skip to main content
research-article

Secrecy in Multiagent Systems

Published:01 October 2008Publication History
Skip Abstract Section

Abstract

We introduce a general framework for reasoning about secrecy requirements in multiagent systems. Our definitions extend earlier definitions of secrecy and nondeducibility given by Shannon and Sutherland. Roughly speaking, one agent maintains secrecy with respect to another if the second agent cannot rule out any possibilities for the behavior or state of the first agent. We show that the framework can handle probability and nondeterminism in a clean way, is useful for reasoning about asynchronous systems as well as synchronous systems, and suggests generalizations of secrecy that may be useful for dealing with issues such as resource-bounded reasoning. We also show that a number of well-known attempts to characterize the absence of information flow are special cases of our definitions of secrecy.

References

  1. Chawla, S., Dwork, C., McSherry, F., Smith, A., and Wee, H. 2005. Towards privacy in public databases. Theory of Cryptography, To appear. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Chor, B., Goldreich, O., Kushilevitz, E., and Sudan, M. 1998. Private information retrieval. J. ACM 45, 6, 965--982. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Clark, D., Hunt, S., and Malacaria, P. 2002. Quantitative analysis of the leakage of confidential data. Electronic Notes in Theoretical Computer Science 59, 3. In Proceedings of the Workshop on Quantitative Aspects of Programming Languages (QAPL'01).Google ScholarGoogle ScholarCross RefCross Ref
  4. Cohen, E. 1977. Information transmission in computational systems. In Proceedings of the 6th ACM Symposium on Operating Systems Principles (SOSP'77). 133--139. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Di Pierro, A., Hankin, C., and Wiklicky, H. 2002. Approximate non-interference. In Proceedings of the 15th IEEE Computer Security Foundations Workshop (CSFW'02). 3--17. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Emerson, E. A. 1983. Alternative semantics for temporal logics. Theor. Comput. Sci., 26, 121--130.Google ScholarGoogle ScholarCross RefCross Ref
  7. Engelhardt, K., van der Meyden, R., and Moses, Y. 1998. Knowledge and the logic of local propositions. In Proceedings of the 7th Conference on Theoretical Aspects of Rationality and Knowledge (TARK'98). 29--41. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Evfimievski, A., Gehrke, J. E., and Srikant, R. 2003. Limiting privacy breaches in privacy preserving data mining. In Proceedings of the 22nd ACM Symposium on Principles of Database Systems (PODS'03). 211--222. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Fagin, R., Halpern, J. Y., and Megiddo, N. 1990. A logic for reasoning about probabilities. Inf. Comput., 87, 1/2, 78--128. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Fagin, R., Halpern, J. Y., Moses, Y., and Vardi, M. Y. 1995. Reasoning about Knowledge (Revised 2003). MIT Press, Cambridge, MA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Focardi, R. and Gorrieri, R. 1994. A classification of security properties for process algebra. J. Comput. Sci., 3, 1, 5--33.Google ScholarGoogle Scholar
  12. Focardi, R. and Gorrieri, R. 2001. Classification of security properties (Part I: Information flow). In Foundations of Security Analysis and Design. Springer, 331--396. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Gill, R. D., van der Laan, M., and Robins, J. 1997. Coarsening at random: Characterizations, conjectures and counter-examples. In Proceedings of the 1st Seattle Conference on Biostatistics. 255--294.Google ScholarGoogle Scholar
  14. Goguen, J. A. and Meseguer, J. 1982. Security policies and security models. In Proceedings of the IEEE Symposium on Security and Privacy (SP'82). 11--20.Google ScholarGoogle Scholar
  15. Gray, J. W. and Syverson, P. F. 1998. A logical approach to multilevel security of probabilistic systems. Dist. Comput., 11, 2, 73--90. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Grünwald, P. D. and Halpern, J. Y. 2003. Updating probabilities. J. Art. Intell. Res., 19, 243--278. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Halpern, J. Y. 2002. Characterizing the common prior assumption. J. Econ. Theory, 106, 2, 316--355.Google ScholarGoogle ScholarCross RefCross Ref
  18. Halpern, J. Y. 2003. Reasoning About Uncertainty. MIT Press, Cambridge, MA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Halpern, J. Y. and O'Neill, K. 2003. Anonymity and information hiding in multiagent systems. In Proceedings of the 16th IEEE Computer Security Foundations Workshop (CSFW'03). 75--88.Google ScholarGoogle ScholarCross RefCross Ref
  20. Halpern, J. Y. and O'Neill, K. 2005. Secrecy in multiagent systems. Available at http://www.kevinoneill.org/papers. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Halpern, J. Y. and Pucella, R. 2003a. Modeling adversaries in a logic for security protocol analysis. In Proceedings of the Formal Aspects of Security (FASec'02). Lecture Notes in Computer Science, Volume 2629. Springer-Verlag, Berlin/Heidelberg/New York, 115--132.Google ScholarGoogle Scholar
