- From: Duncan White <d.white@surrey.ac.uk>
- Date: Wed, 08 Mar 1995 12:31:41 +0000
- To: www-talk@www10.w3.org
- Cc: D.White@ee.surrey.ac.uk
Alvin Starr <alvin@eyepoint.com> writes: >I would argue that the agent is not as important as who's agent is it. >If you give a person access to your system then what is wrong with giving >their agent the same access. In this way all of the standard security rules >that apply to normal users should apply to their agents. Hang on, surely this completely undercuts the whole idea of agents? I think it would be very sad if "my" agents could only run on machines where I have an account! In Message <9503080318.AA29760@is.rice.edu> Prentiss Riddle <riddle@is.rice.edu> replies: >.. I would like to be able to provide many classes >of services to people (or their agents) to whom I would never grant, >say, a Unix shell account. Indeed! In a controlled environment.. Prentiss continues: >A separate issue, but one we should consider as well, is that an >"intelligent" agent might be unintelligent enough to make certain >mistakes that a human would never make. I'm thinking of things like >getting into an infinite loop and issuing the same query a million >times (poorly programmed WWW robots are a current example of this). >The kinds of software pathology they've been worrying about for years >in the RISKS Digest all apply to intelligent agents, and both the >designers of agents and the designers of services that agents interact >with need to be aware of them. For this reason, it might be that I >would be willing to grant a human more access than I would grant his or >her robotic agent. I entirely agree - as a system administrator myself, I would not enable a hypothetical "agent-receiver" service on any machine I adminstrate UNLESS I was entirely sure that no agents could do harm, or deny services, to my machines and users. As a solution both to infinite loops (specifically) and the more general cooperative nature of agents executing on other people's host machines, may I suggest that agents should not be allowed to run indefinitely. CPU usage of a host by agents would be a resource should be controlled. So, how about the host donating only a certain maximum run time to an individual agent, and running no more than a certain number of agents at once? ie. The host could forcibly cease interpreting/running the agent after a given run time has elapsed. When an agent arrives on a host, it could effectively negotiate its time limit with its new host. For example, the agent might declare that it wants to run for up to 10 minutes, whereas the host might only be prepared to let it run for 1 minute. The host obviously must have the last word (since this is cooperative processing on other people's machines), and could then inform the agent that 1 minute is all it's getting. This could be used by the script to change how "deeply" it searches, perhaps.. >-- Prentiss Riddle ("aprendiz de todo, maestro de nada") riddle@rice.edu >-- Systems Programmer and RiceInfo Administrator, Rice University >-- 2002-A Guadalupe St. #285, Austin, TX 78705 / 512-323-0708 >-- Opinions expressed are not necessarily those of my employer. cheers, duncan ------------------------------------------------------------------------------ Duncan C. White, Software Support Officer, Room 36BB20, Dept. of Elec Eng, University of Surrey, Guildford, Surrey GU2 5XH, UK. Email: D.White@ee.surrey.ac.uk Direct phone: +44 1483 259826 Fax: +44 1483 34139 URL: http://www.ee.surrey.ac.uk/showstaff?D.White ------------------------------------------------------------------------------ "Aaarrgh! There's the monster!" "What, behind that rabbit?" Monty Python and the Holy Grail ------------------------------------------------------------------------------
Received on Wednesday, 8 March 1995 07:33:16 UTC