Specifying Agent Beliefs for Authentication Systems

Conference Paper · February 2007with2 Reads
DOI: 10.1109/ECUMN.2007.49 · Source: DBLP
Conference: Fourth European Conference on Universal Multiservice Networks (ECUMN 2007), 14-16 February 2007, Toulouse, France


    The goal of an authentication system is to verify and authorise users, in order to protect restricted data and information. After authentication, two principals (people, computers, services) in a distributed system should be entitled to believe that they are communicating with each other and not with intruders. Therefore it is important to express such beliefs precisely and to capture the reasoning that leads to them. In this paper, we focus on analysis of agent beliefs in dynamic environments in a formal framework based on a combination of a belief logic with a temporal logic. Through a well-known protocol example, that is, Kerberos, we discuss how to express principal agent beliefs involved in authentication protocols and the evolution of these beliefs as a consequence of communication, since trust is based on a series of observations of agents. Our approach is general and could be used for designing, verifying and implementing authentication protocols