Agent-mediated Knowledge Management in Multiple Autonomous Domains ? Vassilis Zafeiris1 , Christos Doulkeridis1 , Petros Belsis2 and Ioannis Chalaris3 1

Department of Informatics Athens University of Economics and Business Athens, Greece 2 Department of Information and Communication Systems Engineering University of the Aegean Karlovassi, Samos, Greece 3 Technological Education Institute of Athens Athens, Greece Email: {bzafiris,cdoulk}@aueb.gr, [email protected], [email protected]

Abstract. Knowledge Management (KM) applications have proved their advantages and established their essential role in the context of organizations. Lately, Distributed KM has emerged as a means to utilize and exploit knowledge residing outside the boundaries of an organization. This paper presents an agentmediated KM approach in an environment of multiple autonomous domains, i.e. multiple organizations. Our approach allows knowledge asset discovery within a distributed and heterogeneous wealth of information, through an infrastructure of knowledge repositories by means of software agents. We describe and show the important role of ontologies and agents for providing distributed knowledge discovery in multiple autonomous domains. Interoperability of knowledge sources is achieved by software agent mediation. Finally, we describe the system architecture and present the implementation status of our work.

1 Introduction Knowledge Management (KM) applications emerged almost two decades ago [5], leveraging core business functions and boosting organizational performance; therefore, from a competitive advantage they became a basic necessity within an organization’s quiver [10]. Organizations can benefit from harvesting knowledge from several heterogeneous sources and assets, varying from old data repositories to the knowledge interrelated with the human assets of an organization, namely its employees’ experience [3]. Even in early theoretical frameworks we can identify the role of socialization and the role of creating human experts’ networks in order to multiply the knowledge, both tacit and explicit, residing in one organization. The real impetus can be given in KM by inter-organizational knowledge exchange, in compliance with Nonaka’s spiral knowledge creation and dissemination model [13] [12]. Lately, a lot of discussion focuses ?

This work was co-funded by 75% from E.E. and 25% from the Greek Government under the framework of the Education and Initial Vocational Training Program Archimedes.

on the concept of Distributed KM and competitive superiority against traditional, centralized KM applications [4] [2] [16] [9]. Most of the developed systems concentrate on deployment of central repositories where knowledge is codified and stored locally, without possibility to expand by utilizing knowledge outside the organization’s boundaries [1]. The centralized approach is delaying the potential impact of KM systems, since the distributed nature of knowledge is in contrast with the adhocracy that characterizes knowledge creation and storage in traditional KM systems. Among else, several issues are raised relative to the realization of Distributed Knowledge Management applications. These notions refer to the heterogeneity, which may be considered as structural, semantic, and syntactic heterogeneity [2]. Another important issue is ensuring security and providing authorization control mechanisms, both very important features of any distributed application. Our work focuses on Distributed Knowledge Management in the context of multiple autonomous domains, taking into account the aforementioned problems. An agentoriented approach is adopted in order to efficiently address well-known issues, such as heterogeneity of knowledge assets with regard to representation and semantics. Our work focuses on providing a distributed knowledge management infrastructure to exploit the knowledge scattered in different organizations within a particular domain. The contribution of this paper is the proposal of a novel knowledge discovery mechanism using software agents for interoperability of distributed organizations and their knowledge repositories. This paper is organized as follows: Section 2 describes the underlying infrastructure of knowledge repositories used in order to build our distributed knowledge management system. Section 3 presents an overview of the system architecture and discusses in detail how knowledge asset discovery is performed by means of software agents. A more detailed view on the design of the system as well as its implementation status are presented in Section 4. In Section 5 we review the related work, and finally, in Section 6 we present the conclusions and sketch our future work.

