Actor-network Procedures: Modeling Multi-factor Authentication, Device Pairing, Social Interactions

Abstract

As computation spreads from computers to networks of computers, and migrates into cyberspace it ceases to be globally programmable, but it remains programmable indirectly and partially: network computations cannot be controlled, but they can be steered by imposing local constraints on network nodes. The tasks of "programming" global behaviors through local constraints belong to the area of security. The "program particles" that assure that a system of local interactions leads towards some desired global goals are called security protocols. They are the software connectors of modern, world wide software systems. As computation spreads beyond cyberspace, into physical and social spaces, new security tasks and problems arise. As computer networks are extended by nodes with physical sensors and controllers, including the humans, and interlaced with social networks, the engineering concepts and techniques of computer security blend with the social processes of security, that evolved since the dawn of mankind. These new connectors for computational and social software require a new "discipline of programming" of global behaviors through local constraints. Since the new discipline seems to be emerging from a combination of established models of security protocols with older methods of procedural programming, we use the name procedures for these new connectors, that generalize protocols. In the present paper we propose actor-networks as a formal model of computation in heterogenous networks of computers, humans and their devices, where these new procedures run; and we introduce Procedure Derivation Logic (PDL) as a framework for reasoning about security in actor-networks. On the way, we survey the guiding ideas of Protocol Derivation Logic (also PDL) that evolved through our work in security in last 10 years. Both formalisms are geared towards graphic reasoning and, ultimately, tool support. We illustrate their workings by analysing a form of two-factor authentication.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Aug 29, 2011
Accession Number
ADA613156

Entities

People

  • Catherine Meadows
  • Dusko Pavlovic

Organizations

  • United States Naval Research Laboratory

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Authentication
  • Communication Channels
  • Computer Access Control
  • Computer Networks
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Cryptography
  • Cybersecurity
  • Cyberspace
  • Mobile Phones
  • Multi-Factor Authentication
  • Network Science
  • Reasoning
  • Security Protocols
  • Social Networks

Fields of Study

  • Computer science

Readers

  • Artificial Intelligence
  • Parallel and Distributed Computing.
  • Strategic Security Studies

Technology Areas

  • Cyber
  • Space