400 likes | 513 Views
XVII Escuela de Ciencias Informaticas (ECI 2003), Buenos Aires, July 21-26 2003. Formal Models for Distributed Negotiations Committed Join Calculus. Roberto Bruni Dipartimento di Informatica Università di Pisa. Our Focus.
E N D
XVII Escuela de Ciencias Informaticas (ECI 2003), Buenos Aires, July 21-26 2003 Formal Models forDistributed NegotiationsCommitted Join Calculus Roberto Bruni Dipartimento di Informatica Università di Pisa
Our Focus • In commercial applications, separately designed and implemented components must interact • commit (intermediate) results of long-running activities upon (partial) agreements • e.g. e-commerce, on-line auction systems • Formal models should • avoid ad-hoc proprietary solutions • offer alternatives to centralized transaction managers • hide the coordination layer (separation of concerns) Formal Models for Distributed Negotiations
Distributed Agreements • Negotiations / Contracts • commit, abort, compensation • hierarchical decisions • dynamic membership • fully distributed control • Process cooperation • coordination / orchestration / choreography • different platforms and policies • Data integration • unstructured documents in different formats Formal Models for Distributed Negotiations
Prerequisites forModeling Contracts • Local and global resources • Local sub-contracts and decisions • Global results posted upon commit • Abort of ongoing contracts • All participants must be informed • Compensations can be activated • Either abort or commit (no divergence) • Dynamic joining of participants • Contracts can be merged • Nested structure of contracts Formal Models for Distributed Negotiations
Commitment • We have seen different concepts in different areas • DataBase transactions • Transactional Workflows • Transition synchronization • PDLs with commit primitives • Committed choice languages Formal Models for Distributed Negotiations
PDLs with commit • Transactions in JavaSpaces and Linda • create(x)and commit(x) prefixes • event notification • TraLinda • typed messages (L / H) and atomic prefixing • Long running transactions • MINI-XLANG • asynchronous -calculus with transactional context context(P,Pf,Pc) Formal Models for Distributed Negotiations
Committed Choice Languages • Logic programming • Non determinism means exhaustive search of successful computations • don’t know non-determinism • results are produced at the end • Concurrent logic / constraint languages • limit backtracking to improve efficiency • don’t care non-determinism (indeterminism) • partial outputs during computation Formal Models for Distributed Negotiations
Guarded Horn Clauses • Head Guard | Body • Reduce Head to Body if Guard succeeds • don’t know when evaluating guards • don’t care when selecting clauses whose guards are true • Flat guards • conjunction of primitive predicates • Deep guards (e.g. AKL) • both primitive and programmed predicates Formal Models for Distributed Negotiations
Our Proposal • committed JOIN • PDL presentation • Non ACID • Multiway • Open Nesting • Flexible • Split / Join • Programmable commit / abort / compensation • Concurrency and distribution • Distributed 2PC • Different levels of abstraction Formal Models for Distributed Negotiations
Why an extension of JOIN • Well-known asynchronous calculus • Distributed implementations • Jocaml • Polyphonic C# • Analogous to dynamic coloured Petri nets • Running D2PC implementation • CHAM semantics • molecules form solutions enclosed in membranes • nesting is free (via membranes) • Typed serializability Ongoing Work! Formal Models for Distributed Negotiations
contract compensation boundaries Committed JOIN Syntax messages M,N::= 0 | xŷ | M|N P,Q ::= M | def D in P | P|Q | abort| [P:Q] D,E ::= JP | DE | JP J,K ::= xŷ | J|K programmable abort merge definitions(boards): defined boards must be disjoint from ordinary defined names Formal Models for Distributed Negotiations
Committed JOIN Semantics Formal Models for Distributed Negotiations
