multiagent system based verification of security and
play

Multiagent System-based Verification of Security and Privacy Ioana - PowerPoint PPT Presentation

Nov 26, 2023 •96 likes •567 views

Model Checking Multiagent Systems MAS for Security Multiagent System-based Verification of Security and Privacy Ioana Boureanu Imperial College London Department of Computing September 2015 logo Model Checking Multiagent Systems MAS for

  1. Model Checking Multiagent Systems MAS for Security Multiagent System-based Verification of Security and Privacy Ioana Boureanu Imperial College London Department of Computing September 2015 logo

  2. Model Checking Multiagent Systems MAS for Security Outline 1 Model Checking Multiagent Systems MAS for Security 2 Introduction (Simple) MAS Modelling for Security (Not So Simple) MAS Models for Security – A Glance Future Avenues for Security Apps as MAS logo

  3. Model Checking Multiagent Systems MAS for Security Outline 1 Model Checking Multiagent Systems MAS for Security 2 Introduction (Simple) MAS Modelling for Security (Not So Simple) MAS Models for Security – A Glance Future Avenues for Security Apps as MAS logo

  4. Model Checking Multiagent Systems MAS for Security Model Checking MAS Model Checking in Theory 1 Model Checking MAS in Practice 2 Logic-based Languages 3 MAS-based Models 4 logo

  5. Model Checking Multiagent Systems MAS for Security Model Checking In Theory Model checking [Clarke et al., 1999] is a verification technique M | = ϕ , given a model M for a system and a specification ϕ encoding one of the system’s properties Our Example of Models & Specifications M — a formal semantics for multiagent systems ϕ — knowledge , joint abilities beliefs, intentions, . . . , to express fault-tolerance, diagnosability, security ... logo

  6. Model Checking Multiagent Systems MAS for Security Model Checking in Practice Real World Verification An explicit modelling ! state-space exponential in the size of the input An optimised, much simplified model for onion routing has 3.03439e+58 reachable states! We need efficient methods and tools! logo

  7. Model Checking Multiagent Systems MAS for Security Model Checking in Practice Pbs & Solutions state explosion pb: explicit encodings of state/action in M one solution: efficient/ symbolic encodings, e.g., via binary decision diagrams (BDDs) (More) Pbs & Solutions MC algorithms over BDD-encoded specifications & tools solution: MAS symbolic model-checking techniques [Lomuscio and Raimondi, 2006] (More) Pbs & Solutions there’s always a need for optimisations solutions: cut-offs, abstractions [Lomuscio and Kouvaros, 2015], etc. logo and/in a robust tool MCMAS [Lomuscio et al., 2015]

  8. Model Checking Multiagent Systems MAS for Security Model Checking MAS in Practice MCMAS [Lomuscio et al., 2015] Support for epistemic specifications, ATL (uniformity and fairness), CTL, deontic modalities Dedicated modelling language ( ISPL ) BDD-based (via CUDD). Sequential and parallel MC Eclipse GUI Support for witnesses, counterexamples, etc Open source Used for robotic swarms, web-services, security ... logo

  9. Model Checking Multiagent Systems MAS for Security Logic-based Languages A Stop At Epistemic Specifications S 5 n ϕ = p | ¬ ϕ | ϕ ^ ϕ | K i ϕ readings: K i ϕ – “agent i knows that ϕ ” logo

  10. Model Checking Multiagent Systems MAS for Security MAS-based Models Interpreted Systems Multiagent-based models [Lodaya et al., 1995, Fagin et al., 1995] A = { 1 , . . . , n } agents and E nvironment agent; 8 i 2 A [ E : L i – possible local states , Act i – local actions , P i : L i ! 2 Act i – protocol function (actions enabled at l i ); t i ( l i , a 1 , . . . , a n , a E ) = l 0 i – local evolution function ; G – global states , P – joint protocol , Act – joint actions , T global evolution function — by composition; D E IS = G , P , T , I , V – interpreted system , where I ⇢ G – initial global states and V : G ! 2 AP – valuation function; logo

