Towards a Formal Model of Privacy-Sensitive Dynamic Coalitions

TL;DR

This paper proposes a formal framework using Abstract State Machines to model and verify privacy-sensitive dynamic coalitions, focusing on access control policies and process formalization to enhance security and correctness.

Contribution

It extends existing dynamic coalition models with access control policies and demonstrates the use of ASM for formalizing and verifying privacy-sensitive coalition processes.

Findings

Formal ASM models effectively represent access control in dynamic coalitions.

Logical analysis improves understanding and verification of coalition security.

First formal approach to privacy-sensitive dynamic coalition modeling.

Abstract

The concept of dynamic coalitions (also virtual organizations) describes the temporary interconnection of autonomous agents, who share information or resources in order to achieve a common goal. Through modern technologies these coalitions may form across company, organization and system borders. Therefor questions of access control and security are of vital significance for the architectures supporting these coalitions. In this paper, we present our first steps to reach a formal framework for modeling and verifying the design of privacy-sensitive dynamic coalition infrastructures and their processes. In order to do so we extend existing dynamic coalition modeling approaches with an access-control-concept, which manages access to information through policies. Furthermore we regard the processes underlying these coalitions and present first works in formalizing these processes. As a result of the present paper we illustrate the usefulness of the Abstract State Machine (ASM) method for this task. We demonstrate a formal treatment of privacy-sensitive dynamic coalitions by two example ASMs which model certain access control situations. A logical consideration of these ASMs can lead to a better understanding and a verification of the ASMs according to the aspired specification.