Logo PTI
Polish Information Processing Society
Logo FedCSIS

Annals of Computer Science and Information Systems, Volume 15

Proceedings of the 2018 Federated Conference on Computer Science and Information Systems

Applying Formal Methods to Specify Security Requirements in Multi–Agent Systems

,

DOI: http://dx.doi.org/10.15439/2018F262

Citation: Proceedings of the 2018 Federated Conference on Computer Science and Information Systems, M. Ganzha, L. Maciaszek, M. Paprzycki (eds). ACSIS, Vol. 15, pages 707714 ()

Full text

Abstract. Security has become an important concern with the development of large scale distributed and heterogeneous multi-agent systems (MAS). One of the main problems in addressing security during the development of MAS is that security is often an afterthought. The cost involved to patch existing systems against vulnerabilities and attacks after deployment is high. If developers and designers can spend some quality time investigating security aspects before beginning to code then this cost can be reduced significantly. Also, using formal methods to specify the complex behavior of large scale software systems has resulted in reliable software systems. This research effort was focused on using formal methods early in the development lifecycle to specify security requirements for MAS. New solutions are emerging to fix security related issues, but how much thought gets in during the early phases of development in terms of security needs to be answered. In this paper, analysis of security requirements for MAS, existing solutions to secure MAS, and the use of formal methods to specify security requirements has been studied. Descartes -- Agent, a formal specification language for specifying agent systems has been taken into study to model the security requirements of MAS early on in the development process. Functional specifications of MAS are modelled along with the non-functional security requirements using the Descartes -- Agent specification language. A case study example is used to illustrate the specification of security requirements in MAS using the Descartes -- Agent.

References

  1. N. Borselius. "Security in multi-agent systems," Proceedings of the International Conference on Security and Management (SAM’02). 2002.
  2. Y. Jung, M. Kim, A. Masoumzadeh, and J. B. D. Joshi, “A survey of security issue in multi-agent systems,” Artificial Intelligence Review, vol. 37, no. 3, pp. 239–260, Apr. 2011.
  3. R. C. Cavalcante, I. I. Bittencourt, A. P. D. Silva, M. Silva, E. Costa, and R. Santos, “A survey of security in multi-agent systems,” Expert Systems with Applications, vol. 39, no. 5, pp. 4835–4846, 2012.
  4. Y. Hedin and E. Moradian, “Security in Multi-Agent Systems,” Procedia Computer Science, vol. 60, pp. 1604–1612, 2015..
  5. S. Chong, J. Guttman, A. Datta, A. C. Myers, B. Pierce, P. Schaumont, T. Sherwood, N. Zeldovich, "Report on the NSF workshop on formal methods for security,” CoRR, vol. abs/1608.00678, 2016.
  6. J. Jürjens, “UMLsec: Extending UML for Secure Systems Development,” «UML» 2002 — The Unified Modeling Language Lecture Notes in Computer Science, pp. 412–425, 2002.
  7. J. Wing, “A symbiotic relationship between formal methods and security,” Proceedings Computer Security, Dependability, and Assurance: From Needs to Solutions (Cat. No.98EX358).
  8. Cernuооi, L., et al., “The gaia methodology: basic concepts and extensions,” in Multiagent systems, Artificial Societies and Simulated Organizations. 2004. 11(2). P. 69-88.
  9. V. H. Subburaj and J. E. Urban, “Formal Specification Language and Agent Applications,” Studies in Big Data Intelligent Agents in Data- intensive Computing, pp. 99–122, 2015.
  10. Urban, J. E., “A Specification Language and its Processor,” Computer Science Department. University of Southwestern Louisiana. 1977.
  11. V. H. Subburaj and J. E. Urban, “A formal specification language for modeling agent systems,” 2013 Second International Conference on Informatics & Applications (ICIA), 2013.
  12. H. Mouratidis and P. Giorgini, “Secure Tropos: A Security-Oriented Extension Of The Tropos Methodology,” International Journal of Software Engineering and Knowledge Engineering, vol. 17, no. 02, pp. 285–309, 2007.
  13. S. Chen, B. Mulgrew, and P. M. Grant, “A clustering technique for digital communications channel equalization using radial basis func- tion networks,” IEEE Trans. Neural Networks, vol. 4, pp. 570–578, July 1993.
  14. Hussain, Shafiq, Peter Dunne, and Ghulam Rasool. "Formal Specification of Security Properties using Z Notation," Research Journal of Applied Sciences, Engineering and Technology 5.19 (2013): 4664-4670
  15. Wooldridge, M., Jennings, N.R.: Intelligent agents: Theories, Architectures and Languages, January 1995. Lecture Notes in Artificial Intelligence, vol. 890, ISBN 3-540-58855-8
  16. O. Etzioni and D. Weld, “Intelligent agents on the Internet: Fact, fiction, and forecast,” IEEE Expert, vol. 10, no. 4, pp. 44–49, 1995.
  17. S. Franklin and A. Graesser, “Is It an agent, or just a program?: A taxonomy for autonomous agents,” Intelligent Agents III Agent Theories, Architectures, and Languages Lecture Notes in Computer Science, pp. 21–35, 1997.W. D. Doyle, “Magnetization reversal in films with biaxial anisotropy,” in 1987 Proc. INTERMAG Conf., pp. 2.2-1–2.2-6.
  18. N. Borselius, “Mobile agent security,” Electronics & Communication Engineering Journal, vol. 14, no. 5, pp. 211–218, Jan. 2002
  19. L. C. Dipippo, V. Fay-Wolfe, L. Nair, E. Hodys, and O. Uvarov, “A Real-Time Multi-Agent System Architecture for E-Commerce Applications,” Jan. 2000.
  20. H. Mouratidis, P. Giorgini, and G. Manson, “Modelling secure multiagent systems,” Proceedings of the second international joint conference on Autonomous agents and multiagent systems - AAMAS 03, 2003.
  21. V. H. Subburaj, J. E. Urban, "Intelligent Agent Software Development Using AUML and the Descartes Specification Language," Proceedings of the 2nd IEEE International Workshop on Object / component/service-oriented Real-time Networked Ultra-dependable Systems (WORNUS 2011), pp. 297-305, March 28, 2011.
  22. B. Bauer, J. Muller, and J. Odell, “An extension of UML by protocols for multi-agent interaction,” Proceedings Fourth International Conference on Multi Agent Systems, pp. 207-214, 2000.
  23. M. P. Huget and J. Odell, “Representing Agent Interaction Protocols with Agent UML,” Agent-Oriented Software Engineering V Lecture Notes in Computer Science, pp. 16–30, 2005.