  11. Model Checking Multiagent Systems MAS for Security MAS-based Models MAS Induced-Models The induced model of IS is a tuple M IS = ( S , T , { ⇠ i } i 2 { 1 ... n } , V ) where: S ✓ L 0 ⇥ · · · ⇥ L n is the set of global states reachable from I via T T encodes the temporal evolution; { ⇠ i } i 2 Ag \ E ✓ S ⇥ S is a set of equivalence relations encoding epistemic accessibility logo

  12. Model Checking Multiagent Systems MAS for Security MAS-based Models State Indistinguishability l 2 L i and l 0 2 L i are i - indistinguishable , l ⇡ i l 0 if -in general- ⇡ i ✓ L i ⇥ L i is an equivalence relation over L i standard: ⇡ i is the equality relation: l i ( g ) ⇡ i l i ( g 0 ) iff l i ( g ) = l i ( g 0 ) } non-standard: ⇡ i is a bespoke equiv. relation e.g., l ⌘ { m 1 } k 1 and l 0 ⌘ { m 2 } k 2 (assuming l containing just the encryption of a term with a key and l 0 containing yet just the encryption of another term with another key) ) l ⇡ i l 0 logo s , s 0 2 S are i - indistinguishable , s ⇠ i s 0 , if l i ( s ) ⇡ i l i ( s )

  13. Model Checking Multiagent Systems MAS for Security MAS-based Models Satisfaction of Formulae on MAS Models CTL and ATL fragments as usual = K i φ iff 8 s 0 2 S if s ⇠ i s 0 then ( M , s 0 ) | ( M , s ) | = φ logo

  14. Model Checking Multiagent Systems MAS for Security Outline 1 Model Checking Multiagent Systems MAS for Security 2 Introduction (Simple) MAS Modelling for Security (Not So Simple) MAS Models for Security – A Glance Future Avenues for Security Apps as MAS logo

  15. Model Checking Multiagent Systems MAS for Security Outline logo

  16. Model Checking Multiagent Systems MAS for Security Joint work Based on: previous joint work at Imperial College London I. B., M. Cohen, A. Lomuscio, “Automatic Verification of Temporal-Epistemic Properties of Cryptographic Protocols”, Journal of Applied Non-Classical Logics, 2009 I. B., A. Lomuscio, M. Cohen,“Model Checking Detectability of Attacks in Multiagent Systems”, AAMAS 2010 I. B,. A. Jones, A. Lomuscio, “Automatic Verification of Temporal-Epistemic Logic under Convergent Equational Theories”, AAMAS 2012 I. B., “Model checking security protocols: a multi-agent system approach”, PhD Thesis, Imperial College London, 2011 ongoing joint work with A. Lomuscio and the VAS group at Imperial College London H2020 “Logic-based Verification of Privacy-Preservation in Europe’s logo 2020 ICT”

  17. Model Checking Multiagent Systems MAS for Security Introduction Motivation... “Protocols ... are prone to extremely subtle errors that are unlikely to be detected in normal operation.” (Needham and Schroeder, 1978) VeriSign spent > $ 10 8 in 2009–2010 to upgrade the . com DNS servers more interconnected devices, more conversative apps, more security threats logo

  18. Model Checking Multiagent Systems MAS for Security Introduction Motivation... “Protocols ... are prone to extremely subtle errors that are unlikely to be detected in normal operation.” (Needham and Schroeder, 1978) VeriSign spent > $ 10 8 in 2009–2010 to upgrade the . com DNS servers more interconnected devices, more conversative apps, more security threats logo

  19. Model Checking Multiagent Systems MAS for Security Introduction Motivation... “Protocols ... are prone to extremely subtle errors that are unlikely to be detected in normal operation.” (Needham and Schroeder, 1978) VeriSign spent > $ 10 8 in 2009–2010 to upgrade the . com DNS servers more interconnected devices, more conversative apps, more security threats logo

  20. Model Checking Multiagent Systems MAS for Security Introduction Symbolic Security Attacks Example: the Woo-Lam authentication protocol: 1 . A ! B : A 2 . B ! A : N b 3 . A ! B : { A , B , N b } K AS 4 . B ! S : { A , B , { A , B , N b } K AS } K BS 5 . S ! B : { A , B , N b } K BS logo

