Skip to main content

Verification of Information Flow in Agent-Based Systems

  • Conference paper

Part of the Lecture Notes in Business Information Processing book series (LNBIP,volume 26)

Abstract

Analyzing information flow is beneficial for ensuring the satisfiability of security policies during the exchange of information between the agents of a system. In the literature, models such as Bell-LaPadula model and the Chinese Wall model are proposed to capture and govern the exchange of information among agents. Also, we find several verification techniques for analyzing information flow within programs or multi-agent systems. However, these models and techniques assume the atomicity of the exchanged information, which means that the information cannot be decomposed or combined with other pieces of information. Also, the policies of their models prohibit any transfer of information from a high level agent to a low level agent. In this paper, we propose a technique that relaxes these assumptions. Indeed, the proposed technique allows classifying information into frames and articulating finer granularity policies that involve information, its elements, or its frames. Also, it allows for information manipulation through several operations such as focusing and combining information. Relaxing the atomicity of information assumption permits an analysis that takes into account the ability of an agent to link elements of information in order to evolve its knowledge.

The technique uses global calculus to specify the communication between agents, information algebra to represent agent knowledge, and an amended version of Hoare logic to verify the satisfiability of policies.

Keywords

  • Global calculus
  • Information Algebra
  • Agent Knowledge
  • Information Flow
  • Hoare Logic

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-642-01187-0_22
  • Chapter length: 15 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   74.99
Price excludes VAT (USA)
  • ISBN: 978-3-642-01187-0
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   99.00
Price excludes VAT (USA)

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Alghathbar, K., Farkas, C., Wijesekera, D.: Securing UML information flow using FlowUML. Journal of Research and Practice in Information Technology 38(1), 111–120 (2006)

    Google Scholar 

  2. Bell, D.E., La Padula, L.J.: Secure computer system: Unified exposition and multics interpretation. Technical Report ESD-TR-75-306, The MITRE Corporation (March 1976)

    Google Scholar 

  3. Brewer, D.F.C., Nash, M.J.: The Chinese Wall security policy. In: IEEE Symposium on Security and Privacy, May 1989, pp. 206–214 (1989)

    Google Scholar 

  4. Carbone, M., Honda, K., Yoshida, N.: Structured communication-centred programming for web services. In: De Nicola, R. (ed.) ESOP 2007. LNCS, vol. 4421, pp. 2–17. Springer, Heidelberg (2007)

    CrossRef  Google Scholar 

  5. Davey, B.A., Priestley, H.A.: Introduction to Lattices and Order. second edition. Cambridge University Press, Cambridge (2002)

    CrossRef  MATH  Google Scholar 

  6. Focardi, R., Gorrieri, R.: The compositional security checker: A tool for the verification of information flow security properties. IEEE Transactions on Software Engineering 23(9), 550–571 (1997)

    CrossRef  Google Scholar 

  7. Hoare, C.A.R.: An axiomatic basis for computer programming. Communications of the ACM 12(10), 576–580 (1969)

    CrossRef  MATH  Google Scholar 

  8. Hristova, K., Rothamel, T., Liu, Y.A., Stoller, S.D.: Efficient type inference for secure information flow. In: PLAS 2006: Proceedings of the 2006 workshop on Programming languages and analysis for security, pp. 85–94. ACM, New York (2006)

    CrossRef  Google Scholar 

  9. Kobayashi, N.: Type-based information flow analysis for the π-calculus. Acta Informatica 42(4), 291–347 (2005)

    MathSciNet  CrossRef  MATH  Google Scholar 

  10. Kohlas, J., Stärk, R.F.: Information algebras and consequence operators. Logica Universalis 1(1), 139–165 (2007)

    MathSciNet  CrossRef  MATH  Google Scholar 

  11. Sabri, K.E., Khedri, R.: A mathematical framework to capture agent explicit knowledge in cryptographic protocols. Technical Report CAS-07-04-RK, department of Computing and Software, Faculty of Engineering, McMaster University (October 2007), http://www.cas.mcmaster.ca/cas/0template1.php?601 (accessed January 19, 2008)

  12. Sabri, K.E., Khedri, R., Jaskolka, J.: Specification of agent explicit knowledge in cryptographic protocols. In: CESSE 2008: International Conference on Computer, Electrical, and Systems Science, and Engineering, Venice, Canada, October 2008, vol. 35, pp. 447–454. World Academy of Science, Engineering and Technology (2008)

    Google Scholar 

  13. Sabri, K.E., Khedri, R., Jaskolka, J.: Automated verification of information flow in agent-based systems. Technical Report CAS-09-01-RK, department of Computing and Software, Faculty of Engineering, McMaster University (January 2009), http://www.cas.mcmaster.ca/cas/0template1.php?601 (accessed January 19, 2009)

  14. Varadharajan, V.: Petri net based modelling of information flow security requirements. In: Computer Security Foundations Workshop III, pp. 51–61 (June 1990)

    Google Scholar 

  15. Volpano, D., Irvine, C., Smith, G.: A sound type system for secure flow analysis. Journal of Computer Security 4(2-3), 167–187 (1996)

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Sabri, K.E., Khedri, R., Jaskolka, J. (2009). Verification of Information Flow in Agent-Based Systems. In: Babin, G., Kropf, P., Weiss, M. (eds) E-Technologies: Innovation in an Open World. MCETECH 2009. Lecture Notes in Business Information Processing, vol 26. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01187-0_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-01187-0_22

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-01186-3

  • Online ISBN: 978-3-642-01187-0

  • eBook Packages: Computer ScienceComputer Science (R0)