Committed JOIN Semantics contract P can evolve in isolation compensation is kept frozen Formal Models for Distributed Negotiations
Committed JOIN Semantics global resources commit Formal Models for Distributed Negotiations
Committed JOIN Semantics compensation on abort Formal Models for Distributed Negotiations
Committed JOIN Semantics merge n ongoing contracts Formal Models for Distributed Negotiations
JOIN vs cJOIN PROPOSITION cJOIN is a conservative extension of JOIN: P JQ iff P cJQ (for P and Q JOIN processes) Formal Models for Distributed Negotiations
A Multi-Way Contract Formal Models for Distributed Negotiations
Multi-Level Nesting Formal Models for Distributed Negotiations
Nested Abort Formal Models for Distributed Negotiations
Nested Abort II Formal Models for Distributed Negotiations
Hotel Booking H def WaitBooking [ def requesto o$ | price$ price$ | confirmv BookedRoomv price$ abort inofferingRoom request,confirm : Q ] BookedRoomv … inWaitBooking | … Formal Models for Distributed Negotiations
Hotel Booking H def WaitBooking [ def requesto o$ | price$ price$ | confirmv BookedRoomv price$ abort inofferingRoom request,confirm : Q ] BookedRoomv … inWaitBooking | … C def BookingHotel [defhotelMsgr,cdef offer$ cvisa | HotelFound offer$ abort in roffer insearchRoom hotelMsg : Q’ ] inBookingHotel | … Formal Models for Distributed Negotiations
Hotel Booking H def WaitBooking [ def requesto o$ | price$ price$ | confirmv BookedRoomv price$ abort inofferingRoom request,confirm : Q ] BookedRoomv … inWaitBooking | … C def BookingHotel [defhotelMsgr,cdef offer$ cvisa | HotelFound offer$ abort in roffer insearchRoom hotelMsg : Q’ ] inBookingHotel | … HB def searchRoomhm |offeringRoom r,chmr,c inH | C Formal Models for Distributed Negotiations
Hotel Booking …, WaitBooking , BookingHotel …, […, offeringRoomrequest,confirm : Q ] , […, searchRoomhotelMsg : Q’] …, […, hotelMsgrequest,confirm : Q | Q’] …, […, requestoffer : Q | Q’] …, […, offer$, price$ : Q | Q’] …, […, confirmvisa, HotelFound , price$ : Q | Q’] …, […, BookedRoomvisa, HotelFound : Q | Q’] …, BookedRoomvisa, HotelFound Formal Models for Distributed Negotiations
Trip Booking I H as before F def WaitBooking [ def requesto o$ | price$ price$ | confirmv BookedFlightv price$ abort inofferingFlight request,confirm : Q ] BookedFlightv … inWaitBooking | … local name, different from homonym name in H Formal Models for Distributed Negotiations
Trip Booking II both needed to commit C defhotelOKfc | flightOKhc fc | hc BookingHotel [defhotelMsgr,cdef offer$ cvisa | hotelOKflightConf offer$ abort flightConf HotelFound in roffer insearchRoom hotelMsg : Q’ ] BookingFlight [defflightlMsgr,cdef offer$ cvisa | flightOKhotelConf offer$ abort hotelConf FlightFound in roffer insearchFlight flightMsg : Q’’ ] inBookingHotel | BookingFlight | … TB def searchRoomhm |offeringRoom r,chmr,c searchFlightfm |offeringFlight r,cfmr,c inH | F | C Formal Models for Distributed Negotiations
membranes and scoping rules nesting commit reaction several variants of abort would limit the expressiveness merge definitions (boards) multi-level Matching the Prerequisites • Local and global resources • Local sub-contracts and decisions • Global results posted upon commit • Abort of ongoing contracts • All participants must be informed • Compensations can be activated • Either abort or commit (no divergence) • Dynamic joining of participants • Contracts can be merged • Nested structure of contracts Formal Models for Distributed Negotiations
ZS nets, JOIN and cJOIN • ZS nets can be encoded in JOIN by attaching the dynamic creation of a local DTC to transitions • Implementation of D2PC (transparent to users) • Tokens must carry several channel names • Each firing must undergo local DTCs approval • cJOIN primitives allow a straightforward encoding • No further protocol is needed • Tokens carry just one contract identifier • Firings directly correspond to reactions Formal Models for Distributed Negotiations
