Title: A Security Architectural Approach for Risk Assessment Using Multi-agent Systems Engineering
Abstract: The analysis of incidents resulting in damage to information systems show that most losses were still due to errors or omissions by authorized users, actions of disgruntled employees, and an increase in external penetrations of systems by outsiders. Ideally, information systems security enables management to have confidence that their computational systems will provide the information requested and expected, while denying accessibility to those who have no right to it. Traditional controls are normally inadequate in previous mentioned cases or are focused on the wrong threat, resulting in the exposure of vulnerability. Security is a critical parameter for the expansion and wide usage of agent technology. A threat model is constructed and subsequently the basic techniques to deal effectively with these threats are analyzed. Then this paper presents a dynamic, extensible, configurable and interoperable security architecture for multi-agent systems applied to security assessment services. It is explained how this architecture can be used to tackle a big part of security threats. All the components of the security architecture are analyzed while we also argue for the benefits they offer. . Such information security changes often encourage the creation of new security schemas or security improvements. Accommodating frequent systems information changes requires a network security system be more flexible than currently prevalent systems. Consequently, there has recently been an increasing interest in flexible network security and disaster recovery systems.