TY - GEN
T1 - Engineering multi-agent systems
AU - Artz, Donovan
AU - Cicirello, Vincent A.
AU - Regli, William C.
AU - Kam, Moshe
PY - 2004
Y1 - 2004
N2 - Security of an agent system is often limited, relying on basic cryptographic techniques without consideration of issues such as key maintenance, forming and communicating in secure groups, or interlayer security. From a security engineering perspective, multi-agent systems introduce new channels and possibly layers, resulting in additional security concerns. A comprehensive security engineering perspective - studying the informationflow of the multi-layered system, identifying, analysing and addressing multi-level security threats - is rarely taken. This paper presents a security engineering process for multi-agent systems - motivating the need for comprehensive security engineering and showing how to proceed with the process within an agent system. One of the largest obstacles in security engineering is understanding how to decompose a system into the parts that require security. This paper provides a decomposition for agent systems that can be directly applied to the security engineering process. Examples are given that detail the application of the presented security engineering process to: 1) a FIPA-compliant agent system; and 2) peer-to-peer content lookup. The most important contribution of this paper, is proposing a formal approach to addressing security within an agent system, where there exist unique and application-specific threats that must be addressed.
AB - Security of an agent system is often limited, relying on basic cryptographic techniques without consideration of issues such as key maintenance, forming and communicating in secure groups, or interlayer security. From a security engineering perspective, multi-agent systems introduce new channels and possibly layers, resulting in additional security concerns. A comprehensive security engineering perspective - studying the informationflow of the multi-layered system, identifying, analysing and addressing multi-level security threats - is rarely taken. This paper presents a security engineering process for multi-agent systems - motivating the need for comprehensive security engineering and showing how to proceed with the process within an agent system. One of the largest obstacles in security engineering is understanding how to decompose a system into the parts that require security. This paper provides a decomposition for agent systems that can be directly applied to the security engineering process. Examples are given that detail the application of the presented security engineering process to: 1) a FIPA-compliant agent system; and 2) peer-to-peer content lookup. The most important contribution of this paper, is proposing a formal approach to addressing security within an agent system, where there exist unique and application-specific threats that must be addressed.
UR - http://www.scopus.com/inward/record.url?scp=17644381310&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=17644381310&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:17644381310
SN - 0780387996
SN - 9780780387997
T3 - 2004 IEEE 1st Symposium on Multi-Agent Security and Survivability
SP - 100
EP - 107
BT - 2004 IEEE 1st Symposium on Multi-Agent Security and Survivability
T2 - 2004 IEEE 1st Symposium on Multi-Agent Security and Survivability
Y2 - 30 August 2004 through 31 August 2004
ER -