2 Distributed Knowledge Management Infrastructure of Knowledge Repositories In this section, the necessary infrastructure for the distributed knowledge management system is described. Several basic functionalities related to knowledge management can be provided on top of the proposed infrastructure. In particular, knowledge asset discovery, access control and retrieval are key features provided by our approach. These are important elements in a distributed knowledge management environment, characterized by heterogeneity of knowledge assets, decentralized storage, and increased security considerations with special regards to privacy. We adopt a multi-layer infrastructure of knowledge repositories that a) apply different authorization policies for sharing their contents, and b) enable discovery and access to knowledge assets. Knowledge repositories are used either for sharing globally accepted common knowledge or for providing knowledge asset management and storage facilities. The former refers to global ontologies that allow mutual understanding and

unambiguous interoperation of heterogeneous entities, while the latter consists of the actual knowledge assets and content of an organization. The proposed infrastructure comprises the following three layers, in terms of knowledge repositories (Figure 1): 1. Global Ontology Repository (GOR) 2. Domain Synopsis Repository (DSR) 3. Local Knowledge Repository (LKR)

8 #
 '

$  

 * 89'

$

%
&  '

$  




 
 



6  * 7 
    

6  * 7 
    

6  * 7 
    

()
 
 * 

,/+,-. ,010232405

,/+,-. ,010232405

,/+,-. ,010232405


 !
" #$ 



    




 

    




 

    




 

Fig. 1. Three levels knowledge management infrastructure.

2.1 Global Ontology Repository Coordination and communication of organizations present some basic problems in distributed environments, such as lack of common understanding and need for knowledge exchange in an unambiguous manner. In order to deal with such issues, a common, globally accepted point of reference is required. In the context of multiple distributed organizations, a third governmental party, such as a ministry, can play the role of the coordinator among participating organizations. For example, basic interoperation can be achieved with the definition of a common communication protocol by the third party. Notice that the role of this third party is required only during the establishment of communication mechanisms between two organizations. Later, all inter-organization communications will take place directly, without the intervention of the central authority. As a consequence, the Global Ontology Repository (GOR) is introduced. The Global Ontology Repository is accessible from any organization for retrieving domain ontologies related to their field of activity. Ontologies define the concepts of the domain of interest and their properties, and provide the basis for the semantic description and

discovery of knowledge assets. Their contribution is also substantial in effective communication between software agents as the defined terms make up the vocabulary for expressing their goals, beliefs and desires. Two kinds of ontologies are required for discovery and controlled access to knowledge assets: a) one or more domain ontologies for the description of the shared resources, e.g. a medical ontology for organizations of the health care sector and b) an authorization ontology (in fact a taxonomy) representing the hierarchy of user roles that are present in the problem domain and are differentiated in terms of their information access permissions (e.g. doctors, managers, nurses etc.). We will henceforth refer to this ontology as auth-ontology. Note that essential terms that should be included in the domain ontologies are those that refer to knowledge that is exchanged between the various administrative domains. Ontologies, thus, define a high level interface for communication among organizations.

2.2 Domain Synopsis Repository While the Global Knowledge Repository describes the global domain of interest, in terms of common ontologies and an overall authorization schema, each organization maintains a Domain Synopsis Repository (DSR) that describes its knowledge assets. The role of DSR is twofold: a) it provides semantic description of the knowledge assets stored at the organization, and b) it keeps summarized descriptions of the actual knowledge assets, that reflect the contents of the domain and, at a next step, guide knowledge discovery. The Domain Synopsis Repository contains : 1. A subset of the concepts defined in ontologies of the GOR. This subset represents the types of knowledge assets that are maintained within the bounds of the domain. For instance the repository corresponding to a dental clinic may contain concepts such as Dentist, Patient, Odontological Incidents etc. Notice that these local ontologies can contain only a subset of the concepts of the global ontology. In other words, local ontologies are always consistent both to the global ontology as well as to one another. Regarding the representation of ontologies, we assume a common, globally accepted language (formalism) in our approach, like RDF or OWL. 2. Statements that assert the ranges for some or all of a concept’s properties e.g. a range of {Athens, Piraeus} for the property residesIn that refers to the Patient concept. The specified statement suggests that the domain’s knowledge assets that refer to patients (e.g. medical records), span only residents of Athens or Piraeus. DSR is updated from the various information and knowledge sources through transformations that are applied to their contents. For instance summarization statements for relational databases, multidimensional queries for data warehouses, XSLT rules for XML repositories etc. Such rules define the interface of the DSR to the organization’s Local Knowledge Repository that is described below. Updating summarization statements is performed periodically based on the underlying knowledge asset updates. At regular intervals, predesigned transformations are applied to the locally stored knowledge assets, in order to derive new summaries.

