Abstract
Analyzing information flow is beneficial for ensuring the satisfiability of security policies during the exchange of information between the agents of a system. In the literature, models such as Bell-LaPadula model and the Chinese Wall model are proposed to capture and govern the exchange of information among agents. Also, we find several verification techniques for analyzing information flow within programs or multi-agent systems. However, these models and techniques assume the atomicity of the exchanged information, which means that the information cannot be decomposed or combined with other pieces of information. Also, the policies of their models prohibit any transfer of information from a high level agent to a low level agent. In this paper, we propose a technique that relaxes these assumptions. Indeed, the proposed technique allows classifying information into frames and articulating finer granularity policies that involve information, its elements, or its frames. Also, it allows for information manipulation through several operations such as focusing and combining information. Relaxing the atomicity of information assumption permits an analysis that takes into account the ability of an agent to link elements of information in order to evolve its knowledge.
The technique uses global calculus to specify the communication between agents, information algebra to represent agent knowledge, and an amended version of Hoare logic to verify the satisfiability of policies.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Alghathbar, K., Farkas, C., Wijesekera, D.: Securing UML information flow using FlowUML. Journal of Research and Practice in Information Technology 38(1), 111–120 (2006)
Bell, D.E., La Padula, L.J.: Secure computer system: Unified exposition and multics interpretation. Technical Report ESD-TR-75-306, The MITRE Corporation (March 1976)
Brewer, D.F.C., Nash, M.J.: The Chinese Wall security policy. In: IEEE Symposium on Security and Privacy, May 1989, pp. 206–214 (1989)
Carbone, M., Honda, K., Yoshida, N.: Structured communication-centred programming for web services. In: De Nicola, R. (ed.) ESOP 2007. LNCS, vol. 4421, pp. 2–17. Springer, Heidelberg (2007)
Davey, B.A., Priestley, H.A.: Introduction to Lattices and Order. second edition. Cambridge University Press, Cambridge (2002)
Focardi, R., Gorrieri, R.: The compositional security checker: A tool for the verification of information flow security properties. IEEE Transactions on Software Engineering 23(9), 550–571 (1997)
Hoare, C.A.R.: An axiomatic basis for computer programming. Communications of the ACM 12(10), 576–580 (1969)
Hristova, K., Rothamel, T., Liu, Y.A., Stoller, S.D.: Efficient type inference for secure information flow. In: PLAS 2006: Proceedings of the 2006 workshop on Programming languages and analysis for security, pp. 85–94. ACM, New York (2006)
Kobayashi, N.: Type-based information flow analysis for the π-calculus. Acta Informatica 42(4), 291–347 (2005)
Kohlas, J., Stärk, R.F.: Information algebras and consequence operators. Logica Universalis 1(1), 139–165 (2007)
Sabri, K.E., Khedri, R.: A mathematical framework to capture agent explicit knowledge in cryptographic protocols. Technical Report CAS-07-04-RK, department of Computing and Software, Faculty of Engineering, McMaster University (October 2007), http://www.cas.mcmaster.ca/cas/0template1.php?601 (accessed January 19, 2008)
Sabri, K.E., Khedri, R., Jaskolka, J.: Specification of agent explicit knowledge in cryptographic protocols. In: CESSE 2008: International Conference on Computer, Electrical, and Systems Science, and Engineering, Venice, Canada, October 2008, vol. 35, pp. 447–454. World Academy of Science, Engineering and Technology (2008)
Sabri, K.E., Khedri, R., Jaskolka, J.: Automated verification of information flow in agent-based systems. Technical Report CAS-09-01-RK, department of Computing and Software, Faculty of Engineering, McMaster University (January 2009), http://www.cas.mcmaster.ca/cas/0template1.php?601 (accessed January 19, 2009)
Varadharajan, V.: Petri net based modelling of information flow security requirements. In: Computer Security Foundations Workshop III, pp. 51–61 (June 1990)
Volpano, D., Irvine, C., Smith, G.: A sound type system for secure flow analysis. Journal of Computer Security 4(2-3), 167–187 (1996)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sabri, K.E., Khedri, R., Jaskolka, J. (2009). Verification of Information Flow in Agent-Based Systems. In: Babin, G., Kropf, P., Weiss, M. (eds) E-Technologies: Innovation in an Open World. MCETECH 2009. Lecture Notes in Business Information Processing, vol 26. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01187-0_22
Download citation
DOI: https://doi.org/10.1007/978-3-642-01187-0_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-01186-3
Online ISBN: 978-3-642-01187-0
eBook Packages: Computer ScienceComputer Science (R0)