governing bot-as-a-service in sustainability platforms - issues and approaches

1

GOVERNING BOT-AS-A-SERVICE IN SUSTAINABILITY PLATFORMS - ISSUES AND APPROACHES

Hong-Linh Truonga, Phu H. Phungb,

and Schahram Dustdara

aVienna University of Technology, Austria bChalmers University of Technology, Sweden

August 27-29, 2012, Niagara Falls, Ontario, Canada

2

CONTEXT:FACILITY MONITORING IN SMART CITIES

Sensors are deployed in buildings to monitor building

MEP (Mechanical, Electrical, and Plumbing) systems and the surrounding environments

Sensor data is aggregated and propagated to cloud-based data services

Onlinemonitoring

cloud services

3

BOT PLATFORM-AS-A-SERVICE – IN A RECENT EMERGING CONCEPT

Bots can be deployed at the facility sites to detect problems andfix them automatically

A bot is a lightweight application that is

executed by a hosting environment

supports the development, composition of bots, management, and deploymentof bots, and the definition and management of governance policies for bots

stores bots and templates for building bots

4

OUR INTELLIGENT BOT EXECUTION MODEL

The code of a bot is generated on-demand when a possible problem is detected

Cloud service finds suitable rules and algorithms for the logic of the bot

Cloud service builds bots (using template) and rules/algorithms

Cloud service sends bots to the gateway which executes bots for fixing problems

5

THE LIFECYCLE OF A BOT

(i) Development bots are compiled from source code or

bots are composed from existing objects/bots

(ii) Deployment bots are transferred from clouds to

hosting environments for execution

(iii) Executionbots are running in hosting

environments

6

GOVERNANCE ISSUES

1. System/network security and access control

protect systems and networks in order to prevent unauthorized access that can compromise BoP.

2. Application integrity and service verification

ensure that the bot content is sent by the trusted party and is unchanged

3. Service contract management bot capabilities are depending on a service

contract (pay-per-use model)

7

GOVERNANCE ISSUES

4. System and application performance

ensure that the execution of bots will not prevent the correct operation and the availability of hosting environments.

5. Data acquisition and control Bots will access data from local hosting

environments and sensor integration gateways as well as data from the cloud platform.

8

MOTIVATION

Is the state of the art in policy enforcement can applied in the Bot-as-a-Service (BaaS) governance issues?

If not, What are the issues?How can we enforce governance

policies for the BaaS ?

9

STATE-OF-THE-ART & OPEN CHALLENGES Static analysis cannot check runtime

violations. Code signing can only certify the

integrity of the code Execution monitoring techniques are not

targeted to our BaaS modelservice contract for bot instances of a

consumerapplication-level data access monitoring for

data acquisition and control Policies for application performance can

be defined in the development or deployment phases

10

DISCUSSION ON THE STATE-OF-THE-ART

No existing techniques supportsmultiple types of governance and diverse types of hosting

environments (capabilities are limited)

No existing governance policy specifications Allows different types of governance

11

OUR APPROACHES

A policy enforcement framework specifically for the BaaSPolicy definition and management Different types of governance

Policy enforcement Multi-phase enforcement of different types of governance

12

POLICY DEFINITION AND MANAGEMENT

Bot-specific policiesE.g. the bot can only access a Samsung TV

Consumer’s business service contractE.g. 50 USD for 1 month use

Bot hosting context-specific policies

E.g. host platform, capabilities

Bot instances-with runtime context-specific policies

Policy templates for bot-specific and context-specific policies are based on API calls

Bot instances-with runtime context-specific policies

Bot instances-with runtime context-specific policies

13

POLICY ENFORCEMENT Static analysis and code rewriting for bot

context specific policies (Development phase)

Code signing for deployment Inlined execution monitoring (Runtime

phase) Policy-inlined bot instance

The framework should provide extensible

mechanisms to enable plug-ins of different techniques

14

OUR APPROACHES

15

CONCLUSIONS AND FUTURE WORKBot-as-a-Service architecture is

presented together with critical reviews of governance issues and existing techniques

New Approaches for governance and enforcement in sustainability platforms.

Future work focuses on the development ofpolicy definition, management and

enforcement frameworksupport cross governance issues for bots

16

Thank you!

18

POLICY DEFINITION AND MANAGEMENT Policy templates for bot-specific and context-

specific policies are based on API calls provided by the hosting environment and by cloud services

19

POLICY DEFINITION AND MANAGEMENT Bot-specific policies

E.g. the bot can only access a Samsung TV Consumer’s business service contract

E.g. 50 USD for 1 month use Bot hosting context-specific policies

E.g. host platform, capabilities Bot runtime context-specific policies

Policy templates for bot-specific and context-specific policies are based on API calls

bot context-specific policies

20

STATE-OF-THE-ART