Notice that an added value of summarized statements is that if a query issued against an organization is outside the valid range of the local knowledge base, this will be detected at this level, without having to go through the authorization process and consequent querying of the local knowledge asset repository. We do not address explicitly ontology updates at this point of our work. In general, new concepts must first be added to the global ontology and then they can be available for use in any local ontology. Any changes of concepts in the global ontology must be propagated to the local ontologies, in order to keep them consistent. We intend to deal with such issues in our future work. 2.3 Local Knowledge Repository The Local Knowledge Repository (LKR) represents the knowledge assets that are available in an organization’s administrative domain. The repository might be a centralized one or distributed among servers and workstations of the domain. Both internal and external users of the organization gain access to its contents by enforcing local authorization policies. Knowledge assets are stored in relational databases, XML files or any other type of data repository. In order to address heterogeneity issues that arise, since knowledge assets can be text, images, e-mails or other kind of resources, LKR also contains a set of metadata, expressed in XML format, for asset description. Part of this metadata is a unique asset identifier, a short description in text, the author’s name and a set of keywords used for matching user requests to knowledge assets. Updates to local repositories reflect updates to the upper level of repositories, namely to DSR. However, if every knowledge asset update would result into an update, it would be rather costly to maintain the summarized descriptions of DSR. This is not necessary, because only a subset of local updates affects the summaries.

3 Agent-mediated Discovery of Knowledge Assets Ontologies provide a shared representation of the domain of interest and the basis for the semantic description of knowledge assets. However, bridging the conceptual gap among various organizations does not suffice for the effective sharing of knowledge. A basic requirement for the discovery and exchange of knowledge assets is interoperation of their respective knowledge repositories. A technical approach for interoperation should take into account that a) the sources of knowledge assets comprising the LKR may span a variety of heterogeneous information systems, such as relational or native XML databases, file systems etc. b) direct exposure of such systems to third-parties, even with controlled access, constitutes a considerable security compromise, c) at any time individual systems or domains may become available or unavailable and thus a transparent integration mechanism is required. We adopt an agent-based approach for the interoperation of the knowledge sources represented by the various domains. Software agents mediate between the domain’s knowledge repositories and third party users that search for knowledge assets. Thus

interoperation of heterogeneous knowledge repositories is reduced to agent interoperation. Agent interoperation is based on the exchange of messages expressed in one of the widely accepted Agent Communication Languages (ACLs), FIPA ACL or KQML [8]. An ACL (Agent Communication Language), as its name suggests, focuses on the structure and communication related attributes of a message, such as sender/recipient address, message type (e.g. assertion, request, query etc.), ontological commitments, supported content languages and interaction protocols, rather than its content per se. The content of communication is encapsulated in ACL messages and is represented in mutually understandable content languages (KIF, SL, RDF etc. [6]) with the use of vocabulary borrowed from shared domain ontologies published in the Global Ontology Repository. As regarding message transfer, it is carried out over TCP/IP with the employment of protocols such as HTTP, SMTP etc. 3.1 Agent types Software agents are deployed in agent platforms, that provide the software infrastructure and computational resources to support their execution. We assume that agent platforms follow the FIPA agent management reference model [6] as it is evident by the presence of the AMS (Agent Management System) and DF (Directory Facilitator) agents (see Figure 2). These agents, along with Message Transport Service (MTS) [6], the default communication method between agents on different platforms, are the basic logical components of the FIPA agent management reference model. AMS is a mandatory component that provides agent registration, life cycle control and white page services in an agent platform. DF is an optional component that provides yellow page services to the agents of a platform. Our architecture introduces two agent types, namely Authorization-agent (A-agent) and Search-agent (S-agent) that interact in order to enable controlled knowledge exchange between autonomous administrative domains. Each domain is represented in the MAS (Multi-Agent System) by one A-agent and one S-agent respectively (see Figure 2). Their focus is on handling inter-domain requests, either inbound or outbound. Search-agent as its name suggests, is responsible for knowledge asset discovery in third party domains, in response to requests issued by users of the current domain (outbound requests). Moreover, S-agent handles requests originating from other domains (inbound requests) and coordinates their evaluation in the current domain’s infrastructure of knowledge repositories. Inbound request processing takes place in three steps: 1. Relevance check of the request with regard to the domain’s knowledge resources. Irrelevant requests are no further processed and an appropriate notification is sent to the requesting party. 1 . 2. Requests that pass the relevance check are granted access permissions on the domain’s knowledge resources. Permissions are determined by the Authorizationagent on the basis of the requesting party’s role. The specified role is provided 1

A request is deemed relevant with respect to the domain’s local knowledge sources if it can be (partially) answered by the local knowledge sources. Consequently, if a request cannot be answered by the local knowledge sources it is deemed irrelevant

& %.