  21. Model Checking Multiagent Systems MAS for Security Introduction Symbolic Security Attacks Example: the Woo-Lam authentication protocol: 1 . A ! B : A 2 . B ! A : N b 3 . A ! B : { A , B , N b } K AS 4 . B ! S : { A , B , { A , B , N b } K AS } K BS 5 . S ! B : { A , B , N b } K BS Example: an attack against the Woo-Lam protocol: 1 0 . I A ! B : A 2 0 . B ! I A : N b 3 0 . I A ! B : N b 4 0 . B ! I S : { A , B , N b } K BS 5 0 . I S ! B : { A , B , N b } K BS logo

  22. Model Checking Multiagent Systems MAS for Security Introduction Security Goals ‘Well-established’ Requirements flavours of: secrecy, authentication, key-agreement, etc. Application-Level Privacy Requirements privacy of application-data vote-privacy, receipt-freeness, coercion-resistance Data-transport privacy origin anonymity, destination anonymity, unlinkability within routing Fault-Diagnosability Requirements logo attack (un)detectability

  23. Model Checking Multiagent Systems MAS for Security Introduction Symbolic Verification of Cryptographic Protocols SYMBOLIC = cryptographic messages are algebraic terms; cryptography is perfect/un-tamperable NO ppt. capabilities on protocol parties logic-based formalisms (BAN logics, Horn clauses); inductive methods; rewriting-based formalisms process-algebra formalisms (CSP , spi-calculus, pi-calculus); . . . agent-based formalism sound knowledge of participants; natural expression of state-based properties (anonymity, non-repudiation etc.) logo

Recommend

A MultiAgent System for A MultiAgent System for Retrieving Bioinformatics Retrieving

A MultiAgent System for A MultiAgent System for Retrieving Bioinformatics Retrieving

A MultiAgent System for A MultiAgent System for Retrieving Bioinformatics Retrieving Bioinformatics Publications from Web Sources Publications from Web Sources A. Addis, A. Manconi, M. Saba, and E. Vargiu Intelligent Agents and Soft-Computing

563 views • 29 slides
Understanding the Security Properties of Ballot-Based Verification Techniques Eric Rescorla

Understanding the Security Properties of Ballot-Based Verification Techniques Eric Rescorla

Understanding the Security Properties of Ballot-Based Verification Techniques Eric Rescorla ekr@rtfm.com EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 1 WARNING This talk contains no research content.

284 views • 15 slides
Verification & Validation Verification is getting the system right : Verification and

Verification & Validation Verification is getting the system right : Verification and

Verification & Validation Verification is getting the system right : Verification and Validation Does the program you built do what you designed it to do? Dr. James A. Bednar Validation is getting the right system : jbednar@inf.ed.ac.uk

331 views • 8 slides
Shuntaint: Emulation-based Security Testing for Formal Verification Bruno Luiz

Shuntaint: Emulation-based Security Testing for Formal Verification Bruno Luiz

Shuntaint: Emulation-based Security Testing for Formal Verification Bruno Luiz ramosblc@gmail.com Black Hat Europe 2009 Overview Give a brief overview of the emulation- based security testing Introduction to VEX Formalism

376 views • 26 slides
Model-Based Security M. Ochoa Verification and Testing for F. Bouquet Smart-Cards J. Bottela

Model-Based Security M. Ochoa Verification and Testing for F. Bouquet Smart-Cards J. Bottela

Model-Based Security M. Ochoa Verification and Testing for F. Bouquet Smart-Cards J. Bottela E.Fourneret J.Jurjens P. Yousefi ARES 2011 OUTLINE Introduction Background UMLsec Model-based Testing Security in smart-card

356 views • 17 slides
LECTURE 6: MULTIAGENT INTERACTIONS An Introduction to MultiAgent Systems

LECTURE 6: MULTIAGENT INTERACTIONS An Introduction to MultiAgent Systems

What are Multiagent Systems? LECTURE 6: MULTIAGENT INTERACTIONS An Introduction to MultiAgent Systems http://www.csc.liv.ac.uk/~mjw/pubs/imas 6-1 6-2 MultiAgent Systems Utilities and Preferences Assume we have just two agents: Ag = {i,

