TY - GEN
T1 - Verifying security policies in multi-agentworkflows with loops
AU - Finkbeiner, Bernd
AU - Müller, Christian
AU - Seidl, Helmut
AU - Zãlinescu, Eugen
N1 - Publisher Copyright:
© 2017 author(s).
PY - 2017/10/30
Y1 - 2017/10/30
N2 - We consider the automatic verification of information flow security policies of web-based workflows, such as conference submission systems like EasyChair. Our workflow description language allows for loops, non-deterministic choice, and an unbounded number of participating agents. The information flow policies are specified in a temporal logic for hyperproperties. We show that the verification problem can be reduced to the satisfiability of a formula of firstorder linear-time temporal logic, and provide decidability results for relevant classes of workflows and specifications. We report on experimental results obtained with an implementation of our approach on a series of benchmarks.
AB - We consider the automatic verification of information flow security policies of web-based workflows, such as conference submission systems like EasyChair. Our workflow description language allows for loops, non-deterministic choice, and an unbounded number of participating agents. The information flow policies are specified in a temporal logic for hyperproperties. We show that the verification problem can be reduced to the satisfiability of a formula of firstorder linear-time temporal logic, and provide decidability results for relevant classes of workflows and specifications. We report on experimental results obtained with an implementation of our approach on a series of benchmarks.
UR - http://www.scopus.com/inward/record.url?scp=85041446027&partnerID=8YFLogxK
U2 - 10.1145/3133956.3134080
DO - 10.1145/3133956.3134080
M3 - Conference contribution
AN - SCOPUS:85041446027
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 633
EP - 645
BT - CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security
PB - Association for Computing Machinery
T2 - 24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017
Y2 - 30 October 2017 through 3 November 2017
ER -