%

)

/

+ *

*

* ( '

!"

#

* ,-

!" $

# $

Fig. 2. Message exchange for knowledge asset discovery. Arrows with continuous and discontinuous line patterns represent requests and responses respectively.

as part of the request for knowledge assets and corresponds to a role defined in the auth-ontology. 3. Submission of the request to the domain’s Local Knowledge Repository is the final step in its processing. Retrieved results are gathered from S-agent and forwarded to the request initiator. Authorization-agent enforces the domain’s authorization policy to inbound requests for knowledge assets. Each request is characterized by a role from the global authontology that represents the user’s desired access level to domain resources. A-agent grants permissions to the request by correlating it with a local role through predefined global-to-local role mapping rules. On the basis of these permissions the request is evaluated against the contents of the Local Knowledge Repository. 3.2 Knowledge Asset Discovery A more detailed view of the interaction between the agents of a domain with agent representatives of other domains, as well as with the current domain’s knowledge management infrastructure, is presented in this section. Figure 2 presents a scenario of knowledge asset discovery, initiated from Domain A, in response to a user request (not included in the figure). Message requests and their corresponding responses are represented by arrows, with continuous and discontinuous line patterns respectively, while arrow numbering indicates their ordering. Inter-domain knowledge asset discovery is triggered whenever a user request cannot be addressed by the contents of the current domain’s (Domain A) LKR. The domain’s S-agent (S-agentA ) is responsible for request forwarding to third party domains that are discovered through the agent platform’s Directory Facilitator (DF) agent. In practice, SagentA requests from DF the contact addresses of its peer S-agents in other domains (1). DF searches its local directory and replies (2) with the address of Domain B’s S-agent (S-agentB ). Thus, the discovery request is directed to S-agentB to handle its evaluation in Domain B (3).

Initially S-agentB checks the relevance of the request with respect to the domain’s available knowledge assets by issuing an appropriate query to the DSR (4). DSR matches the query against its contents and returns its relevance status (5). In case of a non relevant request S-agentA is notified and its processing terminates. A relevant request is forwarded to A-agentB (6) that correlates it with a role of the current domain and returns it to S-agentB for further processing (7). Finally the request is evaluated against the LKR (8, 9) and results are returned to S-agentA .

4 Intra-Organization System Design and Implementation Status A more detailed view on the internal design of a domain’s knowledge management infrastructure is presented in figure 3. The figure also reflects implementation specific decisions such as the platform for the development and deployment of the software agents that constitute a core part of the proposed system. Specifically we employ JADE (Java Agent DEvelopment framework) [7], a framework comprising of an agent platform for agent deployment and execution, software infrastructure for agent communication, management and mobility and tools for debugging and monitoring the implemented agents. JADE conforms to the FIPA specifications [6] for agent platform interoperability, it is distributed under an open source licence and has been used in a variety of research projects [7]. In our approach the main repositories maintained by an organization are LKR and DSR. The former includes all local knowledge repositories in terms of relational databases, XML files, collections of raw text files, e-mails etc. The latter contains: a) parts of one or more global domain ontologies that describe the semantics of the organizations’s knowledge base and b) a set of summarization statements that reflect its current content. Moreover, access control within each organization is provided by a local authorization policy and a set of role mappings to the auth-ontology. Thus, each organization can define its authorization policy, while at the same time map its roles to the global auth-ontology, in order to enable inter-domain access control. In our system implementation access control is supported by means of the Role Based Access Control Model (RBAC) [15]. DSR’s content is exposed to intra-organization parties through a well-defined interface. The interface enables the retrieval of a) concept descriptions, along with their respective properties, and b) summarization statements that correspond to one or more concept properties. Such descriptions are mainly used by S-agent during the relevance check of a query that determines its further processing. DSR’s content can also be updated as a result of changes to the LKR’s available knowledge assets. As regards LKR, it integrates to the architecture through the following modules: 1. Query Module: is responsible for performing search within LKR’s data sources and retrieving the requested knowledge assets. It interfaces with a variety of source types (e.g. relational databases, XML or other raw text document collections, e-mail archives etc.) and selectively submits to them user queries on the basis of metadata annotations that semantically characterize their content. Metadata annotations are based on the DSR ontology fragments and are manually associated with the various data sources. User queries are issued to the Query Module by S-agent after their

