Theories of Trust for Communication Protocols

Trust is a critical issue for communication protocols in open systems that operate in dynamic and highly uncertain environments. It influences not only the specification of security policies but also the techniques needed to manage and implement security policies. A formal system for the specification of trust for such systems requires the ability to reason about agent beliefs as well as the evolution of the system through time. In this paper, we use a fibred logic called FL which is obtained by combining a belief logic with a temporal logic for specifying agent beliefs and establishing trust theories for communication protocols. A theory of trust for a given system is captured by a set of rules in FL that describes the trust of agents in the system. This enables automated reasoning about theories of trust using the decision procedures of FL such as axiom systems and tableaux. Theories of trust are generally established based on the initial trust of agents in the security mechanisms of the system in which they are deployed. Such theories provide a foundation for reasoning about agent beliefs as well as security properties that systems may satisfy.

[1]  Dov M. Gabbay,et al.  Controlled Revision - An Algorithmic Approach for Belief Revision , 2003 .

[2]  Dov M. Gabbay,et al.  Products of Modal Logics, Part 1 , 1998, Log. J. IGPL.

[3]  Paul C. van Oorschot,et al.  Extending cryptographic logics of belief to key agreement protocols , 1993, CCS '93.

[4]  Mehmet A. Orgun,et al.  A Fibred Belief Logic for Multi-agent Systems , 2005, Australian Conference on Artificial Intelligence.

[5]  Mehmet A. Orgun,et al.  A Temporalised Belief Logic for Specifying the Dynamics of Trust for Multi-agent Systems , 2004, ASIAN.

[6]  Martín Abadi,et al.  A semantics for a logic of authentication (extended abstract) , 1991, PODC '91.

[7]  Emil Weydert Ranking Revision Reloaded , 2007, Formal Models of Belief Change in Rational Agents.

[8]  Chuchang Liu,et al.  Trust in Secure Communication Systems - The Concept, Representations, and Reasoning Techniques , 2002, Australian Joint Conference on Artificial Intelligence.

[9]  Elisa Bertino,et al.  Computer Security — ESORICS 96 , 1996, Lecture Notes in Computer Science.

[10]  Branko Ristic,et al.  Kalman filter and joint tracking and classification based on belief functions in the TBM framework , 2007, Inf. Fusion.

[11]  Ji Ma,et al.  Formalising theories of trust for authentication protocols , 2008, Inf. Syst. Frontiers.

[12]  Gavin Lowe A Family of Attacks upon Authentication Protocols , 1997 .

[13]  Ross J. Anderson,et al.  Programming Satan's Computer , 1995, Computer Science Today.

[14]  Dov M. Gabbay,et al.  Adding a temporal dimension to a logic system , 1992, J. Log. Lang. Inf..

[15]  Li Gong,et al.  Reasoning about belief in cryptographic protocols , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[16]  Mehmet A. Orgun,et al.  Modal tableaux for verifying stream authentication protocols , 2007, Autonomous Agents and Multi-Agent Systems.

[17]  Mehmet A. Orgun,et al.  Modal Tableaux for Verifying Security Protocols , 2006 .

[18]  Joseph Y. Halpern,et al.  From Statistical Knowledge Bases to Degrees of Belief , 1996, Artif. Intell..

[19]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[20]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[21]  Mehmet A. Orgun,et al.  Dealing with Multiple Granularity of Time in Temporal Logic Programming , 1996, J. Symb. Comput..

[22]  Volker Kessler,et al.  Formal Semantics for Authentication Logics , 1996, ESORICS.

[23]  Bob McKay,et al.  AI 2002: Advances in Artificial Intelligence , 2002, Lecture Notes in Computer Science.

[24]  Amílcar Sernadas Fibring Logics, Dov M. Gabbay , 2000, J. Log. Lang. Inf..

[25]  B. Clifford Neuman,et al.  Kerberos: An Authentication Service for Open Network Systems , 1988, USENIX Winter.

[26]  Dieter Gollmann,et al.  Computer Security — ESORICS 94 , 1994, Lecture Notes in Computer Science.

[27]  Ji Ma,et al.  Analysing Stream Authentication Protocols in Autonomous Agent-Based Systems , 2006, 2006 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing.

[28]  Colin Boyd,et al.  Designing Secure Key Exchange Protocols , 1994, ESORICS.

[29]  Thomas Beth,et al.  Trust relationships in secure systems-a distributed authentication perspective , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[30]  Marcus Kracht,et al.  Properties of independently axiomatizable bimodal logics , 1991, Journal of Symbolic Logic.

[31]  Mehmet A. Orgun,et al.  Tableaux-based Proof Techniques for Verifying Multi-Agent Systems , 2008 .

[32]  P. Syverson,et al.  A Unified Cryptographic Protocol Logic , 1996 .

[33]  Shichao Zhang,et al.  AI 2005: Advances in Artificial Intelligence, 18th Australian Joint Conference on Artificial Intelligence, Sydney, Australia, December 5-9, 2005, Proceedings , 2005, Australian Conference on Artificial Intelligence.

[34]  Chuchang Liu Logical Foundations for Reasoning about Trust in Secure Digital Communication , 2001, Australian Joint Conference on Artificial Intelligence.

[35]  Chuchang Liu,et al.  Combining Logics for Modelling Security Policies , 2005, ACSC.

[36]  Markus Stumptner,et al.  AI 2001: Advances in Artificial Intelligence , 2002, Lecture Notes in Computer Science.

[37]  Louise E. Moser,et al.  A logic of knowledge and belief for reasoning about computer security , 1989, Proceedings of the Computer Security Foundations Workshop II,.