4 research outputs found
Strategic logics : complexity, completeness and expressivity
by transferring normative attributes from an agent to another. Such interactions are called delegation. Formal models of delegation and control were studied in, e.g., [189, 149, 191]. In this work, we consider the scenario where agents delegate control over propositions to other agents. The distinction between controllable and uncontrollable propositions stems from areas like discrete event systems and control theory, where, e.g., Boutilier [39] studied control in the context of deontic logic. Control and controllable propositions were also studied in [52, 66, 249, 248]. We now give an overview of the thesis. The main purpose of Chapter 2 is to introduce basic concepts and notation and to review relevant literature. The first section presents a brief survey on modal logic. Then, in sections 2.2, 2.3 and 2.4, we introduce epistemic, temporal and strategic modal logics and state known results that characterise their expressivity and computational complexity. In particular, we consider variants of ATL as extensions of branching-time logics. With such ATL-like logics we can describe dynamic multi-agent interactions. In Section 2.5, we discuss extensions of ATL with epistemic notions. Additionally, we suggest a framework for memory-bounded strategic reasoning. In particular, we introduce an epistemic variant of ATL that accounts for agents with limited memory resources as this case was neglected in the literature to date. In Chapter 3, we investigate the computational complexity of ATL and its epistemic extension ATEL. We show in detail how 'the complexity of the satisfiability problem for both logics can be settled at ExpTIME-complete. The part of the chapter about ATL is based on the paper 'ATL Satisfiability is Indeed ExpTIME-COmplete' by Walther, Lutz, Wolter and Wooldridge in the Journal of Logic and Computation, 2006 (265)' and the part about ATEL is based on the paper 'ATEL with Common and Distributed Knowledge is ExpTime-Complete' by Walther which was presented at the 4th Workshop on Methods for Modalities, Humbolt University, Berlin, December 1-2, 2005 [264]. In Chapter 4, we aim to extend the expressiveness of ATL without increasing its computational complexity. We introduce explicit names for strategies in the object language and extend modal operators with the possibility to bind agents to strategy names. In this way, we can fix the decisions of agents that possibly belong to several coalitions. By identifying the behaviqur of agents, we can reason about the effects of agents changing coalitions. Dynamic coalitions provide more flexibility to adapt abilities to a changing environment. We investigate the expressivity of the resulting logic ATLES and compare it to ATL and ATL*. Moreover, we formulate two model checking problems for ATLES and investigate their complexity as well as the complexity of the satisfiability problem for ATLES. Additionally, we present a complete axiomatisation. This chapter is based on the paper 'Alternating-time Temporal Logic with Explicit Strategies' by Walther, van der Hoek and Wooldridge which is going to presented at the 11th Conference on Theoretical Aspects of Rationality and Knowledge (TARK), Brussels, Belgium, June 25-27, 2007 [266]
Model Checking Security Protocols: A Multiagent System Approach
Security protocols specify the communication required to achieve security objectives, e.g., data-privacy. Such protocols are used in electronic media: e-commerce, e-banking, e-voting, etc. Formal verification is used to discover protocol-design flaws. In this thesis, we use a multiagent systems approach built on temporal-epistemic logic to model and analyse a bounded number of concurrent sessions of authentication and key-establishment protocols executing in a Dolev-Yao environment. We increase the expressiveness of classical, trace-based frameworks by mapping each protocol requirement into a hierarchy of temporal-epistemic formulae. To automate our methodology, we design and implement a tool called PD2IS. From a high-level protocol description, PD2IS produces our protocol model and the temporal-epistemic specifications of the protocol’s goals. This output is verified with the model checker MCMAS. We benchmark our methodology on various protocols drawn from standard repositories. We extend our approach to formalise protocols described by equations of cryptographic primitives. The core of this extension is an indistinguishability relation to accommodate the underlying protocol equations. Based on this relation, we introduce a knowledge modality and an algorithm to model check multiagent systems against it. These techniques are applied to verify e-voting protocols. Furthermore, we develop our methodology towards intrusion-detection techniques. We introduce the concept of detectability, i.e., the ability of protocol participants to detect jointly that the protocol is being attacked. We extend our formalisms and PD2IS to support detectability analysis. We model check several attack-prone protocols against their detectability specifications
Model checking security protocols : a multiagent system approach
Security protocols specify the communication required to achieve security objectives, e.g.,
data-privacy. Such protocols are used in electronic media: e-commerce, e-banking, e-voting,
etc. Formal verification is used to discover protocol-design flaws.
In this thesis, we use a multiagent systems approach built on temporal-epistemic logic
to model and analyse a bounded number of concurrent sessions of authentication and
key-establishment protocols executing in a Dolev-Yao environment. We increase the expressiveness
of classical, trace-based frameworks by mapping each protocol requirement into a
hierarchy of temporal-epistemic formulae.
To automate our methodology, we design and implement a tool called PD2IS. From a
high-level protocol description, PD2IS produces our protocol model and the temporal-epistemic
specifications of the protocol’s goals. This output is verified with the model checker MCMAS.
We benchmark our methodology on various protocols drawn from standard repositories.
We extend our approach to formalise protocols described by equations of cryptographic
primitives. The core of this extension is an indistinguishability relation to accommodate the
underlying protocol equations. Based on this relation, we introduce a knowledge modality and
an algorithm to model check multiagent systems against it. These techniques are applied to
verify e-voting protocols.
Furthermore, we develop our methodology towards intrusion-detection techniques. We
introduce the concept of detectability, i.e., the ability of protocol participants to detect
jointly that the protocol is being attacked. We extend our formalisms and PD2IS to support
detectability analysis. We model check several attack-prone protocols against their detectability
specifications