{"title":"移动代理系统的正式安全框架:规范和验证","authors":"M. Loulou, A. Kacem, M. Jmaiel, M. Mosbah","doi":"10.1109/CRISIS.2008.4757465","DOIUrl":null,"url":null,"abstract":"Security in mobile agent systems is twofold: protection of mobile agents and protection of agent execution system. Indeed, the proposed solutions for the security of distributed systems arenpsilat sufficient. Moreover, therepsilas no solution which treats the different concerns of security in the mobile agent systems. To achieve this goal, we use formal foundations which provide a rigorous reasoning about security of mobile agent systems. We propose in this paper a formal framework for the security in mobile agent systems which consists of three basic frameworks. The specification framework proposes, explicitly, a generic definition of security policies that may be enhanced by several concepts related to one or more security models. For illustration, we present a security policy enhancement based on the concepts of the RBAC model. Inevitably, we associate to the specification framework a verification framework which checks the consistency of the proposed specifications as well as the consistency intra-policy. In response to the dynamic changes of security requirements in mobile agent systems, we propose a third framework for the reconfiguration of policies.","PeriodicalId":346123,"journal":{"name":"2008 Third International Conference on Risks and Security of Internet and Systems","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"A formal security framework for mobile agent systems: Specification and verification\",\"authors\":\"M. Loulou, A. Kacem, M. Jmaiel, M. Mosbah\",\"doi\":\"10.1109/CRISIS.2008.4757465\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Security in mobile agent systems is twofold: protection of mobile agents and protection of agent execution system. Indeed, the proposed solutions for the security of distributed systems arenpsilat sufficient. Moreover, therepsilas no solution which treats the different concerns of security in the mobile agent systems. To achieve this goal, we use formal foundations which provide a rigorous reasoning about security of mobile agent systems. We propose in this paper a formal framework for the security in mobile agent systems which consists of three basic frameworks. The specification framework proposes, explicitly, a generic definition of security policies that may be enhanced by several concepts related to one or more security models. For illustration, we present a security policy enhancement based on the concepts of the RBAC model. Inevitably, we associate to the specification framework a verification framework which checks the consistency of the proposed specifications as well as the consistency intra-policy. In response to the dynamic changes of security requirements in mobile agent systems, we propose a third framework for the reconfiguration of policies.\",\"PeriodicalId\":346123,\"journal\":{\"name\":\"2008 Third International Conference on Risks and Security of Internet and Systems\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 Third International Conference on Risks and Security of Internet and Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CRISIS.2008.4757465\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 Third International Conference on Risks and Security of Internet and Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CRISIS.2008.4757465","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A formal security framework for mobile agent systems: Specification and verification
Security in mobile agent systems is twofold: protection of mobile agents and protection of agent execution system. Indeed, the proposed solutions for the security of distributed systems arenpsilat sufficient. Moreover, therepsilas no solution which treats the different concerns of security in the mobile agent systems. To achieve this goal, we use formal foundations which provide a rigorous reasoning about security of mobile agent systems. We propose in this paper a formal framework for the security in mobile agent systems which consists of three basic frameworks. The specification framework proposes, explicitly, a generic definition of security policies that may be enhanced by several concepts related to one or more security models. For illustration, we present a security policy enhancement based on the concepts of the RBAC model. Inevitably, we associate to the specification framework a verification framework which checks the consistency of the proposed specifications as well as the consistency intra-policy. In response to the dynamic changes of security requirements in mobile agent systems, we propose a third framework for the reconfiguration of policies.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