join fork open close compute ZS nets in JOIN We encode basic nets, which are expressive enough: given a net (T,S) we define an agent def [[ T ]] in [[S]] , where [[ E open e ]] = E defDin e(put, { lock }) | state({ E }) [[ e calc e’ ]] = e(p, L) e’(p, L) [[ e fork e’, e’’ ]] = e(p, L) defDin e’(p, L { lock }) | e’’(put, L { lock }) | state( ) [[ e’, e’’ join e ]] = e’(p’, L’) | e’’(p’’, L’’) e(p’, L’ L’’) | p’’(L’’ L’, ) [[ e close E ]] = e(p, L) p(L, { E }) default compensation Formal Models for Distributed Negotiations
DTC in JOIN the definition D is the following state(H) | put(L, F) commit(L \ { lock }, L , { lock }, F, H ) state(H) failed() | release(H) commit({ l } L, L’, L’’, F, H) commit(L, L’, L’’ , F, H) | l(L’, lock, fail ) commit(L, L’, L’’, F, H) | lock(L’’’, l, f ) commit(L (L’’’ \ L’), L’ L’’’, L’’ { l }, F, H ) commit(, L, L, F, H) release(F) commit(L, L’, L’’, F, H) | fail() failed() | release(H) failed() | put(L, F) failed() failed() | lock(L, l, f) failed() | f() failed() | fail() failed() Formal Models for Distributed Negotiations
join fork open close compute ZS nets in cJOIN We encode basic nets, which are expressive enough: given a net (T,S) we define an agent def [[ T ]] in [[S]] , where [[ E open e ]] = E [defz0in ez: E ] [[ e calc e’ ]] = ez e’z [[ e fork e’, e’’ ]] = ez e’z | e’’z [[ e’, e’’ join e ]] = e’z’ | e’’z’’ ez’ [[ e close E ]] = e z E dummy definition (JOIN way of declaring a local id) z’ and z’’ have now identical scope and meaning Formal Models for Distributed Negotiations
Committed Join Features • Negotiations can be defined in terms of concurrent sub-negotiations • Cooperation between contracts are given by merging definitions • Global resources produced inside a negotiation are made availableat commit time • Commit means termination • Explicit abort and compensation Formal Models for Distributed Negotiations
Some results on cJoin • cJoin is a conservative extension of Join • P JQ iff P cJQ. (P and Q Join processes) • Zero-safe nets can be encoded as cJoin processes • N=(T,S) a ZS net. (S,) * (S’,) iff def [T] in [S] * def [T] in [S] Formal Models for Distributed Negotiations
cJOIN and Logic Languages • Commit primitives of cJoin can be used to implement committed choices of AKL • explicit encoding of search strategies and unification via continuation passing and compensation Formal Models for Distributed Negotiations
Serializability • A simple type system that guarantees serializability • Shallow processes • the start of a sub-negotiation can be postponed until all the cooperating sub-negotiations needed to commit can be generated inside its parent negotiation • Proof via correspondence w.r.t. big step semantics Formal Models for Distributed Negotiations
Encoding of cJOIN in JOIN • Aim: • Define an implementation of cJOIN in JOIN • Associate to every cJOIN process a JOIN process that simulate its behavior • Ideas: • Identification of basic forms for definitions • Definition of a type system to single out canonical processes • Reuse controllers of the D2PC protocol Formal Models for Distributed Negotiations
Abstract Semantics • Expected Result • Define the abstract representative of a cJOIN process • a JOIN process describing all the stable behaviors of the original process def ax|by [def cz bz in ay | cx : ax|by] ina1|b2 def ax | by ay | bx ina1|b2 Formal Models for Distributed Negotiations
Comparatives studies • Comparison with other approaches for modeling long-running activities • Transactional context of MINI-XLANG • distinguish two kinds of compensations • Goals • Find limitations / restrictions • Show the encoding of other common constructors (such as those in WMS) Formal Models for Distributed Negotiations
References • Committed actions for mobile calculi (PhD Thesis Proposal, Manuscript, 2003) • H. Melgratti • Nested commits for mobile calculi: extending Join (Manuscript) • R. Bruni, H. Melgratti, U. Montanari Formal Models for Distributed Negotiations