Formalising theories of trust for authentication protocols
Information Systems Frontiers
Analysis of authentication protocols in agent-based systems using labeled tableaux
IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics - Special issue on cybernetics and cognitive informatics
| Hi-index | 0.00 |
The goal of an authentication system is to verify and authorise users, in order to protect restricted data and information. After authentication, two principals (people, computers, services) in a distributed system should be entitled to believe that they are com- municating with each other and not with intruders. Therefore it is important to express such beliefs precisely and to capture the reasoning that leads to them. In this paper, we focus on analysis of agent beliefs in dynamic environments in a formal framework based on a combination of a belief logic with a temporal logic. Through a well-known protocol example, that is, Kerberos, we dis- cuss how to express principal agent beliefs involved in authentica- tion protocols and the evolution of these beliefs as a consequence of communication, since trust is based on a series of observations of agents. Our approach is general and could be used for design- ing, verifying and implementing authentication protocols.