Original Publication Date: 2005-Jun-14
Included in the Prior Art Database: 2005-Jun-14
This article describes a method by which users can delegate authority to software agents to perform transactions on their behalf, and ensure that the software agent performs the transaction correctly according to the policy, through the use of a arbitrator agent.
In the future people may use software agents to perform a variety of task on their behalf. These tasks could include performing electronic transactions according to a set of policies. For example, you may request that an agent finds the best price for a retail item and buys it on your behalf within certain price, time, supplier constraints, or that an agent conducts an auction to other agents to sell something on your behalf.
However, in order for users to feel secure in delegating the authority to make transactions on their behalf, they require a means of ensuring that the agent only performs the transaction based on a correct interpretation of their policies. Also, in case of disagreement later about the validity of the transaction, the suppliers of the software agent should be able to verify that the transaction was legitimately carried out. This could be achieved by having a manual confirmation step in the transaction process whereby the agent checks with the user before committing the transaction. However, this defeats a major advantage in using policies and software agents which is speed through the lack of a need of a manual step. This is particularly important when a transaction might be carried out many times, and perhaps at irregular times when user-confirmation would not be timely. For example, a buyer may use a software agent to source components for a supply-chain from many different suppliers around the globe.
The idea is to use a third-party arbitration agent to store the policies and verify that the agent does in fact have the user's delegated authority and has interpreted the policy correctly before undertaking the transaction. The arbitration agent could also be queried by other parties (real users, or other software agents) involved in the transaction to ensure that the agent was abiding by the users policies and had the require authority
1 User sends request and policy to software agent 1. Details of the arbitrator agent are included in the policy 2 Software agent 1 authenticates with the arbitrator agent and forwards the request and policy to arbitrator agent 3 Arbitrator checks policy for consistency and returns policy to the user 4 User authenticates with arbitrator agent (holds an account) and confirms the policy
it has forwarded is the one that the software agent was sent 5 Arbitrator agent confirms acceptance with software agent 1. At this point the request/policy is considered active. 6 Arbitrator agent stores request and policy in database 7 Software Agent 1 seek...