07351 Abstracts Collection -- Formal Models of Belief Change in Rational Agents

From 26.08. to 30.08.2007, the Dagstuhl Seminar 07351 ``Formal Models of Belief Change in Rational Agents\u27\u27 was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available

Analysis of cryptographic protocols using logics of belief: an overview, Journal of Telecommunications and Information Technology, 2002, nr 4

When designing a cryptographic protocol or explaining it, one often uses arguments such as “since this message was signed by machine B, machine A can be sure it came from B” in informal proofs justifying how the protocol works. Since it is, in such informal proofs, often easy to overlook an essential assumption, such as a trust relation or the belief that a message is not a replay from a previous session, it seems desirable to write such proofs in a formal system. While such logics do not replace the recent techniques of automatic proofs of safety properties, they help in pointing the weaknesses of the system. In this paper, we present briefly the BAN (Burrows-Abadi-Needham) formal system [10, 11] as well as some derivative. We show how to prove some properties of a simple protocol, as well as detecting undesirable assumptions. We then explain how the manual search for proofs can be made automatic. Finally, we explain how the lack of proper semantics can be a bit worrying

Actor-network procedures: Modeling multi-factor authentication, device pairing, social interactions

As computation spreads from computers to networks of computers, and migrates into cyberspace, it ceases to be globally programmable, but it remains programmable indirectly: network computations cannot be controlled, but they can be steered by local constraints on network nodes. The tasks of "programming" global behaviors through local constraints belong to the area of security. The "program particles" that assure that a system of local interactions leads towards some desired global goals are called security protocols. As computation spreads beyond cyberspace, into physical and social spaces, new security tasks and problems arise. As networks are extended by physical sensors and controllers, including the humans, and interlaced with social networks, the engineering concepts and techniques of computer security blend with the social processes of security. These new connectors for computational and social software require a new "discipline of programming" of global behaviors through local constraints. Since the new discipline seems to be emerging from a combination of established models of security protocols with older methods of procedural programming, we use the name procedures for these new connectors, that generalize protocols. In the present paper we propose actor-networks as a formal model of computation in heterogenous networks of computers, humans and their devices; and we introduce Procedure Derivation Logic (PDL) as a framework for reasoning about security in actor-networks. On the way, we survey the guiding ideas of Protocol Derivation Logic (also PDL) that evolved through our work in security in last 10 years. Both formalisms are geared towards graphic reasoning and tool support. We illustrate their workings by analysing a popular form of two-factor authentication, and a multi-channel device pairing procedure, devised for this occasion.Comment: 32 pages, 12 figures, 3 tables; journal submission; extended references, added discussio

Journal of Telecommunications and Information Technology, 2002, nr 4

kwartalni

Facilitating the modelling and automated analysis of cryptographic protocols

Includes bibliographical references.Multi-dimensional security protocol engineering is effective for creating cryptographic protocols since it encompasses a variety of design, analysis and deployment techniques, thereby providing a higher level of confidence than individual approaches. SPEAR II, the Security Protocol Engineering and Analysis Resource n, is a protocol engineering tool built on the foundation of previous experience garnered during the SPEAR I project in 1997. The goal of the SPEAR II tool is to facilitate cryptographic protocol engineering and aid users in distilling the critical issues during an engineering session by presenting them with an appropriate level of detail and guiding them as much as possible. The SPEAR II tool currently consists of four components that have been created as part of this dissertation and integrated into one consistent and unified graphical interface: a protocol specification environment (GYPSIE), a GNY statement construction interface (Visual GNY), a Prolog-based GNY analysis engine (GYNGER) and a message rounds calculator

Verifying a signature architecture: a comparative case study

We report on a case study in applying different formal methods to model and verify an architecture for administrating digital signatures. The architecture comprises several concurrently executing systems that authenticate users and generate and store digital signatures by passing security relevant data through a tightly controlled interface. The architecture is interesting from a formal-methods perspective as it involves complex operations on data as well as process coordination and hence is a candidate for both data-oriented and process-oriented formal methods. We have built and verified two models of the signature architecture using two representative formal methods. In the first, we specify a data model of the architecture in Z that we extend to a trace model and interactively verify by theorem proving. In the second, we model the architecture as a system of communicating processes that we verify by finite-state model checking. We provide a detailed comparison of these two different approaches to formalization (infinite state with rich data types versus finite state) and verification (theorem proving versus model checking). Contrary to common belief, our case study suggests that Z is well suited for temporal reasoning about process models with complex operations on data. Moreover, our comparison highlights the advantages of proving theorems about such models and provides evidence that, in the hands of an experienced user, theorem proving may be neither substantially more time-consuming nor more complex than model checkin

Discourses on social software

Can computer scientists contribute to the solution of societal problems? Can logic help to model social interactions? Are there recipes for making groups with diverging preferences arrive at reasonable decisions? Why is common knowledge important for social interaction? Does the rational pursuit of individual interests put the public interest in danger, and if so, why? Discourses on Social Software sheds light on these and similar questions. This book offers the reader an ideal introduction to the exciting new field of social software. It shows in detail the many ways in which the seemingly abstract sciences of logic and computer science can be put to use to analyse and solve contemporary social problems. The unusual format of a series of discussions among a logician, a computer scientist, a philosopher and some researchers from other disciplines encourages the reader to develop his own point of view. The only requirements for reading this book are a nodding familiarity with logic, a curious mind, and a taste for spicy debate.Kunnen de computerwetenschappers bijdragen aan een oplossing van sociale problemen? Kan logica gebruikt worden om sociale interactie te modelleren? Zijn er regels op te stellen om groepen met afwijkende voorkeuren tot redelijke besluiten te laten komen? Discourses on Social Software biedt de lezer een ideale inleiding op (nog nieuwe) gebied van sociale software. Het toont in detail de vele manieren waarin de schijnbaar abstracte wetenschappen van logica en computerwetenschap aan het werk kunnen worden gezet om eigentijdse sociale problemen te analyseren en op te lossen. Door de ongebruikelijke aanpak in dit boek, namelijk door discussies tussen een logicus, een computerwetenschapper, een filosoof en onderzoekers uit andere disciplines, wordt de lezer aangemoedigd zijn eigen standpunt te ontwikkelen. De enige vereisten om dit boek te lezen zijn enige vertrouwdheid met de logica, een nieuwsgierige geest, en liefde voor een pittig debat