Domain Synopsis Repository Authorization Policy and Role Mappings

Summarization Statements

Domain Ontology

Transformation Module

Query Module

S-Agent

A-Agent

JADE Relational Database

Raw text

…

E-mails

JVM

Local Knowledge Repository

Fig. 3. Intra-organization System Design. relevance check against the DSR and assignment of access permissions by A-agent. A-agent maps the global role associated with each query to the local role hierarchy and determines its permissions on the basis of the local authorization policy. Query results are returned to S-agent that wraps them in an ACL message which is then forwarded to the query initiating party. 2. Transformation Module: is responsible for updating the summarization statements based on the underlying knowledge base. It consists of a set of submodules, one for each different knowledge representation, for example triggers for relational databases or XSLT transformations for XML documents. This module is extendable, by means of standard interfaces, so as to allow the easy integration of further submodules that apply to other knowledge representations. Updates of the local knowledge base cause the execution of transformations in order to update the associated summaries. As stated earlier, only a fraction of total updates actually cause execution of transformations, and if the imposed load is considered high, these transformations can be applied incrementally at the cost of temporary invalid summaries. We are currently working on the implementation of a system prototype that will be applied in a medical domain. The basic infrastructure for the interoperation and knowledge exchange among autonomous domains has been implemented on the basis of JADE. It includes mechanisms for the registration of a new domain in the MAS as well as for the forwarding of queries to the available domains. Our current efforts are focused on the support of relational databases as sources of knowledge assets, in addition to raw text documents that are handled by the latest version of the system.

5 Related Work ADAM [16] is a distributed application that utilizes agent technology for knowledge utilization and transaction authorization. The focus of ADAM is mainly on security

considerations, adopting a trust based model, where users are authorized according to the reputation collected from other nodes which have been engaged in the past. The main focus of ADAM is to enable the cooperation between totally unknown participants and on volatile environments, such as the Internet, where unknown participants have to cooperate for some reason. Authorization is treated through the exchange of the user’s private keys, transparently through the engagement of agents. ADAM though, is not a KM application, since all the knowledge that is exchanged refers to the users and there is not support for knowledge codification or support to handle any kind of heterogeneity. Edutella [11] is an RDF-based metadata infrastructure utilizing peer-to-peer technology. Queries are sent through the already registered peers within the specific query service. Heterogeneity in query languages is handled by transforming the queries in QEL (Query Exchange Language). Our system differentiates from Edutella in the way the ontologies are utilized as well as in the way knowledge asset access control is performed. The agent based model and its implementation, provides to our approach transparency when it comes to knowledge identification and access control deployment. XAROP [17], is a peer-to-peer system which utilizes ontologies for handling heterogeneity issues arising from the different conceptualizations among different domains. XAROP enables knowledge sharing and therefore comprises of a distributed KM infrastructure, still in our approach the role of software agents is catalytic in order to enable transparent knowledge dissemination. Additively security issues on XAROP are treated in a way that demands the manual creation of rules, in contrast with our approach that utilizes the flexibility of the Role Based Access Control Model [15]. FRODO [18] is a framework for distributed organizational memories that has several similarities with our approach. The authors also support our view of moving towards distributed knowledge management and they recognize the important role of agents and ontologies in this quest. FRODO additionally supports workflow management, whereas our approach focuses more on knowledge asset discovery in a multiorganizational domain with a special interest in security. Another relevant platform is CoMMA [14], which tackles the issue of corporate memory management. This approach is also agent-based, but the focus is on a single organization and the resources are XML documents with metadata expressed in RDF, whereas in our approach we address the issue of managing heterogeneous resources in distributed organizational knowledge bases.

6 Conclusions & Future Work This paper has addressed the issue of distributed knowledge management in a multiple domain environment of organizations. Our approach is based on the use of software agents for interoperability, enhanced with ontologies for representing the domain semantics and providing role-based access control, on top of an infrastructure of distributed knowledge repositories. Important issues, such as heterogeneity of knowledge assets and security considerations, that inherently exist in a distributed environment, are identified and confronted. Our future work will focus on the evaluation of the proposed knowledge management system in the medical domain and in an e-government environment.

