A security-aware metamodel for multi-agent systems (MAS)
Introduction
In the context of conceptual modelling and model-driven software engineering, (software) agents can be defined as conceptual entities that exhibit autonomy, situatedness and interactivity. They are situated in an environment in which they are able to sense and respond to changes. Agents have been found useful in model-based development of open, distributed and heterogeneous systems. However, as has been argued in the literature [23], for agent technology to be widely recognized, the security issues that surround agents must be resolved.
Research efforts, so far, have mainly focused on solving individual security problems of multi-agent systems (MAS), such as attacks by an agent on another agent, attacks from a platform on an agent, and/or attacks from an agent on a platform [14]. Security is not yet considered as part of the development process of a MAS. This is partly because existing methodologies, modelling languages and methods for the development of MASs do not generally incorporate abstractions and processes that support the consideration of security issues. Rather security is often considered only after the design of the system has been finalised, which leads to various security vulnerabilities [19].
In this paper, we produce a methodology-independent security (meta) model that can be used in the construction of any situated methodology [7] as required by the context of the MAS development project. It is aligned with model-based security (MBS) as proposed in [16] as a means of supporting the consideration of security from the early stages of the information system development process. Initially, high abstraction models are constructed and transformed, following a standard model-driven engineering (MDE) approach, into more precise models until code-specific models can be produced. We believe this approach, combining agents and security in an MDE context, can be successfully employed in the overall development of a multi-agent software system. Towards this, this paper provides the foundations for the construction of the models in the form of an agent-oriented modelling language that incorporates security considerations.
We present a MAS metamodel that defines security concepts along with agent development concepts. Our MAS metamodel described in this paper has the capacity to model the security requirements of any given MAS independently of the process used to create it. It is based on the FAML (FAME1 Agent-oriented Modelling Language) generic metamodel [1] and previous work on security-aware agent metamodels [2]. The chosen security concepts are designated into two sets: run-time concepts and design-time concepts. Each set has two scopes: system-related or agent-internals-related scope. Our work is part of a greater effort to develop secure multi-agent systems, based on the application of model-based security and a conceptual modelling approach to address security requirements of multi-agent systems, as suggested in recent work e.g. [10], [19]. This allows developers to account for security of a MAS early during the development of the system rather than as a costly afterthought.
The rest of this paper is organized as follows: Section 2 describes related work. Section 3 briefly outlines the FAML metamodel and the analytic process used to identify the required security modelling units (classes in the metamodel). Section 4 articulates the MAS-specific security concerns of any MAS and associates these with basic modelling primitives. Section 5 incorporates these primitives into our metamodel and extends the metamodel to accommodate all security concerns identified in Section 4. Section 6 illustrates the semantics of the modelling units of our metamodel on a P2P community sharing application illustrating our model-driven approach to develop a securitised MAS. Finally, Section 7 concludes with a discussion of future work.
Section snippets
Modelling and developing secure agent-oriented systems
The term agent derives from the present particle of the Latin verb agere, which means to drive, act, lead or do [5]. Although there is no standard definition of what a software agent is, it is widely agreed that, in broad terms, an agent demonstrates the following properties: (i) Autonomy. Agents operate without the direct intervention of humans or others, and have some kind of control over their actions and internal state; (ii) Social ability. Agents interact with other agents (and possibly
The FAME agent-oriented modelling language
Within the overall framework of the FAME (Framework for Agent-oriented Method Engineering) project, we have identified the need to include a modelling language. Such a modelling language defines concepts from which can be instantiated modelling elements from which a model (a design) can be constructed. The design can then be hand-coded or used as the input to model-based (or model-driven) information systems development, as in MDE (model-driven engineering) or a specific flavour of MDE like
Security requirements of a MAS
In this section, we analyse the security requirement of multi-agent systems to extend FAML to support modelling of security concerns. The extension of FAML consists of two sets of modelling classes (metaclasses): One set to model the security requirements of a multi-agent system (MAS) identified by the developer during the design stage; and another to model security actions satisfying the security requirements. These modelling classes will be added to the four views of the FAML metamodel shown
Proposed metamodel
This section presents the new version of FAML which accounts for security requirements. The new security concepts added to FAML are first presented (Table 4). As these concepts are added, some existing FAML concepts are changed and some new non-security concepts are added (Table 5). The new ‘securitised’ FAML is presented in Fig. 6, Fig. 7, Fig. 8, Fig. 9.
As noted in the previous section, MAS-specific security requirements are of two kinds. The first kind refers to general security requirements
Illustration of the metamodel on a MAS application
As a practical illustration of security concepts in FAML, we consider a community-based search MAS application that we designed in [34]. This is a very complex application that involves most concepts of FAML. However, we will only give examples of the security-related concepts. We first describe the application and then show how FAML assists in identifying and modelling security issues.
Discussion, conclusions and future work
In this paper, we have presented work that provides the foundation towards a model-based security approach for the development of secure multi-agent systems. In particular, we have extended the FAME Modelling Language (FAML) and we have defined a metamodel that supports the development of security models for agent-oriented systems. The original FAML metamodel [1] did not accommodate the security requirements of the system nor allow description of security solutions such as the ones discussed in
References (37)
Method engineering: engineering of information systems development methods and tools
Information and Software Technology
(1996)- et al.
Developing and evaluating a generic metamodel for MAS work products
- G. Beydoun, G. Low, H. Mouratidis, B. Henderson-Sellers, Modelling MAS-specific security features, in: Proceedings of...
- G. Beydoun, N. Tran, G. Low, B. Henderson-Sellers, Foundations of Ontology-based Methodologies for Multi-agent Systems,...
- N. Borselius, Security in Multi-Agent Systems, International Conference on Security and Management (SAM02), Las Vegas,...
Software Agents
(1997)- et al.
TROPOS: an agent-oriented software development methodology
Journal of Autonomous Agents and Multi-agent Systems
(2004) - M. Esteva, Electronic Institutions: From Specification to Development, Artificial Intelligence Research Insitute, UAB –...
- M. Esteva, D. de la Cruz, C. Sierra, ISLANDER: an electronic institutions editor, in: International Conference on...
- P. Giorgini, F. Massacci, J. Mylopoulos, N. Zannone, Requirements engineering meets trust management, in: Second...
An agent-based approach for building complex software systems
Communications of the ACM
MDA Explained: The Model Driven Architecture – Practice and Promise
Cited by (44)
scenario modeling for government big data governance decision-making: Chinese experience with public safety services
2022, Information and ManagementCitation Excerpt :For the purpose of this research, a GBDG scenario meta-model was developed to provide generic knowledge for scenario modeling. Agent Modeling Language (AML) was used to develop the scenario meta-model [[34], [8]]. This process involved first extracting the general scenario elements that were relevant to all available GBDG scenario models (or other relevant models that contain scenario elements, including GBDG influencing factor models, GBDG evaluation models, and GBDG decision-making framework).
Agent action diagram: Toward a model for emergency management system
2019, Simulation Modelling Practice and TheoryA model-driven approach for constructing ambient assisted-living multi-agent systems customized for Parkinson patients
2016, Journal of Systems and SoftwareA complete approach for CIM modelling and model formalising
2015, Information and Software TechnologyAgent's security during communication in mobile agents system
2015, Procedia Computer ScienceDevelopment and validation of a Disaster Management Metamodel (DMM)
2014, Information Processing and Management