197 views • 4 slides
SAT-based verification (BMC, temporal induction) Mary Sheeran, Chalmers SAT-based verification

SAT-based verification (BMC, temporal induction) Mary Sheeran, Chalmers SAT-based verification

SAT-based verification (BMC, temporal induction) Mary Sheeran, Chalmers SAT-based verification now hot Used here in Sweden since 1989 mostly in safety critical applications (railway control program verification) Bounded Model Checking a

468 views • 25 slides
CHAPTER 6: MULTIAGENT INTERACTIONS An Introduction to Multiagent Systems

CHAPTER 6: MULTIAGENT INTERACTIONS An Introduction to Multiagent Systems

CHAPTER 6: MULTIAGENT INTERACTIONS An Introduction to Multiagent Systems http://www.csc.liv.ac.uk/mjw/pubs/imas/ Chapter 6 An Introduction to Multiagent Systems 1 What are Multiagent Systems? Environment KEY organisational relationship

808 views • 29 slides
LECTURE 6: MULTIAGENT INTERACTIONS An Introduction to Multiagent Systems

LECTURE 6: MULTIAGENT INTERACTIONS An Introduction to Multiagent Systems

LECTURE 6: MULTIAGENT INTERACTIONS An Introduction to Multiagent Systems http://www.csc.liv.ac.uk/mjw/pubs/imas/ Lecture 6 An Introduction to Multiagent Systems 1 What are Multiagent Systems? Environment KEY organisational relationship

406 views • 24 slides
System Benefits Cloud-based system allows global access Unique usernames and

System Benefits Cloud-based system allows global access Unique usernames and

System Benefits Cloud-based system allows global access Unique usernames and high-security password protection promotes security Role-based permissions determine access to and manipulation of data Robust system architecture

505 views • 32 slides
Higher-Order Model Checking: Principles and Applications to Program Verification and Security

Higher-Order Model Checking: Principles and Applications to Program Verification and Security

Higher-Order Model Checking: Principles and Applications to Program Verification and Security Part I: Types and Recursion Schemes for Higher-Order Program Verification Part II: Higher-Order Program Verification and Language-Based Security

836 views • 54 slides
HiFrog: Interpolation-based Software Verification using Theory Refinement Sepideh Asadi joint

HiFrog: Interpolation-based Software Verification using Theory Refinement Sepideh Asadi joint

HiFrog: Interpolation-based Software Verification using Theory Refinement Sepideh Asadi joint work with Karine Even Mendoza, Grigory Fedyukovich, AnM Hyvrinen, Hana Chockler, Natasha Sharygina Formal Verification and Security Lab University

640 views • 18 slides
Symbolic verification of cryptographic protocols using Tamarin Part 3 : Security Properties and

Symbolic verification of cryptographic protocols using Tamarin Part 3 : Security Properties and

Symbolic verification of cryptographic protocols using Tamarin Part 3 : Security Properties and Algorithmic Verification David Basin ETH Zurich Summer School on Verification Technology, Systems & Applications Nancy France August 2018

1.23k views • 78 slides
Simulation Based Formal Verification of Onboard Software A Case Study SyLVer : System

Simulation Based Formal Verification of Onboard Software A Case Study SyLVer : System

Simulation Based Formal Verification of Onboard Software A Case Study SyLVer : System Level Verifier Toni Mancini, Annalisa Massini, Federico Mari , Igor Melatti, Ivano Salvo, Enrico Tronci Computer Science Department Sapienza University

668 views • 23 slides
Scalable and Cost-Effective Model-Based Software Verification and Testing University of

Scalable and Cost-Effective Model-Based Software Verification and Testing University of

Scalable and Cost-Effective Model-Based Software Verification and Testing University of Luxembourg Interdisciplinary Centre for Security, Reliability and Trust Software Verification and Validation Lab (www.svv.lu) May 17th, 2013 University of

1.03k views • 72 slides
1. Introduction ( (to Agents and Multiagent g g Systems) ems (SMA-UPC) Javier

