Collaborative Systems with Confidentiality
Professor Max Kanovich :: Tuesday 3rd February 2009
Venue: Room 245 @ 1200
Abstract. Traditional research in information security (by which we mean the
protection of confidential information)
involves a single agent confronting an arbitrary number
of potential external threats. But increasingly, security concerns are
paramount where there are two or more collaborating agents.
While these agents are still subject to arbitrary external threats,
they also represent security threats to each other.
They have to share information in such a way that their common goals
for collaboration can be met without compromising confidentiality.
Collaboration among organizations or individuals is common.
While these participants are often unwilling to
share all their information with each other, some information
sharing is unavoidable when achieving a common goal. The need
to share information and the desire to keep it confidential
are two competing notions which affect the outcome of a
collaboration.
When collaborating agents share sensitive information to
achieve a common goal they must decide if doing so
will lead to an unwanted release of confidential data.
These decisions are based on which agents are involved,
what those agents can do in the given context, and
the individual confidentiality preferences of each agent.
We propose a formal model of collaboration which addresses
confidentiality concerns.
In particular, this model allows us to interpret policy
compliance (system compliance, plan compliance and
weak plan compliance) corresponding to different
levels of trust among the agents.
We will also discuss the (un)decidability and complexity issues.
The work is joint with Paul Rowe and Andre Scedrov, University
of Pennsylvania, Philadelphia, PA.
Bio. Max is a Professor of Computer Science at the Queen Mary, University of London. His research interests include developing formalisms to specify and investigate security problems in multi-agent systems.
Materials: slides (.pdf)