References 1. A. Abecker, A. Bernardi, and Elst Van Ludger. Agent Technology for Distributed Organizational Memories. In Proceedings of ICEIS 2003, Artificial Intelligence and Decision support Systems, pages 1–8, 2003. 2. P. Belsis and S. Gritzalis. Distributed autonomous Knowledge Acquisition and Dissemination ontology based framework. In H. Kuhn, editor, Proceedings of 5th International Conference on Practical Aspects of Knowledge Management (PAKM’04)-Workshop on Enterprise Modeling and Ontology: Ingredients for Interoperability, Vienna, Austria, December 2004. 3. G. Bhatt. Management strategies for individual and organizational knowledge. Journal of knowledge management, 6(1):31–39, 2002. 4. M. Bonifacio, P. Bouquet, G. Mameli, and M. Nori. Kex: A Peer-to-Peer solution for distributed Knowledge Management. In K. Tochtermann and H. Maurer, editors, Proceedings of the 4th International Conference on Practical Aspects of Knowledge Management (PAKM’02), LNAI 2569, pages 490–500, Vienna, Austria, 2002. 5. T. Davenport and S. Volpel. The rise of knowledge towards attention management. Journal of knowledge management, 5(3):212–221, 2001. 6. Foundation for Intelligent Physical Agents. FIPA Specifications, http://www.fipa.org/specifications/index.html, 2005. 7. JADE. Home page, http://jade.cselt.it, 2005. 8. Y. Labrou, T. Finin, and Y. Peng. Agent Communication Languages: The current landscape. IEEE Intelligent Systems, 14(2):45–52, March/April 1999. 9. M. H. Larsen and M. K. Pedersen. Distributed Knowledge in health care Administration. In Proceedings of 34th IEEE International Conference on System Sciences, Hawaii, 2001. 10. A. McCampbell, L. Mordhead Clare, and S. Howard Gitters. Knowledge management: the new challenge for the 21st century. Journal of knowledge management, 3(3):172–179, 1999. 11. W. Nejdl, B. Wolf, C. Qu, S. Decker, M. Sintek, A. Naeve, M. Nilsson, M. Palmer, and T. Risch. Edutella: A P2P Networking Infrastructure based on RDF. In WWW 2002, Hawaii, USA, 2002. 12. I. Nonaka. A Dynamic Theory of Organizational Knowledge Creation. Organization Science, 5(1):14–37, 1994. 13. I. Nonaka and H. Takeuchi. The knowledge Creating Company. Oxford University Press, 1995. 14. P. Perez, H. Karp, R. Dieng, O. Corby, A. Giboin, F. Gandon, J. Quinqueton, A. Poggi, G. Rimassa, C. Fietta, J. Mueller, and J. Hackstein. Corporate Memory Management through Agents. In Proceedings of E-Work and E-Business, pages 383–406, 2000. 15. Ravi Sandhu, David Ferraiolo, and Richard Kuhn. The NIST model for Role-Based Access Control: towards a unified standard. In Proceedings of the Fifth ACM Workshop on RoleBased Access Control (RBAC’00), pages 47–63, 2000. 16. A. Seleznyov, A. Mohamed, and S. Hailes. ADAM: An agent-based Middleware Architecture for Distributed Access Control. In Proceedings of 22nd International Multi-Conference on Applied Informatics: Artificial Intelligence and Applications, 2004. 17. C. Tempich, M. Ehrig, C. Fluit, P. Haase, E. L. Marti, M. Plechawski, and S. Staab. XAROP: A Midterm Report on Introducing a Decentralized Semantics based Application. In H. Kuhn, editor, Proceedings of 5th International Conference on Practical Aspects of Knowledge Management (PAKM’04), LNAI 3336, pages 259–270, Vienna, Austria, December 2004. Kluwer Academic publishers. 18. L. van Elst, A. Abecker, A. Bernardi, A. Lauer, H. Maus, and S. Schwarz. An Agent-based Framework for Distributed Organizational Memories. In Proceedings of Coordination and Agent Technology in Value Networks, Multikonferenz Wirtschaftsinformatik (MKWI-2004), pages 181–196, 2004.