Control (ABAC) for Web Services. Proceedings of 2005 IEEE International Conference on Web Services, ICWS 2005, IEEE.
[58]
Lee, D., Ahn, S. and Kim, M. (2011) A Study on Hierarchical Policy Model for Managing Heterogeneous Security Systems. In: Murgante, B., Gervasi, O., Iglesias, A., Taniar, D. and Apduhan, B.O., Eds., Computational Science and Its Applications-ICCSA 2011, Lecture Notes in Computer Science, Vol. 6785, Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21898-9_19
[59]
Godic, S. and Moses, T. (2005) OASIS Extensible Access Control. Markup Language (XACML), Version 2. Technical report, Oasis.
[60]
Minsky, N.H. and Ungureanu, V. (2000) Law-Governed Interaction: A Coordination and Control Mechanism for Heterogeneous Distributed Systems. ACM Transactions on Software Engineering and Methodology, 9, 273-305.
https://doi.org/10.1145/352591.352592
[61]
Kiczales, G., Hilsdale, E., Hugunin, J., Kersten, M., Palm, J. and Griswold, W. (2001) Getting Started with ASPECTJ. Communications of the ACM, 44, 59-65.
https://doi.org/10.1145/383845.383858
[62]
Ribeiro, C. and Ferreira, P. (2007) A Policy-Oriented Language for Expressing Security Specifications. International Journal of Network Security, 5.
[63]
Dudheria, R., Trappe, W. and Minsky, N. (2010) Coordination and Control in Mobile Ubiquitous Computing Applications Using Law Governed Interaction. Proc. of the Fourth International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies (UBICOMM), Florence, 247-256.
[64]
Criado, N., Argente, E., Garrido, A., Gimeno, J.A., Igual, F., Botti, V., Noriega, P. and Giret, A. (2011) Norm Enforceability in Electronic Institutions? Coordination, Organizations, Institutions, and Norms in Agent Systems VI, Springer, 250-267.
https://doi.org/10.1007/978-3-642-21268-0_14
[65]
Florio, V.D. and Blondia, C. (2008) A Survey of Linguistic Structures for Application-Level Fault Tolerance. ACM Computing Surveys, 40, 1-27.
[66]
Weyns, D., Omicini, A. and Odell, J. (2007) Environment as a First Class Abstraction in Multiagent Systems. Journal on Autonomous Agents and Multiagent Systems, 14.
[67]
Paes, R., Lucena, C., Carvalho, G. and Cowan, D. (2009) An Event-Driven High Level Model for the Specification of Laws in open multi-agent systems. Journal of Systems and Software, 82, 629-642. https://doi.org/10.1016/j.jss.2008.08.033
[68]
Hu, J., Sun, Q.Z. and Chen, H.P. (2010) Application of Single Sign-On (SSO) in Digital Campus. 2010 3rd IEEE International Conference on Broadband Network and Multimedia Technology (IC-BNMT), IEEE, 725-727.
[69]
Lynch, N.A. (1996) Distributed Algorithms. Morgan Kaufmann, San Francisco.
[70]
Serban, C. and Minsky, N. (2009) In Vivo Evolution of Policies that Govern a Distributed System. Proc. of the IEEE International Symposium on Policies for Distributed Systems and Networks, London.
