Conference Paper

Analysing Stream Authentication Protocols in Autonomous Agent-Based Systems

Dept. of Comput., Macquarie Univ., Sydney, NSW
DOI: 10.1109/DASC.2006.19 Conference: Second International Symposium on Dependable Autonomic and Secure Computing (DASC 2006), 29 September - 1 October 2006, Indianapolis, Indiana, USA
Source: DBLP


In stream authentication protocols used for large-scale data dissemination in autonomous systems, authentication is based on the timing of the publication of keys, and depends on trust of the receiver in the sender and belief on whether an intruder can have prior knowledge of a key before it is published by a protocol. Many existing logics and approaches have successfully been applied to specify other types of authentication protocols, but most of them are not appropriate for analysing stream authentication protocols. We therefore consider a fibred modal logic that combines a belief logic with a linear-time temporal logic which can be used to analyse time-varying aspects of certain problems. With this logical system one is able to build theories of trust for analysing stream authentication protocols, which can deal with not only agent beliefs but also the timing properties of an autonomous agent-based system

Download full-text


Available from: Guido Governatori
  • Source
    • "In this work we discuss a methodology for establishing theories of trust for authentication systems using a temporal belief logic, and provide a method to revise such theories in dynamic environments. This paper extends our recent works on the specification of agent beliefs (Ma & Orgun, 2006a, 2007). "
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper discusses a formal approach for establishing theories of trust for authentication systems which can be used to reason about how agent beliefs evolve through time. The goal of an authentication system is to verify and authorise users in order to protect restricted data and information, so trust is a critical issue for authentication systems. After authentication, two principals (people, computers, services) should be entitled to believe that they are communicating with each other and not with intruders. So, it is important to express such beliefs precisely and to capture the reasoning that leads to them. In this paper, we focus on analysis of agent beliefs in dynamic environments using a temporalised belief logic, obtained by adding a temporal logic onto a belief logic. Working through a well-known authentication protocol, namely Kerberos, we discuss how to express principal beliefs involved in authentication protocols and the evolution of those beliefs based on a series of observations of agents as a consequence of communication. Our approach could be used for designing, verifying and implementing authentication protocols.
    Full-text · Article · Mar 2008 · Information Systems Frontiers

  • No preview · Article · Jan 2009 · Lecture Notes in Computer Science
  • [Show abstract] [Hide abstract]
    ABSTRACT: Trust is a critical issue for communication protocols in open systems that operate in dynamic and highly uncertain environments. It influences not only the specification of security policies but also the techniques needed to manage and implement security policies. A formal system for the specification of trust for such systems requires the ability to reason about agent beliefs as well as the evolution of the system through time. In this paper, we use a fibred logic called FL which is obtained by combining a belief logic with a temporal logic for specifying agent beliefs and establishing trust theories for communication protocols. A theory of trust for a given system is captured by a set of rules in FL that describes the trust of agents in the system. This enables automated reasoning about theories of trust using the decision procedures of FL such as axiom systems and tableaux. Theories of trust are generally established based on the initial trust of agents in the security mechanisms of the system in which they are deployed. Such theories provide a foundation for reasoning about agent beliefs as well as security properties that systems may satisfy. Yes Yes
    No preview · Article · Jul 2009
Show more