Multi-agent systems (MASs) are a powerful paradigm which enables very effective software engineering techniques, but at the same time easily lets the designer be oblivious of the emergent security problems. This can be a critical issue, especially when MASs are exploited as an infrastructure to provide secure services. This paper performs a security analysis of such a scenario, by identifying threats and assessing risks that could interfere with the achievement of the overall application's goal, that is access control, as a consequence of its MAS-based implementation. The process is exemplified with reference to a specific application domain, yet serves as a starting point for a broader goal: defining a general methodology for modelling the security problems surrounding the operation and application of MASs.
reference publication