Abstract
In this paper, we develop a modeling technique based on interpreted systems in order to verify temporal-epistemic properties over access control policies. This approach enables us to detect information flow vulnerabilities in dynamic policies by verifying the knowledge of the agents gained by both reading and reasoning about system information. To overcome the practical limitations of state explosion in model-checking temporal-epistemic properties, we introduce a novel abstraction and refinement technique for temporal-epistemic safety properties in ACTLK (ACTL with knowledge modality K) and a class of interesting properties that does fall in this category.
Chapter PDF
References
Becker, M.Y.: Specification and analysis of dynamic authorisation policies. In: Proceedings of 22nd IEEE Computer Security Foundations Symposium, CSF (2009)
Zhang, N., Ryan, M., Guelev, D.P.: Synthesising verified access control systems through model checking. Journal of Computer Security 16(1), 1–61 (2008)
Dougherty, D.J., Fisler, K., Krishnamurthi, S.: Specifying and Reasoning About Dynamic Access-Control Policies. In: Furbach, U., Shankar, N. (eds.) IJCAR 2006. LNCS (LNAI), vol. 4130, pp. 632–646. Springer, Heidelberg (2006)
Mardare, R., Priami, C.: Dynamic epistemic spatial logics. Technical report, The Microsoft Research-University of Trento Centre for Computational and Systems Biology (2006)
Fagin, R., Halpern, J.Y., Moses, Y., Vardi, M.Y.: Reasoning About Knowledge. MIT Press, Cambridge (1995)
Fagin, R., Halpern, J.Y., Moses, Y., Vardis, M.Y.: Knowledge-based programs. Distributed Computing 10(4), 199–225 (1997)
Clarke, E., Grumberg, O., Jha, S., Lu, Y., Veith, H.: Counterexample-Guided Abstraction Refinement. In: Emerson, E.A., Sistla, A.P. (eds.) CAV 2000. LNCS, vol. 1855, pp. 154–169. Springer, Heidelberg (2000)
Clarke, E.M., Lu, Y., Com, B., Veith, H., Jha, S.: Tree-like counterexamples in model checking. In: LICS 2002: Proceedings of the 17th Annual IEEE Symposium on Logic in Computer Science. IEEE Computer Society (2002)
Lomuscio, A., Raimondi, F.: mcmas: A Model Checker for Multi-agent Systems. In: Hermanns, H., Palsberg, J. (eds.) TACAS 2006. LNCS, vol. 3920, pp. 450–454. Springer, Heidelberg (2006)
Koleini, M., Ritter, E., Ryan, M.: Reasoning about knowledge in dynamic policies. Technical report, University of Birmingham, School of Computer Science (2012), http://www.cs.bham.ac.uk/~mdr/research/papers/pdf/13-mc-knowledge.pdf
Aucher, G., Boella, G., van der Torre, L.: Privacy Policies with Modal Logic: The Dynamic Turn. In: Governatori, G., Sartor, G. (eds.) DEON 2010. LNCS, vol. 6181, pp. 196–213. Springer, Heidelberg (2010)
Koleini, M., Ryan, M.: A Knowledge-Based Verification Method for Dynamic Access Control Policies. In: Qin, S., Qiu, Z. (eds.) ICFEM 2011. LNCS, vol. 6991, pp. 243–258. Springer, Heidelberg (2011)
Cohen, M., Dam, M., Lomuscio, A., Russo, F.: Abstraction in model checking multi-agent systems. In: AAMAS 2009: Proceedings of the 8th International Conference on Autonomous Agents and Multiagent Systems, pp. 945–952 (2009)
Zhou, C., Sun, B., Liu, Z.: Abstraction for model checking multi-agent systems. Frontiers of Computer Science in China 5, 14–25 (2011)
Lomuscio, A., Raimondi, F.: The complexity of model checking concurrent programs against CTLK specifications. In: AAMAS 2006: Proceedings of the Fifth International Joint Conference on Autonomous Agents and Multiagent Systems, pp. 548–550. ACM Press (2006)
Cohen, M., Dam, M., Lomuscio, A., Qu, H.: A symmetry reduction technique for model checking temporal-epistemic logic. In: Proceedings of the 21st International Jont Conference on Artifical Intelligence, IJCAI 2009 (2009)
Clarke, E.M., Grumberg, O., Long, D.E.: Model checking and abstraction. ACM Trans. Program. Lang. Syst. 16(5), 1512–1542 (1994)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Koleini, M., Ritter, E., Ryan, M. (2013). Model Checking Agent Knowledge in Dynamic Access Control Policies. In: Piterman, N., Smolka, S.A. (eds) Tools and Algorithms for the Construction and Analysis of Systems. TACAS 2013. Lecture Notes in Computer Science, vol 7795. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-36742-7_31
Download citation
DOI: https://doi.org/10.1007/978-3-642-36742-7_31
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-36741-0
Online ISBN: 978-3-642-36742-7
eBook Packages: Computer ScienceComputer Science (R0)