  22. Halpern, J. Y. and Pucella, R. 2003b. Probabilistic algorithmic knowledge. In Proceedings of the 9th Conference on Theoretical Aspects of Rationality and Knowledge (TARK'03). 118--130. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Halpern, J. Y. and Tuttle, M. R. 1993. Knowledge, probability, and adversaries. J. ACM, 40, 4, 917--962. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Kyburg, H. 1983. Recent work in inductive logic. In Recent Work in Philosophy, T. Machan and K. Lucey, Eds. Rowman & Allanheld, Totowa, NJ. 87--150.Google ScholarGoogle Scholar
  25. Lowe, G. 2002. Quantifying information flow. In Proceedings of the 15th IEEE Computer Security Foundations Workshop (CSFW'02). 18--31. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Mantel, H. 2000. Possibilistic definitions of security---an assembly kit. In Proceedings of the IEEE Computer Security Foundations Workshop (CSFW'00). 185--199. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Mantel, H. 2003. A uniform framework for the formal specification and verification of information flow security. Ph.D. thesis, Universität des Saarlandes.Google ScholarGoogle Scholar
  28. McCullough, D. 1987. Specifications for multi-level security and a hook-up property. In Proceedings of the IEEE Symposium on Security and Privacy (SP'87). 161--166.Google ScholarGoogle Scholar
  29. McLean, J. 1994. A general theory of composition for trace sets closed under selective interleaving functions. In Proceedings of the IEEE Symposium on Security and Privacy (SP'94). 79--93. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Meyden, R. van der 1998. Common knowledge and update in finite environments. Inf. Comput., 140, 2, 115--157. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Mitchell, J. C., Ramanathan, A., Scedrov, A., and Teague, V. 2006. A probabilistic polynomial-time calculus for the analysis of cryptographic protocols. Theor. Comput. Sci. 353, 118--164. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Morris, S. 1995. The common prior assumption in economic theory. Econom. Philos., 11, 227--253.Google ScholarGoogle ScholarCross RefCross Ref
  33. Myers, A. C., Sabelfeld, A., and Zdancewic, S. 2004. Enforcing robust declassification. In Proceedings of the 17th IEEE Computer Security Foundations Workshop (CSFW'04). 172--186. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. O'Neill, K., Clarkson, M., and Chong, S. 2006. Information-flow security for interactive programs. In Proceedings of the 19th IEEE Computer Security Foundations Workshop (CSFW'06). 190--201. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Rabin, M. O. 1982. n-process mutual exclusion with bounded waiting by 4·logn-valued shared variable. J. Comp. Syst. Sci., 25, 1, 66--75.Google ScholarGoogle ScholarCross RefCross Ref
  36. Ryan, P. Y. A. and Schneider, S. A. 1999. Process algebra and non-interference. In Proceedings of the 12th Computer Security Foundations Workshop (CSFW'99). 214--227. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Ryan, P. Y. A., Schneider, S. A., Goldsmith, M. H., Lowe, G., and Roscoe, A. W. 2001. Modeling and Analysis of Security Protocols. Addison-Wesley, Reading, MA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Sabelfeld, A. and Myers, A. C. 2003. Language-based information-flow security. IEEE J. Select. Areas Comm., 21, 1, 5--19. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Schneider, S. and Sidiropoulos, A. 1996. CSP and anonymity. In European Symposium on Research in Computer Security (ESORICS'96). 198--218. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Shannon, C. E. 1949. Communication theory of secrecy systems. Bell System Tech. J., 28-4, 656--715.Google ScholarGoogle ScholarCross RefCross Ref
  41. Sutherland, D. 1986. A model of information. In Proceedings of the 9th National Security Conference. 175--183.Google ScholarGoogle Scholar
  42. Vardi, M. Y. 1985. Automatic verification of probabilistic concurrent finite-state programs. In Proceedings of the 26th IEEE Symposium on Foundations of Computer Science (FOCS'85). 327--338. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. Wittbold, J. T. and Johnson, D. M. 1990. Information flow in nondeterministic systems. In Proceedings of the IEEE Symposium on Research in Security and Privacy (SP'90). 144--161.Google ScholarGoogle Scholar
  44. Zakinthinos, A. and Lee, E. S. 1997. A general theory of security properties. In Proceedings of the IEEE Symposium on Security and Privacy (SP'97). 94--102. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Secrecy in Multiagent Systems

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      • Published in

        cover image ACM Transactions on Information and System Security
        ACM Transactions on Information and System Security  Volume 12, Issue 1
        October 2008
        230 pages
        ISSN:1094-9224
        EISSN:1557-7406
        DOI:10.1145/1410234
        Issue’s Table of Contents

        Copyright © 2008 ACM

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 1 October 2008
        • Accepted: 1 June 2008
        • Revised: 1 October 2007
        • Received: 1 December 2005
        Published in tissec Volume 12, Issue 1

        Permissions

        Request permissions about this article.

        Request Permissions

        Check for updates

        Qualifiers

        • research-article
        • Research
        • Refereed

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!