1. Introduction ( (to Agents and Multiagent g g Systems) ems (SMA-UPC) Javier

1. Introduction ( (to Agents and Multiagent g g Systems) ems (SMA-UPC) Javier Vzquez-Salceda q Multiagent Syste SMA-UPC https://kemlg.upc.edu ems (SMA-UPC) Origins Trends in Computer Science Agents and Multiagent Systems 2

554 views • 33 slides
Applying Language-based Static Verification in an ARM Operating System Matthew Danish Boston

Applying Language-based Static Verification in an ARM Operating System Matthew Danish Boston

Applying Language-based Static Verification in an ARM Operating System Matthew Danish Boston University md@bu.edu 9 May 2013 What do we want? Correctness Flexibility Responsiveness Practicality Predictability What do we want?

370 views • 26 slides
Security Security as term, Possible Security violations Authentication Criteria for

Security Security as term, Possible Security violations Authentication Criteria for

BS1 WS19/20 topic-based slides Security Security as term, Possible Security violations Authentication Criteria for Trust in Computer Systems Three hearts of Windows Security DACLs A Look at Security System is secure if

988 views • 20 slides
SAT-based Verification Methods and Applications in Hardware Verification Aarti Gupta

SAT-based Verification Methods and Applications in Hardware Verification Aarti Gupta

SAT-based Verification Methods and Applications in Hardware Verification Aarti Gupta agupta@nec-labs.com NEC Laboratories America Princeton, U.S.A. Acknowledgements: Pranav Ashar, Malay Ganai, Zijiang Yang, Chao Wang, Akira Mukaiyama,

1.31k views • 118 slides
CHAPTER 12: LOGICS FOR MULTIAGENT SYSTEMS An Introduction to Multiagent Systems

CHAPTER 12: LOGICS FOR MULTIAGENT SYSTEMS An Introduction to Multiagent Systems

CHAPTER 12: LOGICS FOR MULTIAGENT SYSTEMS An Introduction to Multiagent Systems http://www.csc.liv.ac.uk/mjw/pubs/imas/ Chapter 12 An Introduction to Multiagent Systems 1 Overview The aim is to give an

778 views • 62 slides
Linux System Security Tunables Linux System Security Tunables Linux System Security Tunables

Linux System Security Tunables Linux System Security Tunables Linux System Security Tunables

Linux System Security Tunables Linux System Security Tunables Linux System Security Tunables http://outflux.net/slides/2013/drupal/tunables.pdf R0Ng DrupalCon Portland 2013 Kees Cook <keescook@google.com> (pronounced Case) Who is

474 views • 33 slides
Verification and Synthesis of Security Chains Stephan Merz joint work with N. Schnepf, R.

Verification and Synthesis of Security Chains Stephan Merz joint work with N. Schnepf, R.

Verification and Synthesis of Security Chains Stephan Merz joint work with N. Schnepf, R. Badonnel, A. Lahmadi Inria & LORIA, Nancy, France IFIP Working Group 2.2 Vienna, September 2019 Stephan Merz Verification and Synthesis of Security

863 views • 22 slides
Agents and Artifacts: The A&A Meta-model for Multiagent Systems Multiagent Systems LS

Agents and Artifacts: The A&A Meta-model for Multiagent Systems Multiagent Systems LS

Agents and Artifacts: The A&A Meta-model for Multiagent Systems Multiagent Systems LS Sistemi Multiagente LS Andrea Omicini andrea.omicini@unibo.it Ingegneria Due Alma Mater Studiorum Universit` a di Bologna a Cesena Academic Year

600 views • 56 slides
Tuple-based Coordination: From Linda to A&A ReSpecT Multiagent Systems LS Sistemi

Tuple-based Coordination: From Linda to A&A ReSpecT Multiagent Systems LS Sistemi

Tuple-based Coordination: From Linda to A&A ReSpecT Multiagent Systems LS Sistemi Multiagente LS Andrea Omicini andrea.omicini@unibo.it Ingegneria Due Alma Mater Studiorum Universit` a di Bologna a Cesena Academic Year 2007/2008

1.54k views • 75 slides

More recommend