Maris A. Ozols

A temporalised belief logic for specifying the dynamics of trust for multi-agent systems

Temporalisation is a methodology for combining logics whereby a given logic system can be enriched with temporal features to create a new logic system. TML (Typed Modal Logic) extends classical first-order logic with typed variables and multiple belief modal operators; it can be applied to the description of, and reasoning about, trust for multi-agent systems. Without the introduction of a temporal dimension, this logic may not be able to express the dynamics of trust. In this paper, adopting the temporalisation method, we combine TML with a temporal logic to obtain a new logic, so that the users can specify the dynamics of trust and model evolving theories of trust for multi-agent systems.

Trust in Secure Communication Systems - The Concept, Representations, and Reasoning Techniques

The purpose of communication is the exchange of information among agents. Whether an agent believes a message passed by others to be reliable depends on trust which the agent would put in the system supporting secure communications required. Indeed, every security system depends on trust, in one form or another, among agents of the system. Different forms of trust exist to address different types of problems and mitigate risk in certain conditions. This paper discusses the concept of trust in general, and intends to investigate modelling methodologies for describing and reasoning about trust and agent beliefs.

A State-Based Model for Certificate Management Systems

A Certificate Management System (CMS) is used to generate, distribute, store and verify certificates. It supports secure electronic communication through its functions. This paper presents a state-based model for certificate management systems. The axiomatization of CMS structures and the security policy followed by CMSs is discussed. The main functions of a CMS, including certificate issuing, certificate revocation and certificate rekeying, are formally described through transitions that change states of the CMS. A major CMS client function, certificate verification, is also formally discussed. With this model, an approach to the formal specification of the structure and behavior of a CMS is provided. The approach is very general, and would be useful in guiding the developer and the evaluator of a CMS with the design, analysis and implementation of the system.

An Axiomatic Basis for Reasoning about Trust in PKIs

Trust is essential to a communication channel. The trust relationships, which play an important role in Public Key Infrastructures (PKIs), need to be formalized for providing a reliable modelling methodology to support secure digital communications. In this paper, we present a typed modal logic used for specifying and reasoning about trust in PKIs. In order to study trust relationships within PKIs, we define TA (a set of trust axioms), TB (a trust base) and TC (a set of trusted certificates). In our method, the trust relation in a given PKI is formalized by trust axioms. Based on trust axioms, an agent can have its own trust base that contains all agents whom the agent trusts, and can derive and extend its trusted certificates set. The trust theory for a given PKI, which consists of our modal logic and a set of trust axioms proposed for the PKI, is the basis of the certificate verification function.

XIsabelle: A System Description

XIsabelle provides a graphical interface to Isabelle [3]. Described here are the components of this interface, and some discussion of the motivation and applications of this work.

Proof Tactics for a Theory of State Machines in a Graphical Environment

The state machine paradigm is a popular and convenient means for expressing designs of critical systems. State machines can be readily represented by transition graphs, thus enhancing human understanding of even quite complex problems. In the case of state machines, tracing a path through the transition graph can represent a critical sequence in the execution of a machine. State machine notations are also amenable to formal treatment. A high-level of assurance can be gained by a combination of both these aspects: a machine-checked, formal proof together with a higher-level argument that can be understood by humans. This paper describes proof tactics that support reasoning about state machines at the level of diagrams and paths, and the construction of a corresponding formal proof. A tool, called Veracity [3], has been developed, which links these powerful proof tactics to a graphical userinterface. The proof tactics are implemented in Isabelle, and the paper discusses some strengths and weaknesses of Isabelle as an appropriate base for modelling and proving properties of state machines.

A fibred belief logic for multi-agent systems

To introduce a temporal dimension to a belief logic, we consider a powerful technique called fibring for combining belief logics and temporal logics. In a fibred belief logic, both temporal operators and belief operators are treated equally. This paper in particular discusses a combination of a belief logic called Typed-Modal Logic with a linear-time temporal logic. We show that, in the resulting logic, we can specify and reason about not only agent beliefs but also the timing properties of a system. With this logical system one is able to build theories of trust for the description of, and reasoning about, multi-agent systems.

The PKI Specification Dilemma: A Formal Solution

In this article we look at some of the problems associated with trying to provide a specification for a Public Key Infrastructure (PKI). We focus on the PKI profile that has been proposed for use with the Internet, known as PKIX (PKI using X.509 certificates), to provide a specific example. Our intention is to add value to this and other specifications by providing a more formal description and a framework in which to develop path validation procedures. We take the path validation algorithm in PKIX and give a formal description of the actions and properties it defines. In this way, the essential aspects can be captured and clearly formulated, which would facilitate the testing of implementations in a more rigorous and well defined way.

Covert Channel Analysis for Stubs

This paper explains a range of techniques for covert channel control for the Stubs network security devices. The techniques deal with both timing and storage channels, and rely on a combination of channel elimination, reduction, and audit mechanisms. Although specific to the Stubs system, the techniques of analysis and control are adaptable to similar systems.

Consistency of Trust Theories

Liu [1] proposed a logic called TML (Typed Modal Logic), which extends firstorder logic with typed variables and modal operators to express agent beliefs. Based on TML, a trust theory for a specific secure system can be established. In our approach, the assumptions regarded as a basis that agents place their trust in a given system are encapsulated in the notion of trust and represented by a set of rules, called trust axioms of the system, and the logic together with the set of trust axioms forms a trust theory for the given system. Formally, let AX be the axiom system of TML and TA(τ) be a setof trustaxioms chosen for a given system (τ) , which captures the initial beliefs and trust relationships of the agents within the system (τ) , then AX∪ TA(τ) is called a trust theory for the system (τ) .